urlscan.io logo urlscan.io
SecurityTrails logo

promo.stormgain.com Open in urlscan Pro
2606:4700::6811:1c22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ww1.capitplone.com/
Effective URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Submission: On July 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 7 countries across 47 domains to perform 165 HTTP transactions. The main IP is 2606:4700::6811:1c22, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.stormgain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time promo.stormgain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 91.195.240.50 47846 (SEDO-AS)
1 205.234.175.175 30081 (CACHENETW...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
2 52.7.145.236 14618 (AMAZON-AES)
2 18.195.123.247 16509 (AMAZON-02)
1 2 195.161.21.2 8342 (RTCOMM-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 35.234.86.61 15169 (GOOGLE)
40 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.89.153 16509 (AMAZON-02)
13 104.109.77.38 16625 (AKAMAI-AS)
14 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:b... 15169 (GOOGLE)
1 13.224.96.61 16509 (AMAZON-02)
3 7 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 142.250.74.198 15169 (GOOGLE)
2 185.59.220.194 60068 (CDN77 ^_^)
5 2a03:2880:f01... 32934 (FACEBOOK)
1 6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 44.230.206.19 16509 (AMAZON-02)
7 34.96.102.137 15169 (GOOGLE)
1 52.212.94.185 16509 (AMAZON-02)
1 13.224.96.11 16509 (AMAZON-02)
1 1 63.35.200.21 16509 (AMAZON-02)
13 16 52.17.210.139 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a03:2880:f11... 32934 (FACEBOOK)
1 13.224.96.22 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 34.253.3.7 16509 (AMAZON-02)
2 142.250.185.194 15169 (GOOGLE)
1 13.224.96.68 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 3.126.63.176 16509 (AMAZON-02)
1 70.42.32.31 22075 (AS-OUTBRAIN)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 13.248.245.213 16509 (AMAZON-02)
1 2 52.58.182.33 16509 (AMAZON-02)
1 2 37.252.172.249 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
4 5 216.58.212.162 15169 (GOOGLE)
2 35.194.81.74 15169 (GOOGLE)
1 44.242.0.74 16509 (AMAZON-02)
1 54.71.178.83 16509 (AMAZON-02)
2 2 37.252.172.250 29990 (ASN-APPNEX)
2 8 52.35.149.136 16509 (AMAZON-02)
2 2 76.223.111.131 16509 (AMAZON-02)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
2 2 52.30.222.33 16509 (AMAZON-02)
1 1 185.29.132.68 30419 (MEDIAMATH...)
1 69.173.144.138 26667 (RUBICONPR...)
1 44.239.227.182 16509 (AMAZON-02)
165 54
4    91.195.240.50 (Germany)

ASN47846 (SEDO-AS, DE)
ww1.capitplone.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
1    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.sedodna.com
2    52.7.145.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
gloos-ves.com
2    18.195.123.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
scided-mington.com
2    195.161.21.2 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: ns.roskazna.ru
go.cityclub.finance
1    2606:4700:20::ac43:4691 (United States)

ASN13335 (CLOUDFLARENET, US)
stormgain.ck-cdn.com
1    35.234.86.61 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
go.stormgain.app
40    2606:4700::6811:1c22 (United States)

ASN13335 (CLOUDFLARENET, US)
promo.stormgain.com
lib.stormgain.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.224.89.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-153.zrh50.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
13    104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
14    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net
static.hotjar.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
9514594.fls.doubleclick.net
2    185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net
a.opmnstr.com
a.omappapi.com
5    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a02:26f0:6c00::210:baab (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.adroll.com
1    44.230.206.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
a.ad.gt
7    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dev.visualwebsiteoptimizer.com
1    52.212.94.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
tealium-proxy.stormgain.com
1    13.224.96.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-11.zrh50.r.cloudfront.net
script.hotjar.com
1    63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.mgr.consensu.org
16    52.17.210.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    34.253.3.7 (United Kingdom)

ASN16509 (AMAZON-02, US)
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    13.224.96.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-68.zrh50.r.cloudfront.net
api.omappapi.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4009:815::2004 (London, United Kingdom)

ASN15169 (GOOGLE, US)
www.google.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
2    52.58.182.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
5    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net
2    35.194.81.74 (Washington, United States)

ASN15169 (GOOGLE, US)
r3.visualwebsiteoptimizer.com
1    44.242.0.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
aufp.io
1    54.71.178.83 (Boardman, United States)

ASN16509 (AMAZON-02, US)
p.ad.gt
2    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
8    52.35.149.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ids.ad.gt
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    52.30.222.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.29.132.68 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    44.239.227.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
pixels.ad.gt
Apex Domain
Subdomains		 Transfer
41 stormgain.com
promo.stormgain.com
lib.stormgain.com
tealium-proxy.stormgain.com
2 MB
22 adroll.com
s.adroll.com
d.adroll.com
30 KB
14 gstatic.com
fonts.gstatic.com
261 KB
13 tiqcdn.com
tags.tiqcdn.com
51 KB
11 ad.gt
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt
15 KB
10 doubleclick.net
9514594.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
3 KB
9 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
r3.visualwebsiteoptimizer.com
87 KB
7 facebook.com
www.facebook.com
868 B
5 yandex.com
mc.yandex.com
2 KB
5 google-analytics.com
www.google-analytics.com
62 KB
5 facebook.net
connect.facebook.net
324 KB
4 adnxs.com
ib.adnxs.com
secure.adnxs.com
4 KB
4 capitplone.com
ww1.capitplone.com
3 KB
3 pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
1 KB
3 es.io
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io Failed
3 google.de
adservice.google.de
www.google.de
519 B
3 google.com
adservice.google.com
www.google.com
719 B
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
64 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
15 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 adsrvr.org
match.adsrvr.org
963 B
2 openx.net
us-u.openx.net
479 B
2 bidswitch.net
x.bidswitch.net
871 B
2 3lift.com
eb2.3lift.com
738 B
2 rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
453 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 omappapi.com
api.omappapi.com
a.omappapi.com
12 KB
2 googleadservices.com
www.googleadservices.com
18 KB
2 yandex.ru
mc.yandex.ru
47 KB
2 cityclub.finance
go.cityclub.finance
2 KB
2 scided-mington.com
scided-mington.com
2 KB
2 gloos-ves.com
gloos-ves.com
3 KB
1 mathtag.com
sync.mathtag.com
639 B
1 aufp.io
aufp.io
3 KB
1 taboola.com
sync.taboola.com
247 B
1 yahoo.com
ads.yahoo.com
445 B
1 outbrain.com
sync.outbrain.com
477 B
1 advertising.com
pixel.advertising.com
125 B
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 opmnstr.com
a.opmnstr.com
56 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 mxpnl.com
cdn.mxpnl.com
25 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 stormgain.app
go.stormgain.app
632 B
1 ck-cdn.com
stormgain.ck-cdn.com
679 B
1 sedodna.com
xml.sedodna.com
280 B
1 sedoparking.com
img.sedoparking.com
5 KB
165 47
Domain Requested by
36 promo.stormgain.com promo.stormgain.com
16 d.adroll.com 13 redirects promo.stormgain.com
14 fonts.gstatic.com fonts.googleapis.com
13 tags.tiqcdn.com promo.stormgain.com
tags.tiqcdn.com
8 ids.ad.gt 2 redirects promo.stormgain.com
7 www.facebook.com promo.stormgain.com
7 dev.visualwebsiteoptimizer.com tags.tiqcdn.com
dev.visualwebsiteoptimizer.com
promo.stormgain.com
6 s.adroll.com 1 redirects tags.tiqcdn.com
promo.stormgain.com
s.adroll.com
d.adroll.com
5 cm.g.doubleclick.net 4 redirects promo.stormgain.com
5 mc.yandex.com 2 redirects promo.stormgain.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
promo.stormgain.com
5 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
4 lib.stormgain.com promo.stormgain.com
4 ww1.capitplone.com 2 redirects ww1.capitplone.com
3 96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io promo.stormgain.com
3 9514594.fls.doubleclick.net 1 redirects tags.tiqcdn.com
adservice.google.com
2 match.prod.bidr.io 2 redirects
2 image2.pubmatic.com 2 redirects
2 match.adsrvr.org 2 redirects
2 secure.adnxs.com 2 redirects
2 r3.visualwebsiteoptimizer.com promo.stormgain.com
2 us-u.openx.net 1 redirects promo.stormgain.com
2 ib.adnxs.com 1 redirects promo.stormgain.com
2 x.bidswitch.net 1 redirects promo.stormgain.com
2 eb2.3lift.com 1 redirects promo.stormgain.com
2 dsum-sec.casalemedia.com 1 redirects promo.stormgain.com
2 www.google.de promo.stormgain.com
9514594.fls.doubleclick.net
2 www.google.com 1 redirects promo.stormgain.com
2 www.googleadservices.com 9514594.fls.doubleclick.net
www.googleadservices.com
2 mc.yandex.ru 1 redirects tags.tiqcdn.com
2 fonts.googleapis.com ajax.googleapis.com
2 go.cityclub.finance 1 redirects
2 scided-mington.com gloos-ves.com
2 gloos-ves.com ww1.capitplone.com
gloos-ves.com
1 pixels.ad.gt p.ad.gt
1 token.rubiconproject.com promo.stormgain.com
1 sync.mathtag.com 1 redirects
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 sync.taboola.com promo.stormgain.com
1 ads.yahoo.com promo.stormgain.com
1 simage2.pubmatic.com promo.stormgain.com
1 sync.outbrain.com promo.stormgain.com
1 pixel.advertising.com promo.stormgain.com
1 pixel.rubiconproject.com promo.stormgain.com
1 a.omappapi.com promo.stormgain.com
1 googleads.g.doubleclick.net 1 redirects
1 stats.g.doubleclick.net promo.stormgain.com
1 api.omappapi.com promo.stormgain.com
1 adservice.google.de 1 redirects
1 vars.hotjar.com static.hotjar.com
1 adservice.google.com 9514594.fls.doubleclick.net
1 d.adroll.mgr.consensu.org 1 redirects
1 script.hotjar.com static.hotjar.com
1 tealium-proxy.stormgain.com promo.stormgain.com
1 a.ad.gt tags.tiqcdn.com
1 a.opmnstr.com tags.tiqcdn.com
1 www.googletagmanager.com tags.tiqcdn.com
1 static.hotjar.com tags.tiqcdn.com
1 cdn.mxpnl.com tags.tiqcdn.com
1 d3e54v103j8qbb.cloudfront.net promo.stormgain.com
1 ajax.googleapis.com promo.stormgain.com
1 go.stormgain.app 1 redirects
1 stormgain.ck-cdn.com go.cityclub.finance
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com ww1.capitplone.com
165 66

This site contains links to these domains. Also see Links.

Domain
app.stormgain.com
bit.ly
sponsorship.sportbusiness.com
finance.yahoo.com
t.me
Subject Issuer Validity Valid
scided-mington.com
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
go.cityclub.finance
R3		 2021-06-19 -
2021-09-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
a.opmnstr.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
adroll.com
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
tealium-proxy.stormgain.com
Amazon		 2020-11-07 -
2021-12-06		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
api.opmnstr.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
a.omappapi.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-07-08 -
2021-08-25		 2 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
aufp.io
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh

This page contains 5 frames:

Primary Page: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Frame ID: B986F6F8EFC06EEEB7EB380A1E45680A
Requests: 156 HTTP requests in this frame

Frame: https://9514594.fls.doubleclick.net/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075
Frame ID: E97F8FF09ABFE4D1CD6F086A71D80CB1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Frame ID: F80A8C13A27CE299F483AFEA55AFBF02
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: B077C6C502E3A18D0AE17A45070C0F10
Requests: 1 HTTP requests in this frame

Frame: https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Frame ID: D1CC81E60A65BFD63939083121D7E92D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ww1.capitplone.com/ Page URL
  2. http://ww1.capitplone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY... HTTP 302
    http://ww1.capitplone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY... HTTP 302
    http://xml.sedodna.com/click?i=VT7DdDo9elY_0 HTTP 302
    http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0... Page URL
  3. http://gloos-ves.com/zcredirect?visitid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&type=js&browserWidth... Page URL
  4. https://scided-mington.com/zp-redirect?target=https%3A%2F%2Fgo.cityclub.finance%2Fclick-BQS1AFNK-KHEQCO... Page URL
  5. https://scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby5jaXR5Y2x1Yi5maW5hbmNlL2NsaWNrLUJRUzFBRk... Page URL
  6. https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-... Page URL
  7. https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-... HTTP 303
    https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337 Page URL
  8. https://go.stormgain.app/visit/?bta=101469&afp2=8WmZ1UslHQZ9NAG&nci=11003&oref=https%3A%2F%2Fgo%2Ecit... HTTP 302
    https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i
Overall confidence: 100%
Detected patterns
  • script /dev\.visualwebsiteoptimizer\.com/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • meta generator /Webflow/i

Page Statistics

165
Requests

95 %
HTTPS

31 %
IPv6

47
Domains

66
Subdomains

54
IPs

7
Countries

2844 kB
Transfer

5071 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ww1.capitplone.com/ Page URL
  2. http://ww1.capitplone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY_0&amp;v=NmFiNTJiZmMzNGIwZjhmNjkzYjczZDI1OWZhZjNhOGIJMQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjNkNS43Mjg3MzE0OQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjZlMC4zNDM5MTc2MAkxNjI2Mzk5NjgwCWFkXzYzXzA=&amp;l=OAliOWQxM2Y3OGRhNTYyMWUyY2MwYjBlODljMjBmNTIyMgkwCTEzCTAJOGI2MTM3MWU4YWE2MTA3NWIyMjQ3ZjM1MDU1YmY4MzUJMjU1MjY3OTY1CWNhcGl0cGxvbmUJMAk2Mwk1CTU5CTE2MjYzOTk2ODAJMC4wMDcwMTEJTgkwCTAJMAkxMDY0CTgyMjY0NzEyCTE1OS40OC41My4yMjMJMA%3D%3D HTTP 302
    http://ww1.capitplone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY_0&amp;v=NmFiNTJiZmMzNGIwZjhmNjkzYjczZDI1OWZhZjNhOGIJMQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjNkNS43Mjg3MzE0OQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjZlMC4zNDM5MTc2MAkxNjI2Mzk5NjgwCWFkXzYzXzA=&amp;l=OAliOWQxM2Y3OGRhNTYyMWUyY2MwYjBlODljMjBmNTIyMgkwCTEzCTAJOGI2MTM3MWU4YWE2MTA3NWIyMjQ3ZjM1MDU1YmY4MzUJMjU1MjY3OTY1CWNhcGl0cGxvbmUJMAk2Mwk1CTU5CTE2MjYzOTk2ODAJMC4wMDcwMTEJTgkwCTAJMAkxMDY0CTgyMjY0NzEyCTE1OS40OC41My4yMjMJMA%3D%3D HTTP 302
    http://xml.sedodna.com/click?i=VT7DdDo9elY_0 HTTP 302
    http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b Page URL
  3. http://gloos-ves.com/zcredirect?visitid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://scided-mington.com/zp-redirect?target=https%3A%2F%2Fgo.cityclub.finance%2Fclick-BQS1AFNK-KHEQCOZH%3Fbt%3D25%26tl%3D1%26sa%3Dw3kte3ilu9vtfh29is3s1vd4%26sa2%3D36521fb3-8c8b-485a-9d60-d9d5db8334c6&caid=36521fb3-8c8b-485a-9d60-d9d5db8334c6&zpid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&cid=w3kte3ilu9vtfh29is3s1vd4&rt=D Page URL
  5. https://scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby5jaXR5Y2x1Yi5maW5hbmNlL2NsaWNrLUJRUzFBRk5LLUtIRVFDT1pIP2J0PTI1JnRsPTEmc2E9dzNrdGUzaWx1OXZ0ZmgyOWlzM3MxdmQ0JnNhMj0zNjUyMWZiMy04YzhiLTQ4NWEtOWQ2MC1kOWQ1ZGI4MzM0YzY&ts=1626399681391&hash=Fdz_9jfhH_st89YEuq2izOKrCA9s7rPl0fZwUBbOk4I&rm=D Page URL
  6. https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6 Page URL
  7. https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6&no_cookie=1&rfr=NNNNTlXo%2BfpNO9KCmxiGm8xiF8mAmqSAFHmBGv%2FK0eLbXFxbljZPNNNNNNNVvk8%3D&widht=1600&height=1200&timezone=-120 HTTP 303
    https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337 Page URL
  8. https://go.stormgain.app/visit/?bta=101469&afp2=8WmZ1UslHQZ9NAG&nci=11003&oref=https%3A%2F%2Fgo%2Ecityclub%2Efinance%2F HTTP 302
    https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://ww1.capitplone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY_0&amp;v=NmFiNTJiZmMzNGIwZjhmNjkzYjczZDI1OWZhZjNhOGIJMQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjNkNS43Mjg3MzE0OQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjZlMC4zNDM5MTc2MAkxNjI2Mzk5NjgwCWFkXzYzXzA=&amp;l=OAliOWQxM2Y3OGRhNTYyMWUyY2MwYjBlODljMjBmNTIyMgkwCTEzCTAJOGI2MTM3MWU4YWE2MTA3NWIyMjQ3ZjM1MDU1YmY4MzUJMjU1MjY3OTY1CWNhcGl0cGxvbmUJMAk2Mwk1CTU5CTE2MjYzOTk2ODAJMC4wMDcwMTEJTgkwCTAJMAkxMDY0CTgyMjY0NzEyCTE1OS40OC41My4yMjMJMA%3D%3D HTTP 302
  • http://ww1.capitplone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY_0&amp;v=NmFiNTJiZmMzNGIwZjhmNjkzYjczZDI1OWZhZjNhOGIJMQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjNkNS43Mjg3MzE0OQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYjZlMC4zNDM5MTc2MAkxNjI2Mzk5NjgwCWFkXzYzXzA=&amp;l=OAliOWQxM2Y3OGRhNTYyMWUyY2MwYjBlODljMjBmNTIyMgkwCTEzCTAJOGI2MTM3MWU4YWE2MTA3NWIyMjQ3ZjM1MDU1YmY4MzUJMjU1MjY3OTY1CWNhcGl0cGxvbmUJMAk2Mwk1CTU5CTE2MjYzOTk2ODAJMC4wMDcwMTEJTgkwCTAJMAkxMDY0CTgyMjY0NzEyCTE1OS40OC41My4yMjMJMA%3D%3D HTTP 302
  • http://xml.sedodna.com/click?i=VT7DdDo9elY_0 HTTP 302
  • http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b
Request Chain 8
  • https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6&no_cookie=1&rfr=NNNNTlXo%2BfpNO9KCmxiGm8xiF8mAmqSAFHmBGv%2FK0eLbXFxbljZPNNNNNNNVvk8%3D&widht=1600&height=1200&timezone=-120 HTTP 303
  • https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337
Request Chain 78
  • https://9514594.fls.doubleclick.net/activityi;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075 HTTP 302
  • https://9514594.fls.doubleclick.net/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075
Request Chain 88
  • https://s.adroll.com/j/exp/QY53BTS2IZASVN2T6XPVNN/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 90
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/QY53BTS2IZASVN2T6XPVNN?_s=3e41ca91b3dc30f043474cd2f0c222d4&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/QY53BTS2IZASVN2T6XPVNN/?_s=3e41ca91b3dc30f043474cd2f0c222d4&_b=2
Request Chain 97
  • https://adservice.google.de/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/ HTTP 302
  • https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Request Chain 99
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9335.7h4qzI7BqFDEaDyZqzPiJDxvXcoLwtNSUjAGDoftHnkMvtNc3zK7d4gIzmHy01_k.IgYiYuTnbhhPB1GhhVznbyCKtvE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9335.JUkOExfOPEIIesUFJzyRxHED47N5dhlx6OVYpagwMf_59iRc8KEiemZbMi4FUoB7dhdg83Z60ztF7S-Aa6YkBA%2C%2C.-yibjgREppE53ys9RrwBCFWOqcQ%2C
Request Chain 110
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9514594.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLjc-vq65vECFYeDgwcdBx4LMw%3Bsrc%3D9514594%3Btype%3Dinvmedia%3Bcat%3Dwebsi001%3Bord%3D7203726792034.075%3B~oref%3Dhttps%3A%2F%2Fpromo.stormgain.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=w-PwYOjvIN3G7_UPjb6g-A0&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9514594.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLjc-vq65vECFYeDgwcdBx4LMw%3Bsrc%3D9514594%3Btype%3Dinvmedia%3Bcat%3Dwebsi001%3Bord%3D7203726792034.075%3B~oref%3Dhttps%3A%2F%2Fpromo.stormgain.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=w-PwYOjvIN3G7_UPjb6g-A0&random=3947823430&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9514594.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLjc-vq65vECFYeDgwcdBx4LMw%3Bsrc%3D9514594%3Btype%3Dinvmedia%3Bcat%3Dwebsi001%3Bord%3D7203726792034.075%3B~oref%3Dhttps%3A%2F%2Fpromo.stormgain.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=w-PwYOjvIN3G7_UPjb6g-A0&random=3947823430&resp=GooglemKTybQhCsO&ipr=y
Request Chain 111
  • https://mc.yandex.com/watch/54334408?wmode=7&page-url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&page-ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A53048299392%3Ahid%3A662292218%3Az%3A120%3Ai%3A20210716034123%3Aet%3A1626399683%3Ac%3A1%3Arn%3A943993274%3Au%3A162639968379345207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626399682087%3Ads%3A16%2C37%2C99%2C20%2C118%2C0%2C%2C589%2C4%2C%2C%2C%2C863%3Adsn%3A15%2C38%2C98%2C21%2C118%2C0%2C%2C571%2C5%2C%2C%2C%2C862%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626399684%3At%3AStormGain%20All-in-One%20Krypto-Plattform HTTP 302
  • https://mc.yandex.com/watch/54334408/1?wmode=7&page-url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&page-ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A53048299392%3Ahid%3A662292218%3Az%3A120%3Ai%3A20210716034123%3Aet%3A1626399683%3Ac%3A1%3Arn%3A943993274%3Au%3A162639968379345207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626399682087%3Ads%3A16%2C37%2C99%2C20%2C118%2C0%2C%2C589%2C4%2C%2C%2C%2C863%3Adsn%3A15%2C38%2C98%2C21%2C118%2C0%2C%2C571%2C5%2C%2C%2C%2C862%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626399684%3At%3AStormGain%20All-in-One%20Krypto-Plattform
Request Chain 126
  • https://d.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&pv=70126693343.22226&cookie=&adroll_s_ref=https%3A//stormgain.ck-cdn.com/&keyw=&adroll_external_data= HTTP 302
  • https://s.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/KZSWKPPL4VEKFJC5LRIY3V.js
Request Chain 129
  • https://d.adroll.com/cm/index/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expiration=1657935684 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expiration=1657935684&C=1
Request Chain 130
  • https://d.adroll.com/cm/n/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expires=365
Request Chain 131
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 132
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Request Chain 133
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 134
  • https://d.adroll.com/cm/r/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 135
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Request Chain 136
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 137
  • https://d.adroll.com/cm/b/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Request Chain 138
  • https://d.adroll.com/cm/x/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Request Chain 140
  • https://d.adroll.com/cm/o/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=9a7a4d5bdee9bc693527ee735a587ae1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a7a4d5bdee9bc693527ee735a587ae1
Request Chain 141
  • https://d.adroll.com/cm/g/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mnpNW97pvGk1J-5zWlh64Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=mnpNW97pvGk1J-5zWlh64Q&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 145
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&adnxs_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D6ab98412-6e5c-438c-87aa-93409c6360c2%26adnxs_id%3D%24UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&adnxs_id=5627130931617909302
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=025328d2-6574-4e38-9369-a7bbcf2a52a8&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Request Chain 147
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=DFF6EEFD-B8B0-4B89-BCF1-480B581507AB&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=6ab98412-6e5c-438c-87aa-93409c6360c2&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&google_gid=CAESEBko3lTDf7_v5f1b1TOdpvw&google_cver=1&google_ula=450542624,0
Request Chain 149
  • https://ids.ad.gt/api/v1/g_hosted?id=6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmFiOTg0MTItNmU1Yy00MzhjLTg3YWEtOTM0MDljNjM2MGMy
Request Chain 150
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6ab98412-6e5c-438c-87aa-93409c6360c2&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABCDE7B4cgAAD-Al0f_Lg&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Request Chain 151
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=355e60f0-e3c4-4700-adcb-b4ad43f48a69&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Request Chain 152
  • https://ids.ad.gt/api/v1/rub?id=6ab98412-6e5c-438c-87aa-93409c6360c2 HTTP 302
  • https://token.rubiconproject.com/token?pid=50242&puid=6ab98412-6e5c-438c-87aa-93409c6360c2&gdpr=0

165 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww1.capitplone.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww1.capitplone.com/
Protocol
HTTP/1.1
Server
91.195.240.50 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash
4ba4c1d97bbb63d66435be16363cb3739a58bcfa85c09c44e8918a6423ea974c

Request headers

Host
ww1.capitplone.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 01:41:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_iht+zegXFHP6gkE1+h3fzlJx5a5PwQWheIz4ubaojq/c76aheXZyS1aawFwZ2CFWySLQAUUjDoRSYX+BI6WA5Q==
Last-Modified
Fri, 16 Jul 2021 01:41:20 GMT
X-Cache-Miss-From
parking-7d898f4f6c-dc5n9
Server
NginX
Content-Encoding
gzip
js_preloader.gif
img.sedoparking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.sedoparking.com/images/js_preloader.gif
Requested by
Host: ww1.capitplone.com
URL: http://ww1.capitplone.com/
Protocol
HTTP/1.1
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

Request headers

Referer
http://ww1.capitplone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 01:41:20 GMT
X-CF3
M
CF4ttl
31536000.000
X-CFHash
"90c93102a88c2ab94bff1575b7a6e86e"
X-CF1
11696:fB.fra2:cf:cacheN.fra2-01:H
Connection
keep-alive
Content-Length
4254
x-cf-tsc
1616487030
X-CF2
H
Last-Modified
Fri, 15 Mar 2019 12:24:07 GMT
Server
CFS 0215
X-CFF
B
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
CF4Age
0
Accept-Ranges
bytes
Expires
Fri, 23 Jul 2021 01:41:20 GMT
tsc.php
ww1.capitplone.com/search/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww1.capitplone.com/search/tsc.php?200=MjU1MjY3OTY1&21=MTU5LjQ4LjUzLjIyMw==&681=MTYyNjM5OTY4MDRjZGRhMmRmZTljNDQ2NDkxYzBhYWJjMGEyZGFlZmUy&crc=81c1592212265d94cd2d09254c48fbb506b7fe09&cv=1
Requested by
Host: ww1.capitplone.com
URL: http://ww1.capitplone.com/
Protocol
HTTP/1.1
Server
91.195.240.50 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ww1.capitplone.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://ww1.capitplone.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ww1.capitplone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 01:41:20 GMT
X-Cache-Miss-From
parking-7d898f4f6c-cqdtf
Server
NginX
Content-Length
0
Content-Type
text/html; charset=UTF-8
9232f590-d991-493f-b95d-d38c0c6cdd28
gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/
Redirect Chain
  • http://ww1.capitplone.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY_0&amp;v=NmFiNTJiZmMzNGIwZjhmNjkzYjczZDI1OWZhZjNhOGIJMQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYj...
  • http://ww1.capitplone.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DVT7DdDo9elY_0&amp;v=NmFiNTJiZmMzNGIwZjhmNjkzYjczZDI1OWZhZjNhOGIJMQl3dzEuY2FwaXRwbG9uZS5jb202MGYwZTNjMDExYj...
  • http://xml.sedodna.com/click?i=VT7DdDo9elY_0
  • http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b
996 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b
Requested by
Host: ww1.capitplone.com
URL: http://ww1.capitplone.com/
Protocol
HTTP/1.1
Server
52.7.145.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ZeroPark-Traffic /
Resource Hash
66d32a3db0a72b6dadfe439c0c0079d0cb8772732f955eef49f0fe2f87d93bcf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
gloos-ves.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ww1.capitplone.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://ww1.capitplone.com/

Response headers

Date
Fri, 16 Jul 2021 01:41:21 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Cache-Control
no-store
Content-Length
0
Age
0
Connection
keep-alive
Location
http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b
Pragma
no-cache
zcredirect
gloos-ves.com/ 		820 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gloos-ves.com/zcredirect?visitid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: gloos-ves.com
URL: http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b
Protocol
HTTP/1.1
Server
52.7.145.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ZeroPark-Traffic /
Resource Hash
eec870309d38ed70c8d2ae32ee0ef7971a826b713eacba8664910cc9e7f65840
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
gloos-ves.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://gloos-ves.com/zcvisitor/eb866e70-e5d6-11eb-a3d7-12b9fe7b538b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=4b8c1ba0-e580-11eb-a743-12beee04f19b

Response headers

Date
Fri, 16 Jul 2021 01:41:21 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Cookie set zp-redirect
scided-mington.com/ 		511 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scided-mington.com/zp-redirect?target=https%3A%2F%2Fgo.cityclub.finance%2Fclick-BQS1AFNK-KHEQCOZH%3Fbt%3D25%26tl%3D1%26sa%3Dw3kte3ilu9vtfh29is3s1vd4%26sa2%3D36521fb3-8c8b-485a-9d60-d9d5db8334c6&caid=36521fb3-8c8b-485a-9d60-d9d5db8334c6&zpid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&cid=w3kte3ilu9vtfh29is3s1vd4&rt=D
Requested by
Host: gloos-ves.com
URL: http://gloos-ves.com/zcredirect?visitid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
86fb3d403e00e63b83303a7d22f91cd12c2bb349963ea1beb96a700ee18089d8

Request headers

Host
scided-mington.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://gloos-ves.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://gloos-ves.com/

Response headers

Server
nginx
Date
Fri, 16 Jul 2021 01:41:21 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
511
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
36521fb3-8c8b-485a-9d60-d9d5db8334c6-v4=36521fb3-8c8b-485a-9d60-d9d5db8334c6; Max-Age=86400; Expires=Sat, 17-Jul-2021 01:41:21 GMT; Domain=scided-mington.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=5r3sQm3GkMpeXl6JBe2qEt2%2BOl33Juc7jXvVD%2B28Kq%2BwFqKX76PvQL0%2FgSx%2FQN0JsdE4lQ%2BBpKZjJYRc83FU83Dx0bQi%2BAoY%2FLCAqa2HqG45pMMoAnH%2FlipXShhoPlfD5tD%2BLNlEwbDQFpr4u9pcBA%3D%3D; Max-Age=31536000; Expires=Sat, 16-Jul-2022 01:41:21 GMT; Domain=scided-mington.com; Path=/; Secure; HttpOnly;SameSite=None
redirect
scided-mington.com/ 		343 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby5jaXR5Y2x1Yi5maW5hbmNlL2NsaWNrLUJRUzFBRk5LLUtIRVFDT1pIP2J0PTI1JnRsPTEmc2E9dzNrdGUzaWx1OXZ0ZmgyOWlzM3MxdmQ0JnNhMj0zNjUyMWZiMy04YzhiLTQ4NWEtOWQ2MC1kOWQ1ZGI4MzM0YzY&ts=1626399681391&hash=Fdz_9jfhH_st89YEuq2izOKrCA9s7rPl0fZwUBbOk4I&rm=D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a88fb30ebe893afe33ab5adb2792770a22dae64f45100cd0857b9369c2d440fc

Request headers

Host
scided-mington.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://scided-mington.com/zp-redirect?target=https%3A%2F%2Fgo.cityclub.finance%2Fclick-BQS1AFNK-KHEQCOZH%3Fbt%3D25%26tl%3D1%26sa%3Dw3kte3ilu9vtfh29is3s1vd4%26sa2%3D36521fb3-8c8b-485a-9d60-d9d5db8334c6&caid=36521fb3-8c8b-485a-9d60-d9d5db8334c6&zpid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&cid=w3kte3ilu9vtfh29is3s1vd4&rt=D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
36521fb3-8c8b-485a-9d60-d9d5db8334c6-v4=36521fb3-8c8b-485a-9d60-d9d5db8334c6; cc-v4=5r3sQm3GkMpeXl6JBe2qEt2%2BOl33Juc7jXvVD%2B28Kq%2BwFqKX76PvQL0%2FgSx%2FQN0JsdE4lQ%2BBpKZjJYRc83FU83Dx0bQi%2BAoY%2FLCAqa2HqG45pMMoAnH%2FlipXShhoPlfD5tD%2BLNlEwbDQFpr4u9pcBA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://scided-mington.com/zp-redirect?target=https%3A%2F%2Fgo.cityclub.finance%2Fclick-BQS1AFNK-KHEQCOZH%3Fbt%3D25%26tl%3D1%26sa%3Dw3kte3ilu9vtfh29is3s1vd4%26sa2%3D36521fb3-8c8b-485a-9d60-d9d5db8334c6&caid=36521fb3-8c8b-485a-9d60-d9d5db8334c6&zpid=eb866e70-e5d6-11eb-a3d7-12b9fe7b538b&cid=w3kte3ilu9vtfh29is3s1vd4&rt=D

Response headers

Server
nginx
Date
Fri, 16 Jul 2021 01:41:21 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
343
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Cookie set click-BQS1AFNK-KHEQCOZH
go.cityclub.finance/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.161.21.2 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
ns.roskazna.ru
Software
nginx /
Resource Hash

Request headers

Host
go.cityclub.finance
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://scided-mington.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://scided-mington.com/

Response headers

Server
nginx
Date
Fri, 16 Jul 2021 01:41:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
PHPSESSID=cl13j56e0bm50pjuh92seo7747; path=/; SameSite=None; Secure cnt=623b9533517af51b9e7d1839f5f21dcf; expires=Sat, 16-Jul-2022 01:41:21 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.cityclub.finance init_referer=NNNNTlXo%2BfpNO9KCmxiGm8xiF8mAmqSAFHmBGv%2FK0eLbXFxbljZPNNNNNNNVvk8%3D; expires=Fri, 16-Jul-2021 01:42:21 GMT; Max-Age=60; path=/; SameSite=None; Secure; skip_js_r=1; expires=Sun, 15-Aug-2021 01:41:21 GMT; Max-Age=2592000; path=/; SameSite=None; Secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
/
stormgain.ck-cdn.com/tn/serve/geoGroup/
Redirect Chain
  • https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6&no_cookie=1&rfr=NNNNTlXo%2BfpNO9KCmxiGm8xiF8mAmqSAFHmBGv%2FK0eLbX...
  • https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337
198 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337
Requested by
Host: go.cityclub.finance
URL: https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
stormgain.ck-cdn.com
:scheme
https
:path
/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://go.cityclub.finance/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://go.cityclub.finance/click-BQS1AFNK-KHEQCOZH?bt=25&tl=1&sa=w3kte3ilu9vtfh29is3s1vd4&sa2=36521fb3-8c8b-485a-9d60-d9d5db8334c6

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-type
text/html
cache-control
private
referer
https://go.cityclub.finance/
http_referer
https://go.cityclub.finance/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH19dS9sAxgYEqTi4ju6OWtqSmuBcyd%2B8AQoJNIwEZgVo3uHKop3ssUW3ThPpDgU8xF1PQ67KqvA2jG1Ks%2Fq2zr1Mj14B6vObKe8OtWv3fzXR5Fzw4607BMeOeY4PmbIT4AtJ158lP017YNSRREAUyDa"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66f7871c5903caf8-ARN
content-encoding
br

Redirect headers

Server
nginx
Date
Fri, 16 Jul 2021 01:41:21 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
cnt=623b9533517af51b9e7d1839f5f21dcf; expires=Sat, 16-Jul-2022 01:41:21 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.cityclub.finance pc=C%BEC2%BA%F6%86%E8%86%9C%DC%2A%2F%F8%E6%06%BA%40; expires=Sat, 16-Jul-2022 01:41:21 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=cityclub.finance
P3P
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337
Primary Request /
promo.stormgain.com/lp/de-de/crypto-mining-dt/
Redirect Chain
  • https://go.stormgain.app/visit/?bta=101469&afp2=8WmZ1UslHQZ9NAG&nci=11003&oref=https%3A%2F%2Fgo%2Ecityclub%2Efinance%2F
  • https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560548145c043d26f0bfb9317bcc67b7c13e9b812e9ab5b0ef464e98b2acfe94

Request headers

:method
GET
:authority
promo.stormgain.com
:scheme
https
:path
/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://stormgain.ck-cdn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://stormgain.ck-cdn.com/tn/serve/geoGroup/?rgid=3&bta=101469&afp2=8WmZ1UslHQZ9NAG&afp3=AT1&nci=7337

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-type
text/html
cf-ray
66f7871e2a300bb5-AMS
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
cf-cache-status
DYNAMIC
x-amz-id-2
5FWQuwBoias804r/Tbg3yPYCOO6oy1+6btq2WKTPaMwpHLiGh3a8bTYDkUyU49FXfMiD/DTUE14=
x-amz-request-id
DQTWVA67DC4FNCP6
x-amz-version-id
zA1yC2s2e5vDufbB8NaJFRw1H7qEchJe
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=; path=/; expires=Fri, 16-Jul-21 02:11:22 GMT; domain=.stormgain.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
server
cloudflare
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server
rhino-core-shield
Date
Fri, 16 Jul 2021 01:41:22 GMT
Content-Type
text/html; Charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
private,no-cache
Pragma
no-cache
Expires
Thu, 15 Jul 2021 01:41:20 GMT
Location
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Set-Cookie
sgcpa=afp=%7Cafp2%3A8WmZ1UslHQZ9NAG&bta=101469&Visitors=q&cid=467573; expires=Mon, 16-Aug-2021 01:41:20 GMT; path=/
X-Cache-Status
MISS
Access-Control-Allow-Origin
*
normalize.css
promo.stormgain.com/lp/de-de/crypto-mining-dt/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/normalize.css
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

:path
/lp/de-de/crypto-mining-dt/css/normalize.css
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTHJQ4XQRD1GEPX
etag
W/"4951cc88307c632cf285d3ba988ab283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-ray
66f7871eec7600df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
Wq0dAfsJhVm56hHenIggP1wKQ_xxRA6m
x-amz-id-2
6FOS7sqdAfkx0eK09ndnVdijhB0MeIXOnbqDQlbyqRuq3aGNFmW76LFSYwRC04LOXG42f6j3+Bg=
webflow.css
promo.stormgain.com/lp/de-de/crypto-mining-dt/css/ 		38 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/webflow.css
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97d14fec5d6701af7d0ca981b55ff1285d9f3803ede75efc91103160a94369a

Request headers

:path
/lp/de-de/crypto-mining-dt/css/webflow.css
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTTPWYKRME64TQJ
etag
W/"c58487eed2621a7eb2cbbdda9c77dbf2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-ray
66f7871eec7500df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
CpG67AequDBaWSMUzf0xL_wRdf7HnZHu
x-amz-id-2
1/yYIksU3Gr5IrbJgz2ABZjFt81DA78g4XQ0J1kXmeDus7bxlwzeUGXNZGvH22Mv2zj7qrNZIdc=
mining-sa-dt.webflow.css
promo.stormgain.com/lp/de-de/crypto-mining-dt/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d680ebfda2e6c2ed8cee986ed9f4e04af3b9aaf5613e4eb70ea5321bd140ec

Request headers

:path
/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTKQE741RNCDTTK
etag
W/"b2ab57fca76973889062ea1f1134a7c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-ray
66f7871eec7800df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
fTZOJ5tMFANRObdZZf4DHnwlMd4Qd255
x-amz-id-2
NxPdDkkOdYGiOJaYqpz5PqEt54n9y/vjCGfgZpcYdFkBGA2hCLijVnSRZewW0d1a911Mq5/3fyQ=
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 00:11:42 GMT
x-content-type-options
nosniff
age
5380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13188
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Jul 2022 00:11:42 GMT
css
fonts.googleapis.com/ 		13 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff114468cbd016564880f20ac65c57cf97eeea5e2465046e702821e8090ede13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 00:43:25 GMT
server
ESF
date
Fri, 16 Jul 2021 01:41:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jul 2021 01:41:22 GMT
elastic-apm-js-base.umd.min.js
promo.stormgain.com/lp/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428b9bc25ec719872c7d99f4c5a05922d685662cfdcb6511a076a6a250f2d6cf

Request headers

:path
/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:34 GMT
server
cloudflare
x-amz-request-id
DQTVQGRXMEWQ251C
etag
W/"e83d4462eb7745142e336c144bc03041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
66f7871fbd5e00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
rxDBDmfk4dMOYlVGN75UdJ6kDASl28J4
x-amz-id-2
/fyI8pfcrwwUdMxPvCe22GUbJ3JYeuDJj3lMhIb4+bbRG4DGmAHio3Xxe/h3I+mxLHWrHDAPmCA=
1-copy.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/1-copy.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83cc3cf55c72741f9b1292fe21d7e22d5f1fe1a1556851eea001068cb74fda5e

Request headers

:path
/lp/de-de/crypto-mining-dt/images/1-copy.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTPGCKVVSK61E9A
etag
W/"9ffcd4ff692e491276b2bf986614ad69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be7900df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
PjbW4dwqP_anABWYu6XuNoxjjv45EU_t
x-amz-id-2
rglnziVye5JbLgdfi978I7TkzQ5dl24MrxCF3sh9cI+NcFHnUfXxwYNzLGZt9cIqDJHjek1yDNQ=
Vector_1Vector.png
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		128 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Vector_1Vector.png
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
537b7e9f74e8ac9627e6146fba6657bfa769168e497ab19b7f0937f91993e62c

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Vector_1Vector.png
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTYZ28GZQCJN829
etag
"af433df9c6279e58806dd5da66f13cfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
content-length
128
cf-ray
66f78720be7b00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
vFowG2VxFGUp8KCEgITG3siWK4RziesY
x-amz-id-2
QbsBSEOXfrLVxT87MnYM9vgNbfMfuF5oIXpccGHvXhB0DicZASYXkbilosrW8J2i+NBZW5RgZI8=
Frame-85.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Frame-85.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cfecd65c10d3ef17e65631efe0274deb821626fe10f59e2e7c69c855c9ad668

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Frame-85.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTSEJJKVFNPTW57
etag
W/"e590a1af5f8e4efa8dcfba04224b0cd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be7c00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
K_FVN9ZJ_BtIyN9xg15yH3dOuWEDyal2
x-amz-id-2
TviNrjRSwQSOEjH60cv9NEKBiczFbE6VL1CDtRJFA+AdLQNDr5oKx3jRf3PpqD5jOZQxnawNeDs=
Logos.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		82 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Logos.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d44e8837a56a091717a079c265dd0e809b722edcfde8577fff6fe14e231aba

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Logos.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTW5KVY257ZNYDT
etag
W/"6461b7f1133b5e2a308fba0d2b1e993a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be7d00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
FrmixhlOhbOG8xrR1MD9h53hazXysPR4
x-amz-id-2
56c71zJclckP+13ch2vX/niL25Rrq7JThY8xn78P8iQ1R30SvZsBLWA8JSM9V8UbHBTG7PxV/EE=
Frame-85-1.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		39 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Frame-85-1.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eabd5905017cbddd848e7643f0b6e4ebf9d73d02513737ada324c2ddf3966e9

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Frame-85-1.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTKNQFP1H31GCRJ
etag
W/"dc55608a3b77611230c321fd1cdb37dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8000df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
fq9TOd3qC8Pc83VJLSTbSNH90a2hGjiT
x-amz-id-2
L0GBQaGBdfghJqxSEKUITv69nXwavb1Ym0N2Zs29Hp15+0Bkb9D+I+Exzji39vt9VhGK3xmbfzo=
anim-SG-01-d.gif
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		275 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/anim-SG-01-d.gif
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152278ba0fd2a6ddd2ca40ecfc92c786960fb0f2cc31f20ed72071d3f2c1bc46

Request headers

:path
/lp/de-de/crypto-mining-dt/images/anim-SG-01-d.gif
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTNN0XB8QPPCPHB
etag
"95b82fa80cf95332a1ee5868a4bbf6fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
content-length
281919
cf-ray
66f78720be8100df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
Wej9TJrnUzdTqqlTUkq1Mvy2RhnqsRI1
x-amz-id-2
soxjG6Uncs6Fmsy4evo2wO8Vwwg1K41fiuGdW+REavXsr6ySwGtSgaTy5R7lMpZwfZbY+ZjZ6vc=
anim-SG-02-d.gif
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/anim-SG-02-d.gif
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60ccf2927a761cbc52ffe03b83656c1d4469b0ee2cee0a3b5c3da23ea1cf34e

Request headers

:path
/lp/de-de/crypto-mining-dt/images/anim-SG-02-d.gif
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTRJWHAH1CP1FMP
etag
"bed47474c10e7b03e5d76e6e392b3151"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
content-length
295870
cf-ray
66f78720be8300df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
6eL2gkjWQCYw5lU_z21kdfaMVkW5LsWK
x-amz-id-2
yeiZJZ26Wllgo/g8/4R3/8D7PY1h4oi1SeQNbUhPpwj4zvsz2SnpwbN+zsNpH7HEZnvUp50ZH00=
anim-SG-03-d.gif
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/anim-SG-03-d.gif
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b226df072fad784b2b42176d4bc2f3137d8f03026c1d4b5f242a854d2b8362

Request headers

:path
/lp/de-de/crypto-mining-dt/images/anim-SG-03-d.gif
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTGHZGZPFSERPQH
etag
"7102c30045508948182b675c6cf44466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
content-length
191111
cf-ray
66f78720be8400df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
XevVjnq3R.CFcNzzBaPah2AwjWT3xacf
x-amz-id-2
lZoEqpsZMQfbNYiR4YQpA0IcY1Q2iEUrPZt9jiA2Zuh0HAN2Gkhmwq0iiG0cqAk1hG0/yUkNXy4=
logo-garden.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		130 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-garden.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f0e71592c8cff9138b2b41002edbc9bdc5a556d041f3a22a08800eee96c7bd

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-garden.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTYT2Z7264BX7S5
etag
W/"390dfd52851ed7cac9e61e33963425d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8500df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
yDrXXMvwkRVDUIvf0gPDTDLamVLxRvzn
x-amz-id-2
XLps3y3cCng/5f5XvZFuOydYrcypqEfQ1pk6f/soYDiVQ6hnl1vc6QJyJZMbkdDrLQitdDwpAaE=
logo-topnav-1.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		19 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-topnav-1.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba72ca34d507f9d072e742bb8983373bbbfeb94613c5a642ec8b1ecd6e8a5b18

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-topnav-1.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTRYG7P5DN5EXP7
etag
W/"69fa57ff8d0c72ea3a1f6b834b38aab2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8600df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
fJCkib.SsTImRmc317zEdN.Np5cW3ghV
x-amz-id-2
5Dyaf1E3zlppsUqNQhG+7gsiJxML9YiMc3mg4EQJmwSBbmF62yRlUND4I1DBBKJ02DgN1aPrMEo=
logo-potato.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		23 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-potato.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8852eaf668a3a4e474fef03ad4f7fd192daaae7b53b867b2af17ca0bf5ffc6e3

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-potato.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTMTY8RA2XS4JX9
etag
W/"1185bafca41d50dd7b30c4bea9be5f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8700df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
nO.gtwE_MqT0.djgodd6Jj8crcjmcYQ4
x-amz-id-2
mMGQyt7htYcD/1zUZM+iuh68kw+qjbQePtiYxpzc89wVd9esLMQkoeG9/COdlFnNIU0tS/iWDPg=
btom-1.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/btom-1.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d40c0ba725ac30e695c939d476f5edcd15fa5a57eef4e2559e9429b7187505

Request headers

:path
/lp/de-de/crypto-mining-dt/images/btom-1.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTGQPP8Y0BZDPQ7
etag
W/"924133c89c285ab197e32ac0c2b0932f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8900df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
P9DwLvyopLX3GzPaM6SetPSd7wFJ9L6s
x-amz-id-2
la5JC+AB13iF5j1dTw/GNmuOsLBf1CJVTuQEjx3/lNE3dvIkTQCoPH3W3CjvTdKA8dXq38FFklg=
logo-sportbusiness.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		47 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-sportbusiness.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6577555b311db9f4225b64e790f5100719a4614ede854d6068e35eb371133861

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-sportbusiness.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTZDHE2276ERR6W
etag
W/"d6301bcd02aff05988ff926a1cbe695d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8a00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
YWf1OyXLSmkRcbBBeeZ3qVI_kgTceltG
x-amz-id-2
zYXAHB5lXBhOFCw0+5/Zcuwre7Sqb53ijv7CYWT5YK10FvuU38Zd8CREZD/kKLW0UNZnRCfRaCA=
logo-sportspro.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		33 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-sportspro.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770a709ef69d4a0288c9d225673a95f45a35f777f6a83d03ec8579ee2f547a0e

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-sportspro.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTW4VBYPBDWNVJK
etag
W/"16573d42197df014c42a567b943db201"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8b00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
OIg0.Hn_ujbVMvnj._6Btab_QIHo6P3q
x-amz-id-2
f3aHdbYX0kZSafA1fCEsu1iYe9LGv6VvF/ea3DOAI6fvuOD6V5LTM0NCeHQYY+cEp2P+0ULiKzQ=
logo-yahoofin.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		24 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-yahoofin.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6accef3ac12225d441826402d800b0aafa7547dad2000950c88ceaa670009858

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-yahoofin.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTW9CG14FQKYY17
etag
W/"5130c3db7beb0dee4e9e38c6b36bd180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be8f00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
rlt7ZhwaP._cYXQdRH6GqU7klxnL.IkC
x-amz-id-2
pGPMTL/BEY147ceyZAd+TkcuH6si0yL4h1FiZ0xROrVvFnJ0incfRK/4TDS+us4srx7aCKi32Yg=
finmagnates-1.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/finmagnates-1.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa3dea24c33bf0ba29e735bc32c19ef17df19469894f4be9d335648deee60dd7

Request headers

:path
/lp/de-de/crypto-mining-dt/images/finmagnates-1.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTN65AXW60YQHHZ
etag
W/"7c9f59c648c02f38470eb2874387f1c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9000df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
BQrKwvYZUha_RwDBqf1ZLJM7Cb9hhMa3
x-amz-id-2
o6rxck2Spzjzx1jc+w8e6SqKDcBfRWmD+VWxHscS/qmXBwBvMG4LaX7qQbJsYRKgcEPGhmQ/paM=
Mine.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Mine.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b12a281fe9d869f1f7b6263a8cf40889399cf65af390e77922c79330fb36e1c

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Mine.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTT41REH54Z86SD
etag
W/"07fe0f1f31f7c6c297b7861e8941e275"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9100df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
g.FzyJmAJtfjpCWTwZ96c8GGXGhXQHQt
x-amz-id-2
vVw3QbePWNq98j4Z1qustamfXjkbW+NWFOHg/fTDKvAM/OWeuCUeZskdCeJKsNCEjHzwpvugBBQ=
Group-5954.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Group-5954.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b502870b1e413a4deb6a9a93888074204c56397e16f66bd828dea99ea90d0c

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Group-5954.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTSFMM76Q5F49BH
etag
W/"aff7e85d9d513fe04454a11df16fafa9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9300df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
OzXPfWo1utVHuKRawfmhoTc8VoOvaL6_
x-amz-id-2
nlW9u7S+WsdfTzXRYHCe2MCc7XsnEv+shm8UdCZqEeLJvVegKBczYLp0RdqsMjT29sW8gustlgA=
Group-5953.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		1 KB
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Group-5953.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c24e008b3731cf6e98be6dccd4c174a65dda4de6920989ce8f3d6bf25ad290f

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Group-5953.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTNCZXCRKEC5G0N
etag
W/"3b8594b365a3d624eeb94990abe7d001"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9500df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
OARazeX2vdw1I7pLmacNMApfFCmZ.yb.
x-amz-id-2
pRosVivabm9RoA4cMaLF/BQv0FaUlhvQ4pbyp9L5nn2zo82I/ACkfFB8HJUS6uOnhOryEJ7ptpc=
Deposit.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Deposit.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dbb8bf7096a3790ccad6c247de898c2a6157c978824297cc319a394f48305d5

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Deposit.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTYBD580Z9N058X
etag
W/"295033030d7db7c54cbcdbea5815d6f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9600df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
4W61eWjupURcdxmiWUf3UaZ8bBtErgLg
x-amz-id-2
0gxaboeUz0cLfudCSWpP2jRLCDVjBxo3WE+4qYJiR1ZA7DGUs6xJgu7tYefgTgM6bWv+fBg1RI4=
Exchange.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Exchange.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5bde1faeea1d96a98dc2d1a6cc5a3696f0736751a82fd3549e75ef5d231dd87

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Exchange.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTXVCTE63GAJAD1
etag
W/"15b571e1992b78fd0629587dd69ea77f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9700df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
oDVHcZ383Vkld0F3qo9t9X8960szWYVT
x-amz-id-2
ssLD+eYliE6E1dgXkzXiHH0B/sZZXh8/uJaJw84/a+8M3Qd3YpWKmVExa/81aAFTNDi+Dk7KcAg=
Trade.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Trade.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a936e95dd1f0a6aba3015fd2c3e71e9fbe64de45c40f493d3882dcdfd72990f4

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Trade.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTGEMT2DD4V2KYX
etag
W/"5092fcbe7c83c384433fd8b02405ce99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9a00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
X4QI9KeHOYLB6tnxBhO3I1qZv_f8R8ou
x-amz-id-2
UK7oPXzYP1Ryw0bR3frJj9LGIUVaUaGGATNmeXXjObxK4GUOl4pq2TFdfXY3H7nu6nmIj7U24VA=
Learn.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Learn.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35038f81fc175a0d7b290668efd7669ede0f14af05f93689f359f3a4847babf6

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Learn.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTXCR2CQ3JVTGSF
etag
W/"6dc302928ef485137d5a35634b22f440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9c00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
SKDDZCQnTgH4c9XXh7op7scXwE2itpw4
x-amz-id-2
jo2a3jiT0L+ENErNqxwndADZl7o9LSyOw2kJt14JL0lSIxsb9bnvGd4hkiFmfAzKbs8gF556QUo=
telegram.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/telegram.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4521b2b4c3108811397403c47f58097d5858b3fa3495545f5bd4d089b30dc2bc

Request headers

:path
/lp/de-de/crypto-mining-dt/images/telegram.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTV0EJQRQ4T7WD0
etag
W/"ab92104b9217d2938f1fc20954339e11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720be9d00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
BrIXfJpffGF6xm9XMbODf8je7lAOYurb
x-amz-id-2
xgwkwRgD7dutMBvdRbt5s+aptkHoSz5WEnAOLVFmKGj0kBnhPGJERpxO6DPNapE5If+GoY69yAE=
twitter.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/twitter.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2fcb10f5fc755aa7cebe83b9d5d6466da2dc801ed62bb81df168fd89c1e9fa

Request headers

:path
/lp/de-de/crypto-mining-dt/images/twitter.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTJRERACQBVBQ27
etag
W/"1c5365f913f639827fff9977c1af56d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720bea000df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
.ruDCSAsa8yfNWGr9_wfcGZbYKCXfe2d
x-amz-id-2
XNdi6r6WxZcE9YaH9DpJrTGfRKaG1hg6QDT0bXEu0Y7rjYkmgSDylP1PTU1PXIlEms+zuKMK6a4=
fb.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/fb.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0ec653b732f6b21696194cd5f71f86c2b19b3fc7aa54e4c996fe5b805460db

Request headers

:path
/lp/de-de/crypto-mining-dt/images/fb.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTZGN7FJA53N32J
etag
W/"4f3378179321cc914f963a74abc92bbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720bea200df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
O4pZ07QZaFsK.m2SJ9OjG3.j7gxUzlh.
x-amz-id-2
ZdmW6Wkbel5nLDOn3HzKGQzKNalSI+Suv4XmqXKciClE+O2nlbR/LoT5qSgi0SWV08jtbQQhI4Y=
logo-hor-white.svg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/logo-hor-white.svg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a6191c3703cc9f39fc92cc063cbb5d3b8a8812100fb4c4b48042513c552e97b

Request headers

:path
/lp/de-de/crypto-mining-dt/images/logo-hor-white.svg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTPS7S0RWW4YCHB
etag
W/"f84ca1581b5fc354e60136597ea453d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
66f78720bea500df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
90qyy_rAYpYfJ6PB.lPYcgj3DkpMtJFV
x-amz-id-2
Mlhv1nNbMqMD5diAv7wMd9Syccbzad7d7MdkkRqMacmsjNjzq/WNTPRKkiDcb4oqK6J1S16s7R8=
jquery-3.4.1.min.220afd743d.js
d3e54v103j8qbb.cloudfront.net/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5f10616ed69c083cec49ea59
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-153.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://promo.stormgain.com
Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 18:57:54 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
24272
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 27 Jun 2019 18:13:30 GMT
server
AmazonS3
etag
W/"220afd743d9e9643852e31a135a9f3ae"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
0OxYx3zNIWF8crvdeBfQVNRYpxIOvU-h2u0KReYGcHRWJ-GB56Nh2A==
webflow.js
promo.stormgain.com/lp/de-de/crypto-mining-dt/js/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/js/webflow.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51232465be806b4aa6bfaf30de55262b9a5899e64a840108f2d14dda5669bed

Request headers

:path
/lp/de-de/crypto-mining-dt/js/webflow.js
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTG0Q3TE9NRSQFT
etag
W/"67236f394b4524845100986ab2da355d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
66f787201dcf00df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
lesgUv7IXXPp3Qvg1rM5bN6AGKwnQVtC
x-amz-id-2
R5tK2ce71l0JFSIJk7yaCDcueN10uYutUPQwlDIuQ+Xnur+HKD/hoLzwGsGhjBKUmYmKW9WFHYo=
landing-api.min.2.2.1.js
lib.stormgain.com/landing/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.stormgain.com/landing/js/landing-api.min.2.2.1.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
partner-code.2.js
lib.stormgain.com/partner-code/v/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.stormgain.com/partner-code/v/partner-code.2.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
utag.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		118 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b5dae4429b3ed9fdb5d2a2727efb7a1f6f10cffd9b84c90ed022be67eabee666

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 12:21:55 GMT
server
AkamaiNetStorage
etag
"810ae4cd260347ddc8a17e452bdc66fa:1624882915.022068"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
22417
expires
Fri, 16 Jul 2021 01:46:22 GMT
zYX-KVElMYYaJe8bpLHnCwDKjbLuE6ZJSdY.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX-KVElMYYaJe8bpLHnCwDKjbLuE6ZJSdY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70181b9b9ddf7a7fca711dbdedf7f5c3f081c8e3bae3e88caa8e9077e99eaee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 21:54:29 GMT
x-content-type-options
nosniff
age
272813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9864
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:10:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:54:29 GMT
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIVsdO_q.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIVsdO_q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac77a6badd86ae6d4f4b5deb862e8eca79a590ec196418dbe57a60d12708e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 13:03:22 GMT
x-content-type-options
nosniff
age
218280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10372
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:03:22 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIVsdO_q.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIVsdO_q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6af5c9a4a166a4404841ee1bbe04e74237accfd121a949ff613c39595a81ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 13:54:04 GMT
x-content-type-options
nosniff
age
215238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10184
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:54:04 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdXeFb5N.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdXeFb5N.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13a9cc41946d8bb3e7fa5d2c67876aed029fd611a781c1c0312aae8c4dd249d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Jul 2021 07:16:35 GMT
x-content-type-options
nosniff
age
411887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10176
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Jul 2022 07:16:35 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIVsdO_q.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIVsdO_q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2bdd8828bf81bc4f72d7d7df73fee259c93c4453c89507fbf479b47bfedf1d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 07:31:50 GMT
x-content-type-options
nosniff
age
238172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10580
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 07:31:50 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIVsdO_q.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIVsdO_q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39dfef8816bf9237f75549ee04476b0dac813faf11869bb0f6b0fe009ab5e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 13:46:58 GMT
x-content-type-options
nosniff
age
215664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10460
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:08:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:46:58 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIVsdO_q.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIVsdO_q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71159cc3666e230ce1daff055d8c765955a3c017f8cbf8d4334300a74ae11756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 14:01:19 GMT
x-content-type-options
nosniff
age
214803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10184
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:09:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 14:01:19 GMT
Hero-sa.jpg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		397 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Hero-sa.jpg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e684a5df5e5117ed1f36b819bf2aad86121eddd314579e682149406e30a64c2

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Hero-sa.jpg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTRD9PT11SXHS2C
etag
"54ce1edce73948b0dc58d18239b93e4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
content-length
406122
cf-ray
66f78720bea800df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
bbNs8WKgYuh8IphvVjGjcOWauKeObaqK
x-amz-id-2
VzAupT21+aBrsWaLLmgq4vyrqa5n8S16WwPHXT8Wagho+pAOUJXHWpGkCiokaFwQ//ma1z1rYvU=
Frame-89.jpg
promo.stormgain.com/lp/de-de/crypto-mining-dt/images/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/images/Frame-89.jpg
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb9705208f7a4f88ea0145833e11f9e5f70a5bdd0ab5a0d8abb8e03d1f91446

Request headers

:path
/lp/de-de/crypto-mining-dt/images/Frame-89.jpg
pragma
no-cache
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTNB04AR4GWGYCE
etag
"c2a4d1c7f0cf2e41ab7ee00a0e438a5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
content-length
108594
cf-ray
66f78720bea900df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
ZSU02Py2vvPwqRZ1wIAUd1NUab8FCTA.
x-amz-id-2
+nSG7lSXm5g6uI1PWNVWMBgpNwEpI254j4wE75RW91pf72ri262YnFnCxPJ8muGc02tg4lzCOgs=
NeueMachina-Bold.otf
promo.stormgain.com/lp/de-de/crypto-mining-dt/fonts/ 		59 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/fonts/NeueMachina-Bold.otf
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ed047719b9f5da523db91e9251e00171f288f919f75e7bcbf59f365b23d075

Request headers

sec-fetch-mode
cors
origin
https://promo.stormgain.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__cf_bm=d336411c2f7ed54215b04eaad566897e4ef8f37e-1626399682-1800-ASQD37HnsB3JcNxY83XfzMa89e0KYlQVsWJhXeLoGc1hAHsByvHmvn77TRUuIZHeSFL7D15Vd3dD5Cw774d8F+M=
:path
/lp/de-de/crypto-mining-dt/fonts/NeueMachina-Bold.otf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
promo.stormgain.com
referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://promo.stormgain.com
Referer
https://promo.stormgain.com/lp/de-de/crypto-mining-dt/css/mining-sa-dt.webflow.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Jul 2021 14:05:08 GMT
server
cloudflare
x-amz-request-id
DQTVPCKPJ1XN5XKF
etag
W/"90d7a3ca812d1acf6650025cf0b843bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-sfnt
cf-ray
66f78720bea600df-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id
55DZRG9Stqk5mpoh7Dest.XCq1RhajBN
x-amz-id-2
qb0Xjgeb1XIOscqV0py7YLKNsLq55h8qfb6xJyUhUOQ+tx+3JeSaeSZcSJJj0jJrGPwgQmssixA=
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 01:25:20 GMT
x-content-type-options
nosniff
age
260162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17784
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 01:25:20 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e8194c8e67f73a844ce1ee6f7d49cc8094e3b9d89c4b67c5b6d294b910c69e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 17:46:33 GMT
x-content-type-options
nosniff
age
287689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18640
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 17:46:33 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:100,200,300,regular,500,600,700&subset=cyrillic,latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e7ed4fe6e9016456057ea5ecd4898d3a461e595a8244a7538e1a814889d471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 03:07:43 GMT
x-content-type-options
nosniff
age
254019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19124
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:29 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 03:07:43 GMT
landing-api.min.2.2.1.js
lib.stormgain.com/landing/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.stormgain.com/landing/js/landing-api.min.2.2.1.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
partner-code.2.js
lib.stormgain.com/partner-code/v/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.stormgain.com/partner-code/v/partner-code.2.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:1c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
utag.1.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.1.js?utv=ut4.46.202011111345
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfd79f7dd9feb79566494837446dcc7d3797e15c237210e9aec441d1f9aaf9ce

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:41 GMT
server
AkamaiNetStorage
etag
"5dbe5b46801d054443773f898a9abc0c:1605102341.845151"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1166
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.8.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.8.js?utv=ut4.46.202004061625
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ab68526cefaf50bf6fe3cf04836bbdb5430375ebd128b4f6dfe3896240a3b7e

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:44 GMT
server
AkamaiNetStorage
etag
"2acfa5792b8619f1524959abdb95ad41:1605102344.482067"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1281
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.38.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.38.js?utv=ut4.46.202101140938
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
132335dfcc6764ac868a5e2bbc5878bf2c2edcced4cfa9bc6c97975c45972d1e

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 09:38:41 GMT
server
AkamaiNetStorage
etag
"8b9aa657ebbf9547d5bbcad3f2c29cec:1610617121.76087"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5004
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.7.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		952 B
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.7.js?utv=ut4.46.202004160848
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4c7db35cbf3e672b9d381581481cf0bc3f45cd1a899a7c98376feed7c1cfd6bd

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:42 GMT
server
AkamaiNetStorage
etag
"d5015e8d442fc8687e0d2e159a47f49e:1605102342.34371"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
595
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.13.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.13.js?utv=ut4.46.201911070939
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8477bdca3e3d3c4e7a2ec47d90b71614d8ebeaa7eed87cf3ff1e630182dd2b06

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:43 GMT
server
AkamaiNetStorage
etag
"7723fad82886130b8fd1bc4e34524a8c:1605102343.997591"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1574
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.14.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.14.js?utv=ut4.46.202007300818
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e2d22f22194fe6a103907fb16c3385b81251303342eb9df152d69bd38e5367a

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:47 GMT
server
AkamaiNetStorage
etag
"01960ceb4211631ed5520cfd12563efb:1605102347.274661"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6096
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.31.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.31.js?utv=ut4.46.202003311426
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6157282874bd291c73d64a28760982c3e17d60d2a946d8575f7d7affbb460084

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:37 GMT
server
AkamaiNetStorage
etag
"6cbefb74fee4a65b80b174f0aac5b240:1605102337.174887"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6097
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.19.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.19.js?utv=ut4.46.201912051246
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e090c6cb4619f71ea54ad66bc82d844906b8ad21539e10b9dcbef0e48a91cbe6

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:40 GMT
server
AkamaiNetStorage
etag
"3e6dbcb9e4b4b576b94c88852a498f12:1605102340.861777"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1652
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.20.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.20.js?utv=ut4.46.202105271617
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a3b7aa5c09237861b3f6e7814c2cd79c463a8d5eb7266d53c8086d0fdaa00bd

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 16:19:13 GMT
server
AkamaiNetStorage
etag
"77c0c1c5b542aa9726d7fe6184c45347:1622132353.163992"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1975
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.35.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.35.js?utv=ut4.46.202004100839
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
676824437d999c315074d6586e0be02dd5cab67eb85b207fea2879c0b98f3175

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 13:45:41 GMT
server
AkamaiNetStorage
etag
"c096b5460790698f3789c12bc1a47748:1605102341.351886"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
975
expires
Sat, 31 Jul 2021 01:41:22 GMT
utag.73.js
tags.tiqcdn.com/utag/epgrowth/ep-web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.73.js?utv=ut4.46.202106281221
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7a5174949893fd57f37fc7d0c610ef36cea9d6b3568b1cd1a412b5b1147eb62

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:22 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 12:21:54 GMT
server
AkamaiNetStorage
etag
"e34a019dfa3918eeece23d9772c75591:1624882914.604932"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
827
expires
Sat, 31 Jul 2021 01:41:22 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Origin
https://promo.stormgain.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.1.js?utv=ut4.46.202011111345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:35:57 GMT
content-encoding
gzip
age
326
x-guploader-uploadid
ADPycduXU0uH9ThvnpDO5CnA_fuz3B8-Y1vuBk-pZ9aH1HdemTS9mh3Ss6LdAdAGSOBGuk434o2PvYBL0jknAWsjLCM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 16 Jul 2021 01:45:57 GMT
hotjar-1404728.js
static.hotjar.com/c/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1404728.js?sv=6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-61.zrh50.r.cloudfront.net
Software
/
Resource Hash
911026f119fc7ffdac4ebeaeaed825efdc33fd40600e03198cc7d3f49313fbf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
24
etag
W/ad32b17803c7178ef5c562ea9defcf12
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
oW9qBIznRclik0aiTYJVyhOZa2z38JiKK298tFwC7neoXMX_L3qpcA==
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
watch.js
mc.yandex.ru/metrika/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.7.js?utv=ut4.46.202004160848
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6777ffd74911fce66a21f4c72e17c2384d0ea6a2752a813a768a12d3ef3a020a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
last-modified
Thu, 15 Jul 2021 10:21:03 GMT
etag
"60ec4755-bac9"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47817
expires
Fri, 16 Jul 2021 02:41:23 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-130952113-6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c092f1aed74787ded63a95e96001af508947e762b620f290505031542a57570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39678
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jul 2021 01:41:23 GMT
activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075
9514594.fls.doubleclick.net/ Frame E97F
Redirect Chain
  • https://9514594.fls.doubleclick.net/activityi;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075?
  • https://9514594.fls.doubleclick.net/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075?
444 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9514594.fls.doubleclick.net/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
88e74ee5daa4595116f12b362fd6e0024500ac15cde9cd02478925f0814f6733
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9514594.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://promo.stormgain.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://promo.stormgain.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 01:41:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
348
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 01:56:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 01:41:23 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9514594.fls.doubleclick.net/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
api.min.js
a.opmnstr.com/app/js/ 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.opmnstr.com/app/js/api.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
ff7bae239c20bd808e19dc083368d46509e3a0786da85008e09f0dc4004f4442

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
cdn-edgestorageid
755
perma-cache
HIT
cdn-storageserver
DE-51
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-07-16 00:30:24
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
last-modified
Fri, 09 Jul 2021 20:40:25 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
5d0a25ec72f4e79d159fbb9d38745dd1
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
fbevents.js
connect.facebook.net/en_US/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
piEgYftl1tWx0ag9xdbskgQ3qxFoF+LjxQpoQQ8ojq4Duy6CNrayGk+oqkSlrOAVz1BGL+8Az8Gburjp8T74kw==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 01:41:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
roundtrip.js
s.adroll.com/j/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1bf333796f692318dd70e062d1efe63338e020114d1ee5847055bc82f501f44

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pAM0.euFDysO58MEarE8oeehvhlA2XbA
Content-Encoding
gzip
ETag
"a392494e5ef76458b487317c249101f0"
x-amz-request-id
GFC88ABM5Z2RT2ET
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13710
x-amz-id-2
TvEDMOabTBEBYHsC2LGUou2fSYFopQgXagfBlQIxp26nFbNnpsvtb6qfxVs2dCSiiuSGXrgu3fw=
Last-Modified
Wed, 23 Jun 2021 15:49:39 GMT
Server
AmazonS3
Date
Fri, 16 Jul 2021 01:41:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
30
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/30?url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.35.js?utv=ut4.46.202004100839
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.206.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ae01cb327724dc83f3ddd4f1632b9135956b115b998e0126b49b2b475e55a9ca

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:24 GMT
server
nginx/1.18.0
content-length
3194
content-type
application/javascript
j.php
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=567176&u=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&r=0.6910291902366152
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.73.js?utv=ut4.46.202106281221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gfra1 /
Resource Hash
47b8207af74e7e7e0b7410cfca2ba0085005ccef5cabc78b83a67fae129a14b7

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Jul 2021 01:41:23 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=epgrowth/ep-web/202106281221&cb=1626399683005
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 16 Jul 2021 01:51:23 GMT
/
tealium-proxy.stormgain.com/ 		69 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tealium-proxy.stormgain.com/?t_profile=ep-web&visitor_id=017aacf9b0c700691a2fc51215d400072007906a00b08&client_id=&segment_web=&product_name=&sf_campaignId=&page_system=promo&page_language=de&page_channel=&product_subcategory=&page_dom_url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&customer_profile_lifecycle=&session_id=1626399682760&customer_profile_is_first_launch_open=&customer_cur_account_type=&customer_cur_account_is_deposit=&customer_cur_account_info_code=&customer_cur_account_id=&customer_cur_account_deposit_total_value=&customer_cur_account_deposit_init_value=&customer_cur_account_count_of_deals_total=&customer_cur_account_balance_available=&customer_accounts_info_code=&customer_email=&customer_profile_broker=&icid_sf=&page_referrer_long=&page_dom_referrer=https%3A%2F%2Fstormgain.ck-cdn.com%2F&page_category=&page_environment=prod&event_date=&event_account_name=&event_account_id=&customer_login=&event_value=&event_id=&event_type=&product_category=&customer_id=&page_path=&customer_profile_country=&customer_profile_phone=&product_id=&fx_visitor_id=&abtest_experiments_name=&abtest_experiments_bucket=&page_loadingtime=&page_loadingtime_tti=&page_dom_referrer_original=https%3A%2F%2Fstormgain.ck-cdn.com%2F&event_date_utc=2021-07-16%2001%3A41&page_activitytime=&mixlib=undefined&ga_cid=undefined
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.94.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:26 GMT
content-length
69
content-type
text/plain; charset=utf-8
modules.4511dadc364f0ee7084d.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4511dadc364f0ee7084d.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1404728.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-11.zrh50.r.cloudfront.net
Software
/
Resource Hash
a0444d309dcb96f091176ba01136e8bea9fdcffa24220ed2a7aea15650fd18be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 14:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
41057
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59124
access-control-allow-origin
*
last-modified
Thu, 15 Jul 2021 14:16:08 GMT
etag
"fa62a803341910c78a5d640632dc1e3f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
bbkbXK77nDwR3w0euWiYKuFM6mLce1q5Vi3WOBueQZYCPLHAx-8Irw==
556294044930659
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/556294044930659?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab1287da30cb9789ea899e76788b88d9b97eb4bf4efad4565ef2d1ecfefa1463
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76112
x-xss-protection
0
pragma
public
x-fb-debug
aS1fOgr6XfQTz093mV+v6hu0FYhT+R6JR2I7R+GMOUVskJ7YYUdovDbiVlYS8q8NGrvR/ijlYQZ3AifahIusVg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-frame-options
DENY
date
Fri, 16 Jul 2021 01:41:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/QY53BTS2IZASVN2T6XPVNN/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
6J6WV6RWN730WHRP
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified
Thu, 20 May 2021 19:48:38 GMT
Server
AmazonS3
Date
Fri, 16 Jul 2021 01:41:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 16 Jul 2021 01:41:23 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3NWIbn2oFWXKGVepqKCDob1lJbLrJJBy
Content-Encoding
gzip
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
XAR3DXYQAWFD0YS7
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
x-amz-id-2
/nLchBO0CcMCN7wRpkSZqpmyWlWoSUbjU6KwEvSCGiuz9WIGrFIFQ84XCfXKT65OwQ3ltCgZ2OM=
Last-Modified
Thu, 15 Jul 2021 12:01:02 GMT
Server
AmazonS3
Date
Fri, 16 Jul 2021 01:41:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/QY53BTS2IZASVN2T6XPVNN/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/QY53BTS2IZASVN2T6XPVNN?_s=3e41ca91b3dc30f043474cd2f0c222d4&_b=2
  • https://d.adroll.com/consent/check/QY53BTS2IZASVN2T6XPVNN/?_s=3e41ca91b3dc30f043474cd2f0c222d4&_b=2
395 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/QY53BTS2IZASVN2T6XPVNN/?_s=3e41ca91b3dc30f043474cd2f0c222d4&_b=2
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.210.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
9eb544207a708d3e4cb893420c64ee57103d6d475cf74373ff935e0b47f176d5

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
395
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location
https://d.adroll.com/consent/check/QY53BTS2IZASVN2T6XPVNN/?_s=3e41ca91b3dc30f043474cd2f0c222d4&_b=2
date
Fri, 16 Jul 2021 01:41:24 GMT
server
nginx/1.20.0
content-length
105
/
adservice.google.com/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/ Frame F80A 		443 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Requested by
Host: 9514594.fls.doubleclick.net
URL: https://9514594.fls.doubleclick.net/activityi;dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
921bb092acab9df9bfae7e9b3248c916615140fd4062b1dfd56aecf0a98c9319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9514594.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9514594.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 01:41:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
348
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130952113-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3024
date
Fri, 16 Jul 2021 00:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 16 Jul 2021 02:50:59 GMT
559016444964799
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/559016444964799?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
363011145d62b22cfeaa81e5d20427f118c3ba90bf1da47c8967c44a57a330fa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76216
x-xss-protection
0
pragma
public
x-fb-debug
IY8ywqxwgbi2PqKm6rqrOaRF9wx3/dZcHL8wWRvf+86D1AsM2Gy09Rj3hSIafhQi5LMpY7PMDWJVz6paVi8TTg==
x-frame-options
DENY
date
Fri, 16 Jul 2021 01:41:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=556294044930659&ev=PageView&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399683173&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1626399683172.675896101&it=1626399683092&coo=false&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 01:41:23 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame B077 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1404728.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://promo.stormgain.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://promo.stormgain.com/

Response headers

content-type
text/html
content-length
1044
date
Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Z0uWm-L3YrvSi1Ay5SA1Y4Q8DB5kHPQXDmGU-e0sZMhXFqcy71TFpA==
age
970661
js
www.google-analytics.com/gtm/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-K3D4M9B&t=gtag_UA_130952113_6&cid=1581666983.1626399683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65274d773d6157345c7da1bca1496d3481366a1e04fc4a38849d488f2b54ec0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41626
x-xss-protection
0
expires
Fri, 16 Jul 2021 01:41:23 GMT
/
9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/ Frame D1CC
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
  • https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
779 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
bc9c9d958728e835ef75d83a8f1acd4a80837a9137f818f3a546c7efd89e7b77
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9514594.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 01:41:23 GMT
expires
Fri, 16 Jul 2021 01:41:23 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
468
x-xss-protection
0
set-cookie
IDE=AHWqTUl82eXTFf5ENfNIYPFE4WsZUGej11TWaFy5kBLcGHj-ZyEAjQZbQNk3XHa8qww; expires=Wed, 10-Aug-2022 01:41:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 01:41:23 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=559016444964799&ev=PageView&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399683222&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1626399683172.675896101&it=1626399683092&coo=false&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 01:41:23 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9335.7h4qzI7BqFDEaDyZqzPiJDxvXcoLwtNSUjAGDoftHnkMvtNc3zK7d4gIzmHy01_k.IgYiYuTnbhhPB1GhhVznbyCKtvE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9335.JUkOExfOPEIIesUFJzyRxHED47N5dhlx6OVYpagwMf_59iRc8KEiemZbMi4FUoB7dhdg83Z60ztF7S-Aa6YkBA%2C%2C.-yibjgREppE53ys9RrwBCFWOqcQ%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9335.JUkOExfOPEIIesUFJzyRxHED47N5dhlx6OVYpagwMf_59iRc8KEiemZbMi4FUoB7dhdg83Z60ztF7S-Aa6YkBA%2C%2C.-yibjgREppE53ys9RrwBCFWOqcQ%2C
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9335.JUkOExfOPEIIesUFJzyRxHED47N5dhlx6OVYpagwMf_59iRc8KEiemZbMi4FUoB7dhdg83Z60ztF7S-Aa6YkBA%2C%2C.-yibjgREppE53ys9RrwBCFWOqcQ%2C
date
Fri, 16 Jul 2021 01:41:23 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Thu, 15 Jul 2021 10:21:03 GMT
etag
"60ec4755-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jul 2021 02:41:23 GMT
events
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ 		0
0
events
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Protocol
H2
Server
34.253.3.7 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://promo.stormgain.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers
conversion.js
www.googleadservices.com/pagead/ Frame D1CC 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9514594.fls.doubleclick.net
URL: https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
7f910a1e8b2da14636a741dbc704263fd7d9fd021284a40e9b44ac6dd470fb3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9514594.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17224
x-xss-protection
0
server
cafe
etag
1232925476602830293
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 01:41:23 GMT
collect
www.google-analytics.com/j/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=932430724&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&dr=https%3A%2F%2Fstormgain.ck-cdn.com%2F&ul=en-us&de=UTF-8&dt=StormGain%20All-in-One%20Krypto-Plattform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUADQAAAAC~&jid=783359905&gjid=748112201&cid=1581666983.1626399683&tid=UA-130952113-6&_gid=736423685.1626399683&_r=1&gtm=2ou7e0&z=1038781252
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.stormgain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
8811
api.omappapi.com/v2/embed/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/8811?d=promo.stormgain.com
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-68.zrh50.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
0d3384b96606e6be76f72ee1339136096c295b47cb1160c7d070f492fe515ac3

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
gzip
x-cache-config
0 0
x-amz-cf-pop
ZRH50-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
access-control-allow-headers
X-CSRF-Token
x-optinmonster-account
2794
x-user-agent
standard--
last-modified
Thu, 05 Dec 2019 14:17:35 GMT
server
Pagely Gateway/1.5.1
etag
W/"a4f21d37cc78aa790cc64e65f79faaa1"
vary
Accept-Encoding, User-Agent
content-type
application/json
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
access-control-allow-origin
*
x-amz-cf-id
JGRyHl0rwH9iSNUbbwLNtGwYCFBAemw0OaB0K6PdqANF7RVnqXCuqw==
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-130952113-6&cid=1581666983.1626399683&jid=783359905&gjid=748112201&_gid=736423685.1626399683&_u=6GBAAUACQAAAAC~&z=1095791750
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Jul 2021 01:41:23 GMT
content-type
text/plain
access-control-allow-origin
https://promo.stormgain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/726694447/ Frame D1CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/726694447/?random=1626399683511&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9514594.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLjc-vq65vECFYeDgwcdBx4LMw%3Bsrc%3D9514594%3Btype%3Dinvmedia%3Bcat%3Dwebsi001%3Bord%3D7203726792034.075%3B~oref%3Dhttps%3A%2F%2Fpromo.stormgain.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
747ed88d57bffa9d15465862663cf6417fa32f781b43d641402216c41c91a3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9514594.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1192
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-130952113-6&cid=1581666983.1626399683&jid=783359905&_u=6GBAAUACQAAAAC~&z=1539337835
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-130952113-6&cid=1581666983.1626399683&jid=783359905&_u=6GBAAUACQAAAAC~&z=1539337835
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/726694447/ Frame D1CC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u...
  • https://www.google.com/pagead/1p-conversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_...
  • https://www.google.de/pagead/1p-conversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9514594.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLjc-vq65vECFYeDgwcdBx4LMw%3Bsrc%3D9514594%3Btype%3Dinvmedia%3Bcat%3Dwebsi001%3Bord%3D7203726792034.075%3B~oref%3Dhttps%3A%2F%2Fpromo.stormgain.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=w-PwYOjvIN3G7_UPjb6g-A0&random=3947823430&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9514594.fls.doubleclick.net
URL: https://9514594.fls.doubleclick.net/ddm/fls/r/dc_pre=CLjc-vq65vECFYeDgwcdBx4LMw;src=9514594;type=invmedia;cat=websi001;ord=7203726792034.075;~oref=https://promo.stormgain.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9514594.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/726694447/?random=38715476&cv=9&fst=1626399683511&num=1&label=pTXmCMnh5awBEK_0wdoC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9514594.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLjc-vq65vECFYeDgwcdBx4LMw%3Bsrc%3D9514594%3Btype%3Dinvmedia%3Bcat%3Dwebsi001%3Bord%3D7203726792034.075%3B~oref%3Dhttps%3A%2F%2Fpromo.stormgain.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=w-PwYOjvIN3G7_UPjb6g-A0&random=3947823430&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/54334408/
Redirect Chain
  • https://mc.yandex.com/watch/54334408?wmode=7&page-url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslH...
  • https://mc.yandex.com/watch/54334408/1?wmode=7&page-url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1Us...
316 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54334408/1?wmode=7&page-url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&page-ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A53048299392%3Ahid%3A662292218%3Az%3A120%3Ai%3A20210716034123%3Aet%3A1626399683%3Ac%3A1%3Arn%3A943993274%3Au%3A162639968379345207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626399682087%3Ads%3A16%2C37%2C99%2C20%2C118%2C0%2C%2C589%2C4%2C%2C%2C%2C863%3Adsn%3A15%2C38%2C98%2C21%2C118%2C0%2C%2C571%2C5%2C%2C%2C%2C862%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626399684%3At%3AStormGain%20All-in-One%20Krypto-Plattform
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
de582cfb24abc386588339ff11e6ce59ca72a957aeaf763a1abd35c1cd06ffae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 16-Jul-2021 01:41:23 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo.stormgain.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
316
x-xss-protection
1; mode=block
expires
Fri, 16-Jul-2021 01:41:23 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Fri, 16-Jul-2021 01:41:23 GMT
location
/watch/54334408/1?wmode=7&page-url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&page-ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A53048299392%3Ahid%3A662292218%3Az%3A120%3Ai%3A20210716034123%3Aet%3A1626399683%3Ac%3A1%3Arn%3A943993274%3Au%3A162639968379345207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626399682087%3Ads%3A16%2C37%2C99%2C20%2C118%2C0%2C%2C589%2C4%2C%2C%2C%2C863%3Adsn%3A15%2C38%2C98%2C21%2C118%2C0%2C%2C571%2C5%2C%2C%2C%2C862%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626399684%3At%3AStormGain%20All-in-One%20Krypto-Plattform
strict-transport-security
max-age=31536000
access-control-allow-origin
https://promo.stormgain.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 16-Jul-2021 01:41:23 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=556294044930659&ev=Microdata&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399683676&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22StormGain%20All-in-One%20Krypto-Plattform%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22StormGain%22%2C%22og%3Adescription%22%3A%22Sch%C3%BCrfen%20Sie%20Ihre%20ersten%20Krypto%20In%20nur%204%20Stunden%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fen-en%2Fcrypto-mining-dt%2Fimages%2Fscreen.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1626399683675.1656598540&it=1626399683092&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 01:41:23 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=559016444964799&ev=Microdata&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399683724&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22StormGain%20All-in-One%20Krypto-Plattform%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22StormGain%22%2C%22og%3Adescription%22%3A%22Sch%C3%BCrfen%20Sie%20Ihre%20ersten%20Krypto%20In%20nur%204%20Stunden%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fen-en%2Fcrypto-mining-dt%2Fimages%2Fscreen.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1626399683675.1656598540&it=1626399683092&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 01:41:23 GMT
css
fonts.googleapis.com/ 		4 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:800,500,700,400%7CLato:800,500,700,400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9c39ec364b4597a9864e16b325576de84a7583c562f752bcbb0d005c3024262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 01:14:59 GMT
server
ESF
date
Fri, 16 Jul 2021 01:41:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jul 2021 01:41:23 GMT
39c306b553c11573814884-SeekPng.com_telegram-logo-png_783420.png
a.omappapi.com/users/caa798f453cf/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.omappapi.com/users/caa798f453cf/images/39c306b553c11573814884-SeekPng.com_telegram-logo-png_783420.png
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
614270fcb00d3827fa1c163fd33c1a6b9b41eb943761d52f089f31650bf592c5

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
cdn-edgestorageid
752
perma-cache
HIT
cdn-storageserver
DE-51
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-07-16 01:30:20
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
8858
access-control-allow-origin
*
last-modified
Thu, 27 May 2021 17:38:21 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
200
content-type
image/webp
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
ac7474f8737d3c917d97031e203c30a9
accept-ranges
bytes
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:800,500,700,400%7CLato:800,500,700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 22:35:28 GMT
x-content-type-options
nosniff
age
270355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 22:35:28 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:800,500,700,400%7CLato:800,500,700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 19:47:58 GMT
x-content-type-options
nosniff
age
280405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 19:47:58 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:800,500,700,400%7CLato:800,500,700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 08:34:22 GMT
x-content-type-options
nosniff
age
234421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 08:34:22 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:800,500,700,400%7CLato:800,500,700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://promo.stormgain.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 00:16:41 GMT
x-content-type-options
nosniff
age
264282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 00:16:41 GMT
tag-77c03a48d5039fce2389941d720ea17f.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		159 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-77c03a48d5039fce2389941d720ea17f.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=567176&u=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&r=0.6910291902366152
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gfra1 /
Resource Hash
5a6902b9b68653177837fd40018234b897092a84281baea272892f32c9cf9907

Request headers

Origin
https://promo.stormgain.com
Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 15:25:27 GMT
server
gfra1
etag
"60edb067-b434"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46132
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=567176&d=promo.stormgain.com&u=D554CB88671B35604DA6E4C1338F78F94&h=bf97bf801f471316d2f82224914d1e7f&t=false&r=0.08008522919405392
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:23 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
tag-a91ed69b7e588ff503b12c42cb6bc2ed.js
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-a91ed69b7e588ff503b12c42cb6bc2ed.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-77c03a48d5039fce2389941d720ea17f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gfra1 /
Resource Hash
09df8e237d8c0e41e77fe262224660226f5a65bee3a1839bf3b9f28bceba06a1

Request headers

Origin
https://promo.stormgain.com
Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 15:25:27 GMT
server
gfra1
etag
"60edb067-5bc5"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23493
via
1.1 google
settings.js
dev.visualwebsiteoptimizer.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=567176&settings_type=1&vn=7.0&r=0.7797956351924125&exc=2|3
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-77c03a48d5039fce2389941d720ea17f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gfra1 /
Resource Hash
7f28dad9610f513a58ab15ec0a4933a4d59471c405f51957a4a740a5b56f7961

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:23 GMT
content-encoding
br
last-modified
Tue, 13 Jul 2021 15:25:27 GMT
server
gfra1
etag
"60edb067-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
s.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=567176&u=D554CB88671B35604DA6E4C1338F78F94&s=1626399683&p=1&ed=%7B%22tO%22%3A%22-2%22%2C%22lt%22%3A%221626399684163%22%2C%22r%22%3A%22https%253A%252F%252Fstormgain.ck-cdn.com%252F%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&cu=https%253A%252F%252Fpromo.stormgain.com%252Flp%252Fde-de%252Fcrypto-mining-dt%252F%253Flpide6f2bb4c%2526aff_id%253D101469%2526cxd%253D101469_467573_%257Cafp2%253A8WmZ1UslHQZ9NAG&r=0&cq=1&vn=7.0.149&vns=undefined&vno=4.0.68&_ru=https%3A%2F%2Fstormgain.ck-cdn.com%2F&eTime=1626399683164&random=0.6477631731110303
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
KZSWKPPL4VEKFJC5LRIY3V.js
s.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/
Redirect Chain
  • https://d.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-min...
  • https://s.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/KZSWKPPL4VEKFJC5LRIY3V.js
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/KZSWKPPL4VEKFJC5LRIY3V.js
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fcafcf95033088f8bfc25cad56b8684f66cd527c65b4a3c72b4ff448a848468

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ICox5xIRkEGuiW1hicP8LSFbR2qHA1ad
Content-Encoding
gzip
ETag
"343743fd1be1f8061bc16ead878ea781"
x-amz-request-id
ZH38Q0VTEPKF4M4E
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1860
x-amz-id-2
4Jkx1BpES4lUOXoEIf8Tt5BdgNTRU7YHYTtqFOmgK/EtdbmH7m7jP/n1LhB2UUwuorlbh75kYR0=
Last-Modified
Tue, 13 Jul 2021 22:01:11 GMT
Server
AmazonS3
Date
Fri, 16 Jul 2021 01:41:24 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
x-conversion-value
0.00
server
nginx/1.20.0
x-rule
*/promo*
date
Fri, 16 Jul 2021 01:41:24 GMT
x-segment-eid
KZSWKPPL4VEKFJC5LRIY3V
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC/KZSWKPPL4VEKFJC5LRIY3V.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
promo
x-pixel-eid
TQO7A6PXLJBNTIRKWRRBAC
x-segment-name
8d88dd89
x-advertisable-eid
QY53BTS2IZASVN2T6XPVNN
content-length
0
x-conversion-currency
sendrolling.js
s.adroll.com/j/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/QY53BTS2IZASVN2T6XPVNN/TQO7A6PXLJBNTIRKWRRBAC?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&pv=70126693343.22226&cookie=&adroll_s_ref=https%3A//stormgain.ck-cdn.com/&keyw=&adroll_external_data=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
HGPWcMusg1Q3jHlN_3e8TxfPUyFA5XRk
Content-Encoding
gzip
ETag
"5c44da3d0ddeac28ae4c1facdfbfa217"
x-amz-request-id
9EG729F15JXF9JEV
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2719
x-amz-id-2
REL9xWsqdbLsnslZ7mARsANBKNyIUNX4m2lsHs1kx2TMsGJ43tiYvoq5A1+gzRHFjw5kgB/zGyo=
Last-Modified
Tue, 13 Jul 2021 22:39:57 GMT
Server
AmazonS3
Date
Fri, 16 Jul 2021 01:41:24 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
491724551682571
connect.facebook.net/signals/config/ 		261 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/491724551682571?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0be50426096c393f45a1ad25aa5bcd3d50ffc0c947e7ea3b1d3f29d6d2face3d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
du4fhRkl8AlMWkoNG1/IkCNSHZFSsf06Pu4am0PGsRCi6gmlee6fdL/m1bicsA/h0yflWu0tpOfFI7/IHAeCiA==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 01:41:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expiration=1657935684
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expiration=1657935684&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expiration=1657935684&C=1
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 01:41:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Jul 2021 01:41:24 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 01:41:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expiration=1657935684&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Fri, 16 Jul 2021 01:41:24 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expires=365
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&expires=365
pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D...
  • https://pixel.advertising.com/ups/55980/sync?uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:25 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55980/sync?uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
167
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 01:41:27 GMT
Cache-Control
no-cache
X-TraceId
31e13a838f053e54960bb1244c581604
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
100
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:429
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
220
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D1...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Fri, 16 Jul 2021 01:41:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
6820

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
pragma
no-cache
date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date
Fri, 16 Jul 2021 01:41:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.182.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
date
Fri, 16 Jul 2021 01:41:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%...
  • https://ib.adnxs.com/setuid?entity=172&code=OWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 01:41:31 GMT
X-Proxy-Origin
159.48.53.223; 159.48.53.223; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fd944ae6-cf03-40be-8c06-c4322b881d36
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 01:41:31 GMT
X-Proxy-Origin
159.48.53.223; 159.48.53.223; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
214cd3de-db27-4e94-90f3-b190583c63c3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWE3YTRkNWJkZWU5YmM2OTM1MjdlZTczNWE1ODdhZTE
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&xid_ch=f&advertisable=QY53BTS2IZASVN2T6XPVNN
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.210.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=9a7a4d5bdee9bc693527ee735a587ae1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a7a4d5bdee9bc693527ee735a587ae1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a7a4d5bdee9bc693527ee735a587ae1
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:31 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9a7a4d5bdee9bc693527ee735a587ae1
date
Fri, 16 Jul 2021 01:41:31 GMT
via
1.1 google
server
OXGW/16.210.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=7d17398d0be3e97ffbc9b3a0cce4f854-1626399684319&arrfrr=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mnpNW97pvGk1J-5zWlh64Q
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=mnpNW97pvGk1J-5zWlh64Q&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.210.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:25 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.2.-1.-1

Redirect headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analyze
r3.visualwebsiteoptimizer.com/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3.visualwebsiteoptimizer.com/analyze?_a=567176&_u=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.194.81.74 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
r3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Jul 2021 01:41:24 GMT
content-encoding
gzip
server
r3
content-type
application/javascript; charset=UTF-8
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/30?url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.0.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:25 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 03:22:18 GMT
server
nginx/1.18.0
etag
W/"1626146538.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Fri, 16 Jul 2021 13:41:25 GMT
30
p.ad.gt/api/v1/p/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/30
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/30?url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&ref=https%3A%2F%2Fstormgain.ck-cdn.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.178.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a9b1c9ab1d812ba8c5612140adb53cf7118c6f7ed8b124877a481de8b9af93ab

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:28 GMT
content-encoding
gzip
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&adnxs_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D6ab98412-6e5c-438c-87aa-93409c6360c2%26adnxs_id%3D%24UID
  • https://ids.ad.gt/api/v1/match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&adnxs_id=5627130931617909302
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&adnxs_id=5627130931617909302
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 16 Jul 2021 13:41:28 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 01:41:28 GMT
X-Proxy-Origin
159.48.53.223; 159.48.53.223; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1989b012-904a-4d0a-b0de-5b5a39aa434c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&adnxs_id=5627130931617909302
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://ids.ad.gt/api/v1/t_match?tdid=025328d2-6574-4e38-9369-a7bbcf2a52a8&id=6ab98412-6e5c-438c-87aa-93409c6360c2
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=025328d2-6574-4e38-9369-a7bbcf2a52a8&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:32 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 16 Jul 2021 13:41:32 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=025328d2-6574-4e38-9369-a7bbcf2a52a8&id=6ab98412-6e5c-438c-87aa-93409c6360c2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://ids.ad.gt/api/v1/pbm_match?pbm=DFF6EEFD-B8B0-4B89-BCF1-480B581507AB&id=6ab98412-6e5c-438c-87aa-93409c6360c2
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=DFF6EEFD-B8B0-4B89-BCF1-480B581507AB&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:32 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 16 Jul 2021 13:41:32 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=DFF6EEFD-B8B0-4B89-BCF1-480B581507AB&id=6ab98412-6e5c-438c-87aa-93409c6360c2
date
Fri, 16 Jul 2021 01:41:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=6ab98412-6e5c-438c-87aa-93409c6360c2&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&google_gid=CAESEBko3lTDf7_v5f1b1TOdpvw&google_cver=1&google_ula=450542624,0
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&google_gid=CAESEBko3lTDf7_v5f1b1TOdpvw&google_cver=1&google_ula=450542624,0
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:25 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 16 Jul 2021 13:41:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=6ab98412-6e5c-438c-87aa-93409c6360c2&google_gid=CAESEBko3lTDf7_v5f1b1TOdpvw&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmFiOTg0MTItNmU1Yy00MzhjLTg3YWEtOTM0MDljNjM2MGMy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmFiOTg0MTItNmU1Yy00MzhjLTg3YWEtOTM0MDljNjM2MGMy
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 01:41:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmFiOTg0MTItNmU1Yy00MzhjLTg3YWEtOTM0MDljNjM2MGMy
date
Fri, 16 Jul 2021 01:41:25 GMT
server
nginx/1.18.0
content-length
473
content-type
text/html; charset=utf-8
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6ab98412-6e5c-438c-87aa-93409c6360c2&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABCDE7B4cgAAD-Al0f_Lg&id=6ab98412-6e5c-438c-87aa-93409c6360c2
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABCDE7B4cgAAD-Al0f_Lg&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:32 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 16 Jul 2021 13:41:32 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABCDE7B4cgAAD-Al0f_Lg&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Date
Fri, 16 Jul 2021 01:41:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
mediamath_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=355e60f0-e3c4-4700-adcb-b4ad43f48a69&id=6ab98412-6e5c-438c-87aa-93409c6360c2
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/mediamath_match?user_id=355e60f0-e3c4-4700-adcb-b4ad43f48a69&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:25 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 16 Jul 2021 13:41:25 GMT

Redirect headers

Date
Fri, 16 Jul 2021 01:41:24 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/mediamath_match?user_id=355e60f0-e3c4-4700-adcb-b4ad43f48a69&id=6ab98412-6e5c-438c-87aa-93409c6360c2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jul 2021 01:41:23 GMT
token
token.rubiconproject.com/
Redirect Chain
  • https://ids.ad.gt/api/v1/rub?id=6ab98412-6e5c-438c-87aa-93409c6360c2
  • https://token.rubiconproject.com/token?pid=50242&puid=6ab98412-6e5c-438c-87aa-93409c6360c2&gdpr=0
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=6ab98412-6e5c-438c-87aa-93409c6360c2&gdpr=0
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://token.rubiconproject.com/token?pid=50242&puid=6ab98412-6e5c-438c-87aa-93409c6360c2&gdpr=0
date
Fri, 16 Jul 2021 01:41:25 GMT
server
nginx/1.18.0
content-length
417
content-type
text/html; charset=utf-8
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=491724551682571&ev=PageView&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399685000&cd[segment_eid]=3BCX3OERUNB2VHAOE5JKU2%2CKZSWKPPL4VEKFJC5LRIY3V&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=0&o=29&fbp=fb.1.1626399684998.1197699529&it=1626399683092&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 01:41:26 GMT
events
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ 		0
0
events
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Protocol
H2
Server
34.253.3.7 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://promo.stormgain.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=af4878d6259e937e19984f33ff14e187&url=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.227.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Jul 2021 01:41:28 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
1853083501571805
connect.facebook.net/signals/config/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24b94930d5d7a3555b669fca5bc46f7665b90ccd59cab2d7c40be9c6ed3572d2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77431
x-xss-protection
0
pragma
public
x-fb-debug
pzq8pCHdbYxO3nbp5472AHYQOubgHkh4Jxiy55CU9o+MKm74R4jh1lFKPX6d2agj6sCgGWqmJj2YWgZu0p5pjQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Fri, 16 Jul 2021 01:41:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
290
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
expires
Fri, 16 Jul 2021 02:36:38 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 00:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2649
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Fri, 16 Jul 2021 01:57:19 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399688636&cd[partner_id]=30&cd[tagger_id]=af4878d6259e937e19984f33ff14e187&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1626399688635.140432596&it=1626399683092&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 01:41:28 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG&rl=https%3A%2F%2Fstormgain.ck-cdn.com%2F&if=false&ts=1626399689138&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22StormGain%20All-in-One%20Krypto-Plattform%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22StormGain%22%2C%22og%3Adescription%22%3A%22Sch%C3%BCrfen%20Sie%20Ihre%20ersten%20Krypto%20In%20nur%204%20Stunden%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fen-en%2Fcrypto-mining-dt%2Fimages%2Fscreen.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1626399689137.1176035379&it=1626399683092&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/de-de/crypto-mining-dt/?lpide6f2bb4c&aff_id=101469&cxd=101469_467573_|afp2:8WmZ1UslHQZ9NAG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 01:41:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 01:41:29 GMT
analyze
r3.visualwebsiteoptimizer.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3.visualwebsiteoptimizer.com/analyze?_a=567176&_u=https%3A%2F%2Fpromo.stormgain.com%2Flp%2Fde-de%2Fcrypto-mining-dt%2F%3Flpide6f2bb4c%26aff_id%3D101469%26cxd%3D101469_467573_%7Cafp2%3A8WmZ1UslHQZ9NAG
Requested by
Host: promo.stormgain.com
URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.194.81.74 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
r3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.stormgain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Jul 2021 01:41:29 GMT
content-encoding
gzip
server
r3
content-type
application/javascript; charset=UTF-8
events
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Protocol
H2
Server
34.253.3.7 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://promo.stormgain.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers
events
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io
URL
https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Domain
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io
URL
https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Domain
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io
URL
https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| WebFont object| utag_data object| elasticApm object| apmAgent function| $ function| jQuery function| tram object| Webflow boolean| utag_condload object| utag string| apiKeyNew object| mixpanel object| _hjSettings function| hj object| yaParams string| gtagRename object| dataLayer function| gtag function| fbq function| _fbq object| adroll_custom_data string| adroll_conversion_value string| adroll_conversion_value_in_dollars string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| adroll_record_user object| _vwo_code number| settings_timer number| _vwo_settings_timer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter object| google_optimize object| adroll_exp_list function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| om2794_8811 boolean| _omvisitsadded object| _omapp object| omdvyc28wf2qu9bibkzzbs object| ompqxhwbarmkd0krfwjjfl number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_worker_cb function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| __nls number| ___vwo boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency string| adroll_seg_eid object| auvars function| docReady object| au object| autag

1 Cookies

Domain/Path Name / Value
.stormgain.com/ Name: _fbp
Value: fb.1.1626399689137.1176035379

4 Console Messages

Source Level URL
Text
console-api log URL: https://tags.tiqcdn.com/utag/epgrowth/ep-web/prod/utag.js(Line 166)
Message:
2
console-api warning URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7(Line 2)
Message:
Failed sending errors! Error: https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io:443/intake/v2/rum/events HTTP status: 0
console-api warning URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7(Line 2)
Message:
Failed sending errors! Error: https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io:443/intake/v2/rum/events HTTP status: 0
console-api warning URL: https://promo.stormgain.com/lp/elastic-apm-js-base.umd.min.js?v=8.7.7(Line 2)
Message:
Failed sending transactions! Error: https://96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io:443/intake/v2/rum/events HTTP status: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9514594.fls.doubleclick.net
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io
a.ad.gt
a.omappapi.com
a.opmnstr.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.omappapi.com
aufp.io
cdn.mxpnl.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d3e54v103j8qbb.cloudfront.net
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gloos-ves.com
go.cityclub.finance
go.stormgain.app
googleads.g.doubleclick.net
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
img.sedoparking.com
lib.stormgain.com
match.adsrvr.org
match.prod.bidr.io
mc.yandex.com
mc.yandex.ru
p.ad.gt
pixel.advertising.com
pixel.rubiconproject.com
pixels.ad.gt
promo.stormgain.com
r3.visualwebsiteoptimizer.com
s.adroll.com
scided-mington.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
stormgain.ck-cdn.com
sync.mathtag.com
sync.outbrain.com
sync.taboola.com
tags.tiqcdn.com
tealium-proxy.stormgain.com
token.rubiconproject.com
us-u.openx.net
vars.hotjar.com
ww1.capitplone.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
xml.sedodna.com
96f83449da08442488f93dfa8d110969.apm.eu-west-1.aws.cloud.es.io
104.109.77.38
13.224.89.153
13.224.96.11
13.224.96.22
13.224.96.61
13.224.96.68
13.248.245.213
141.226.228.48
142.250.185.194
142.250.74.198
173.239.53.32
18.195.123.247
185.29.132.68
185.59.220.194
185.64.189.110
185.64.190.80
195.161.21.2
2.18.234.21
205.234.175.175
216.58.212.162
2600:1901:0:bc29::
2606:4700:20::ac43:4691
2606:4700::6811:1c22
2a00:1288:80:800::7000
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4009:815::2004
2a00:1450:400c:c04::9d
2a02:26f0:6c00::210:baab
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.63.176
34.253.3.7
34.96.102.137
34.98.64.218
35.194.81.74
35.234.86.61
37.252.172.249
37.252.172.250
44.230.206.19
44.239.227.182
44.242.0.74
52.17.210.139
52.212.94.185
52.30.222.33
52.35.149.136
52.58.182.33
52.7.145.236
54.71.178.83
63.35.200.21
69.173.144.138
69.173.144.165
70.42.32.31
76.223.111.131
91.195.240.50
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05d680ebfda2e6c2ed8cee986ed9f4e04af3b9aaf5613e4eb70ea5321bd140ec
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09df8e237d8c0e41e77fe262224660226f5a65bee3a1839bf3b9f28bceba06a1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be50426096c393f45a1ad25aa5bcd3d50ffc0c947e7ea3b1d3f29d6d2face3d
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d3384b96606e6be76f72ee1339136096c295b47cb1160c7d070f492fe515ac3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
132335dfcc6764ac868a5e2bbc5878bf2c2edcced4cfa9bc6c97975c45972d1e
13a9cc41946d8bb3e7fa5d2c67876aed029fd611a781c1c0312aae8c4dd249d4
152278ba0fd2a6ddd2ca40ecfc92c786960fb0f2cc31f20ed72071d3f2c1bc46
1b12a281fe9d869f1f7b6263a8cf40889399cf65af390e77922c79330fb36e1c
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
21d40c0ba725ac30e695c939d476f5edcd15fa5a57eef4e2559e9429b7187505
24b94930d5d7a3555b669fca5bc46f7665b90ccd59cab2d7c40be9c6ed3572d2
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
2e2d22f22194fe6a103907fb16c3385b81251303342eb9df152d69bd38e5367a
35038f81fc175a0d7b290668efd7669ede0f14af05f93689f359f3a4847babf6
363011145d62b22cfeaa81e5d20427f118c3ba90bf1da47c8967c44a57a330fa
36d44e8837a56a091717a079c265dd0e809b722edcfde8577fff6fe14e231aba
39dfef8816bf9237f75549ee04476b0dac813faf11869bb0f6b0fe009ab5e882
3a6191c3703cc9f39fc92cc063cbb5d3b8a8812100fb4c4b48042513c552e97b
3ac77a6badd86ae6d4f4b5deb862e8eca79a590ec196418dbe57a60d12708e01
428b9bc25ec719872c7d99f4c5a05922d685662cfdcb6511a076a6a250f2d6cf
4521b2b4c3108811397403c47f58097d5858b3fa3495545f5bd4d089b30dc2bc
47b8207af74e7e7e0b7410cfca2ba0085005ccef5cabc78b83a67fae129a14b7
4ab68526cefaf50bf6fe3cf04836bbdb5430375ebd128b4f6dfe3896240a3b7e
4b2fcb10f5fc755aa7cebe83b9d5d6466da2dc801ed62bb81df168fd89c1e9fa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba4c1d97bbb63d66435be16363cb3739a58bcfa85c09c44e8918a6423ea974c
4c7db35cbf3e672b9d381581481cf0bc3f45cd1a899a7c98376feed7c1cfd6bd
4cfecd65c10d3ef17e65631efe0274deb821626fe10f59e2e7c69c855c9ad668
4dbb8bf7096a3790ccad6c247de898c2a6157c978824297cc319a394f48305d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eabd5905017cbddd848e7643f0b6e4ebf9d73d02513737ada324c2ddf3966e9
537b7e9f74e8ac9627e6146fba6657bfa769168e497ab19b7f0937f91993e62c
53f0e71592c8cff9138b2b41002edbc9bdc5a556d041f3a22a08800eee96c7bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560548145c043d26f0bfb9317bcc67b7c13e9b812e9ab5b0ef464e98b2acfe94
5a6902b9b68653177837fd40018234b897092a84281baea272892f32c9cf9907
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
5fcafcf95033088f8bfc25cad56b8684f66cd527c65b4a3c72b4ff448a848468
614270fcb00d3827fa1c163fd33c1a6b9b41eb943761d52f089f31650bf592c5
6157282874bd291c73d64a28760982c3e17d60d2a946d8575f7d7affbb460084
65274d773d6157345c7da1bca1496d3481366a1e04fc4a38849d488f2b54ec0a
6577555b311db9f4225b64e790f5100719a4614ede854d6068e35eb371133861
66d32a3db0a72b6dadfe439c0c0079d0cb8772732f955eef49f0fe2f87d93bcf
676824437d999c315074d6586e0be02dd5cab67eb85b207fea2879c0b98f3175
6777ffd74911fce66a21f4c72e17c2384d0ea6a2752a813a768a12d3ef3a020a
6accef3ac12225d441826402d800b0aafa7547dad2000950c88ceaa670009858
6c24e008b3731cf6e98be6dccd4c174a65dda4de6920989ce8f3d6bf25ad290f
6e684a5df5e5117ed1f36b819bf2aad86121eddd314579e682149406e30a64c2
70181b9b9ddf7a7fca711dbdedf7f5c3f081c8e3bae3e88caa8e9077e99eaee3
71159cc3666e230ce1daff055d8c765955a3c017f8cbf8d4334300a74ae11756
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
747ed88d57bffa9d15465862663cf6417fa32f781b43d641402216c41c91a3da
770a709ef69d4a0288c9d225673a95f45a35f777f6a83d03ec8579ee2f547a0e
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7f28dad9610f513a58ab15ec0a4933a4d59471c405f51957a4a740a5b56f7961
7f910a1e8b2da14636a741dbc704263fd7d9fd021284a40e9b44ac6dd470fb3b
80e7ed4fe6e9016456057ea5ecd4898d3a461e595a8244a7538e1a814889d471
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83cc3cf55c72741f9b1292fe21d7e22d5f1fe1a1556851eea001068cb74fda5e
8477bdca3e3d3c4e7a2ec47d90b71614d8ebeaa7eed87cf3ff1e630182dd2b06
84b226df072fad784b2b42176d4bc2f3137d8f03026c1d4b5f242a854d2b8362
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
86fb3d403e00e63b83303a7d22f91cd12c2bb349963ea1beb96a700ee18089d8
8852eaf668a3a4e474fef03ad4f7fd192daaae7b53b867b2af17ca0bf5ffc6e3
88e74ee5daa4595116f12b362fd6e0024500ac15cde9cd02478925f0814f6733
8c092f1aed74787ded63a95e96001af508947e762b620f290505031542a57570
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
911026f119fc7ffdac4ebeaeaed825efdc33fd40600e03198cc7d3f49313fbf2
921bb092acab9df9bfae7e9b3248c916615140fd4062b1dfd56aecf0a98c9319
95b502870b1e413a4deb6a9a93888074204c56397e16f66bd828dea99ea90d0c
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
982366f1ad02914ee8f64b7b11ac8a7f9902b6050e10c269b171cd2e51db3dee
9a3b7aa5c09237861b3f6e7814c2cd79c463a8d5eb7266d53c8086d0fdaa00bd
9eb544207a708d3e4cb893420c64ee57103d6d475cf74373ff935e0b47f176d5
a0444d309dcb96f091176ba01136e8bea9fdcffa24220ed2a7aea15650fd18be
a1e8194c8e67f73a844ce1ee6f7d49cc8094e3b9d89c4b67c5b6d294b910c69e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a51232465be806b4aa6bfaf30de55262b9a5899e64a840108f2d14dda5669bed
a7a5174949893fd57f37fc7d0c610ef36cea9d6b3568b1cd1a412b5b1147eb62
a88fb30ebe893afe33ab5adb2792770a22dae64f45100cd0857b9369c2d440fc
a936e95dd1f0a6aba3015fd2c3e71e9fbe64de45c40f493d3882dcdfd72990f4
a9b1c9ab1d812ba8c5612140adb53cf7118c6f7ed8b124877a481de8b9af93ab
ab1287da30cb9789ea899e76788b88d9b97eb4bf4efad4565ef2d1ecfefa1463
abb9705208f7a4f88ea0145833e11f9e5f70a5bdd0ab5a0d8abb8e03d1f91446
ae01cb327724dc83f3ddd4f1632b9135956b115b998e0126b49b2b475e55a9ca
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5dae4429b3ed9fdb5d2a2727efb7a1f6f10cffd9b84c90ed022be67eabee666
ba0ec653b732f6b21696194cd5f71f86c2b19b3fc7aa54e4c996fe5b805460db
ba72ca34d507f9d072e742bb8983373bbbfeb94613c5a642ec8b1ecd6e8a5b18
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9c9d958728e835ef75d83a8f1acd4a80837a9137f818f3a546c7efd89e7b77
bfd79f7dd9feb79566494837446dcc7d3797e15c237210e9aec441d1f9aaf9ce
c1ed047719b9f5da523db91e9251e00171f288f919f75e7bcbf59f365b23d075
c2bdd8828bf81bc4f72d7d7df73fee259c93c4453c89507fbf479b47bfedf1d0
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5bde1faeea1d96a98dc2d1a6cc5a3696f0736751a82fd3549e75ef5d231dd87
c97d14fec5d6701af7d0ca981b55ff1285d9f3803ede75efc91103160a94369a
d9c39ec364b4597a9864e16b325576de84a7583c562f752bcbb0d005c3024262
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de582cfb24abc386588339ff11e6ce59ca72a957aeaf763a1abd35c1cd06ffae
e090c6cb4619f71ea54ad66bc82d844906b8ad21539e10b9dcbef0e48a91cbe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
eec870309d38ed70c8d2ae32ee0ef7971a826b713eacba8664910cc9e7f65840
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bf333796f692318dd70e062d1efe63338e020114d1ee5847055bc82f501f44
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f60ccf2927a761cbc52ffe03b83656c1d4469b0ee2cee0a3b5c3da23ea1cf34e
f6af5c9a4a166a4404841ee1bbe04e74237accfd121a949ff613c39595a81ed0
fa3dea24c33bf0ba29e735bc32c19ef17df19469894f4be9d335648deee60dd7
ff114468cbd016564880f20ac65c57cf97eeea5e2465046e702821e8090ede13
ff7bae239c20bd808e19dc083368d46509e3a0786da85008e09f0dc4004f4442