Submitted URL: http://sharebutton.co/
Effective URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Submission: On May 05 via manual from QA

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 43 HTTP transactions. The main IP is 195.201.246.85, located in Russian Federation and belongs to HETZNER-AS, DE. The main domain is 1biene.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 5th 2019. Valid for: 3 months.
This is the only time 1biene.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.182.250 133618 (TRELLIAN-...)
1 6 199.59.242.151 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 35.175.21.193 14618 (AMAZON-AES)
1 54.236.74.179 14618 (AMAZON-AES)
1 1 52.59.161.204 16509 (AMAZON-02)
1 67.228.247.10 36351 (SOFTLAYER)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2 18.195.149.11 16509 (AMAZON-02)
1 22 195.201.246.85 24940 (HETZNER-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
43 11
Domain Requested by
21 1biene.com 1 redirects delivery.bb2022.info
1biene.com
6 ww25.sharebutton.co 1 redirects ww25.sharebutton.co
5 fonts.gstatic.com 1biene.com
2 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com 1biene.com
cdn.onesignal.com
2 xdom.net 2 redirects
2 delivery.bb2022.info 1 redirects
2 www.google-analytics.com
1 uchat.de 1biene.com
1 trkur3.com usd.dauid-iep.com
1 slemories-intsures.com 1 redirects
1 usd.dauid-iep.com usd.odysseus-nua.com
1 usd.odysseus-nua.com ww25.sharebutton.co
1 fonts.googleapis.com ww25.sharebutton.co
1 www.google.com ww25.sharebutton.co
1 sharebutton.co 1 redirects
43 16

This site contains links to these domains. Also see Links.

Domain
www.safesurf.com
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
1biene.com
Let's Encrypt Authority X3
2019-04-05 -
2019-07-04
3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-01-22 -
2019-07-31
6 months crt.sh
uchat.de
Let's Encrypt Authority X3
2019-04-05 -
2019-07-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Frame ID: 2A8FC5EE72691467EEDA640E13C0F95B
Requests: 42 HTTP requests in this frame

Frame: https://onesignal.com/webPushAnalytics
Frame ID: 17D9239F822DA4DC5637F44B7D60B41B
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://sharebutton.co/ HTTP 302
    http://ww25.sharebutton.co/ Page URL
  2. http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.odysseus-nua.com%2Fzcvisitor%2Fbdaedd4b-6f3e-11e9-a5d9... HTTP 302
    http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9... Page URL
  3. http://usd.dauid-iep.com/zcredirect?visitid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&type=js&browserWidth... Page URL
  4. http://slemories-intsures.com/zp-redirect?target=http%3A%2F%2Ftrkur3.com%2F248532%2F42982%3Fs1%3DwJ1JHLE7G... HTTP 302
    http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES Page URL
  5. https://delivery.bb2022.info/39902?subaffiliate_id=248532&session_id=2595584228 HTTP 302
    http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublis... Page URL
  6. https://xdom.net/bd09de14-1570-4f9a-afa9-a423e659c74a?publisher_id=212&clickID=px1557065088c8... HTTP 302
    https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

43
Requests

77 %
HTTPS

47 %
IPv6

14
Domains

16
Subdomains

11
IPs

5
Countries

1256 kB
Transfer

1795 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sharebutton.co/ HTTP 302
    http://ww25.sharebutton.co/ Page URL
  2. http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.odysseus-nua.com%2Fzcvisitor%2Fbdaedd4b-6f3e-11e9-a5d9-1289ce7a98da%3Fcampaignid%3Dbd110da0-684e-11e9-aea2-0a157bfa6bfc&notadsafe HTTP 302
    http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc Page URL
  3. http://usd.dauid-iep.com/zcredirect?visitid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. http://slemories-intsures.com/zp-redirect?target=http%3A%2F%2Ftrkur3.com%2F248532%2F42982%3Fs1%3DwJ1JHLE7GPULGM8M14QKPSES&caid=dd86e54a-ac82-48e0-ab57-a9d13cf70d53&zpid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&cid=wJ1JHLE7GPULGM8M14QKPSES&rt=R HTTP 302
    http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES Page URL
  5. https://delivery.bb2022.info/39902?subaffiliate_id=248532&session_id=2595584228 HTTP 302
    http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1 Page URL
  6. https://xdom.net/bd09de14-1570-4f9a-afa9-a423e659c74a?publisher_id=212&clickID=px1557065088c884d5cceed80d5f53823277858&LP=27 HTTP 302
    https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sharebutton.co/ HTTP 302
  • http://ww25.sharebutton.co/
Request Chain 7
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 8
  • http://www.google-analytics.com/r/collect?v=1&_v=j73&a=1811551020&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1902193852&gjid=1561584782&cid=860026702.1557065087&tid=UA-89467400-1&_gid=1325220576.1557065087&_r=1&z=530085284 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1811551020&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1902193852&gjid=1561584782&cid=860026702.1557065087&tid=UA-89467400-1&_gid=1325220576.1557065087&_r=1&z=530085284
Request Chain 11
  • http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.odysseus-nua.com%2Fzcvisitor%2Fbdaedd4b-6f3e-11e9-a5d9-1289ce7a98da%3Fcampaignid%3Dbd110da0-684e-11e9-aea2-0a157bfa6bfc&notadsafe HTTP 302
  • http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc
Request Chain 13
  • http://slemories-intsures.com/zp-redirect?target=http%3A%2F%2Ftrkur3.com%2F248532%2F42982%3Fs1%3DwJ1JHLE7GPULGM8M14QKPSES&caid=dd86e54a-ac82-48e0-ab57-a9d13cf70d53&zpid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&cid=wJ1JHLE7GPULGM8M14QKPSES&rt=R HTTP 302
  • http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES
Request Chain 14
  • https://delivery.bb2022.info/39902?subaffiliate_id=248532&session_id=2595584228 HTTP 302
  • http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1
Request Chain 39
  • https://1biene.com/bb/go4/dateien/bg08.jpg HTTP 302
  • https://xdom.net/6b0034ed-8c45-49c0-b6be-ee59cd2a013c?publisher_id=53&prof=bb/go4/dateien/bg08.jpg&domain=1biene.com HTTP 302
  • https://uchat.de/li3/?cid=wRC5U6787U5REM8M14Q53CV2&domain=1biene.com&prof=bb%2Fgo4%2Fdateien%2Fbg08.jpg&publisher_id=53

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ww25.sharebutton.co/
Redirect Chain
  • http://sharebutton.co/
  • http://ww25.sharebutton.co/
4 KB
4 KB
Document
General
Full URL
http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
c33a15662931819c573f4c4f164ef3281d0cec57175d259c6f3bf88779c1050d

Request headers

Host
ww25.sharebutton.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
openresty
Date
Sun, 05 May 2019 14:04:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_pJKsZ/ueqxcBgT4lCD2B7PPl7/A9afmXGUB/Qr/rJ6VFDOY0ddRT6uJW4ovyxZu0PwPdNF/FJsBU74TjoBQagA==

Redirect headers

Date
Sun, 05 May 2019 14:04:46 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
__tad=1557065086.1069788; expires=Wed, 02-May-2029 14:04:46 GMT; Max-Age=315360000
Location
http://ww25.sharebutton.co/
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
caf.js
www.google.com/adsense/domains/
158 KB
56 KB
Script
General
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
986699d16a0b29e0730ddc76fe58117a79d0be0d1deb11fe94c952a36421b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"9756137857925589091"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Sun, 05 May 2019 14:04:46 GMT
px.gif
ww25.sharebutton.co/
42 B
275 B
Image
General
Full URL
http://ww25.sharebutton.co/px.gif?ch=1&rn=8.816921365586191
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:46 GMT
Last-Modified
Tue, 30 Apr 2019 11:48:28 GMT
Server
openresty
ETag
"5cc8360c-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
ww25.sharebutton.co/
42 B
275 B
Image
General
Full URL
http://ww25.sharebutton.co/px.gif?ch=2&rn=8.816921365586191
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:46 GMT
Last-Modified
Tue, 30 Apr 2019 11:48:28 GMT
Server
openresty
ETag
"5cc8360c-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
ww25.sharebutton.co/
8 KB
9 KB
Script
General
Full URL
http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
392e6161ab305e7c8aef5d62c3ad4ba5f1645c78f13449731aa9b15164fc6521

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 May 2019 14:04:46 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/
5 KB
689 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
88848d68fac5206dbbc23232c03bdd42c4978a0acfd5f10e1c72ce3ef2c5a28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 05 May 2019 14:04:47 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 05 May 2019 14:04:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 05 May 2019 14:04:47 GMT
gzb
ww25.sharebutton.co/
199 B
516 B
XHR
General
Full URL
http://ww25.sharebutton.co/gzb
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
http://ww25.sharebutton.co/
Origin
http://ww25.sharebutton.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 05 May 2019 14:04:47 GMT
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
199
Expires
Mon, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
1938
date
Sun, 05 May 2019 13:32:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Sun, 05 May 2019 15:32:29 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j73&a=1811551020&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0...
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1811551020&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=...
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1811551020&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1902193852&gjid=1561584782&cid=860026702.1557065087&tid=UA-89467400-1&_gid=1325220576.1557065087&_r=1&z=530085284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ww25.sharebutton.co/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 May 2019 14:04:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1811551020&t=pageview&_s=1&dl=http%3A%2F%2Fww25.sharebutton.co%2F&ul=en-us&de=UTF-8&dt=Sharebutton.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1902193852&gjid=1561584782&cid=860026702.1557065087&tid=UA-89467400-1&_gid=1325220576.1557065087&_r=1&z=530085284
Non-Authoritative-Reason
HSTS
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww25.sharebutton.co

Response headers

date
Mon, 25 Mar 2019 20:20:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:28 GMT
server
sffe
age
3519872
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:15 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww25.sharebutton.co

Response headers

date
Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:29 GMT
server
sffe
age
3519914
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:33 GMT
bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da
usd.odysseus-nua.com/zcvisitor/
Redirect Chain
  • http://ww25.sharebutton.co/rz?u=http%3A%2F%2Fusd.odysseus-nua.com%2Fzcvisitor%2Fbdaedd4b-6f3e-11e9-a5d9-1289ce7a98da%3Fcampaignid%3Dbd110da0-684e-11e9-aea2-0a157bfa6bfc&notadsafe
  • http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc
1004 B
2 KB
Document
General
Full URL
http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc
Requested by
Host: ww25.sharebutton.co
URL: http://ww25.sharebutton.co/glp?r=&u=http%3A%2F%2Fww25.sharebutton.co%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
35.175.21.193 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-175-21-193.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
973f2101155a662b8f9efbb9af28aeb7e1d8e7183dac08ff7ae246a2e6ac3406
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.odysseus-nua.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ww25.sharebutton.co/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ww25.sharebutton.co/

Response headers

Date
Sun, 05 May 2019 14:04:47 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Server
openresty
Date
Sun, 05 May 2019 14:04:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc
zcredirect
usd.dauid-iep.com/
660 B
1 KB
Document
General
Full URL
http://usd.dauid-iep.com/zcredirect?visitid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usd.odysseus-nua.com
URL: http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc
Protocol
HTTP/1.1
Server
54.236.74.179 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-74-179.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
e94d3d80ea6feefaa3717dffe225d5f2d4aaa6be3f4959b10e8f9697a201b4ea
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.dauid-iep.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://usd.odysseus-nua.com/zcvisitor/bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da?campaignid=bd110da0-684e-11e9-aea2-0a157bfa6bfc

Response headers

Date
Sun, 05 May 2019 14:04:48 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
42982
trkur3.com/248532/
Redirect Chain
  • http://slemories-intsures.com/zp-redirect?target=http%3A%2F%2Ftrkur3.com%2F248532%2F42982%3Fs1%3DwJ1JHLE7GPULGM8M14QKPSES&caid=dd86e54a-ac82-48e0-ab57-a9d13cf70d53&zpid=bdaedd4b-6f3e-11e9-a5d9-1289...
  • http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES
602 B
637 B
Document
General
Full URL
http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES
Requested by
Host: usd.dauid-iep.com
URL: http://usd.dauid-iep.com/zcredirect?visitid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
HTTP/1.1
Server
67.228.247.10 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
a.f7.e443.ip4.static.sl-reverse.com
Software
LiteSpeed / PHP/5.3.27
Resource Hash

Request headers

Host
trkur3.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://usd.dauid-iep.com/zcredirect?visitid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://usd.dauid-iep.com/zcredirect?visitid=bdaedd4b-6f3e-11e9-a5d9-1289ce7a98da&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

X-Powered-By
PHP/5.3.27
Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Length
344
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Sun, 05 May 2019 14:04:48 GMT
Accept-Ranges
bytes
Server
LiteSpeed
Connection
close

Redirect headers

Server
nginx
Date
Sun, 05 May 2019 14:04:48 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES
Pragma
no-cache
Set-Cookie
dd86e54a-ac82-48e0-ab57-a9d13cf70d53-v4=dd86e54a-ac82-48e0-ab57-a9d13cf70d53;domain=slemories-intsures.com;path=/;HttpOnly cc-v4=wwi7PoO6rZ1IfeLv1RjEk9YBDG2QcDLqt1HAWHycxaM9MToAmkd8opKPFJYzHhXZDGD7oPvrsCTLIV%2BzTcjAfxd8fOCO%2Fm6P%2FEkD52yAN4mirpbwSyFIb3Os8MNgIQnjmltPnDfKlxcHKIRqoa2AdA%3D%3D;Max-Age=31536000;Expires=Mon, 04-May-2020 14:04:48 GMT;domain=slemories-intsures.com;path=/;HttpOnly
Cookie set r
delivery.bb2022.info/
Redirect Chain
  • https://delivery.bb2022.info/39902?subaffiliate_id=248532&session_id=2595584228
  • http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%...
901 B
1 KB
Document
General
Full URL
http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1
Protocol
HTTP/1.1
Server
2606:4700:30::681f:53f1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HHVM/3.18.1
Resource Hash
5ec26ec183f831b50901866b59e8b5d37edc6a7e49844d2c33698ea13337e455

Request headers

Host
delivery.bb2022.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d585f8a04b1abee5a099945b9ae3ca4231557065088; 51D_Bandwidth=1557065088.8574; ubbc=eyJpdiI6InNvd3hoN1lLS29lVVQ2YnNTT3podnc9PSIsInZhbHVlIjoibDhlTnV3VjQ0RFcxOVcwV3laNHJQQT09IiwibWFjIjoiZDAwMGE3YWZiM2VjMjBmMjBkOTM1YmNjNTQyYWFlNDdlOTQ2OWM1ZTU4OTMwOWM0YjhlMzFiZTM4Y2UxMGJkOSJ9; bbuc=eyJpdiI6IlI2ZE1cL0pTZCtJWmF6UjFFNVwvYmJhdz09IiwidmFsdWUiOiJhclRFTE1CVDh2KzA4R0VyT1VZOW0wRjNiUzAzRXB1RmRVMzFmdVNNUUQwPSIsIm1hYyI6ImJjN2VhZWViNmI1MmIxNzE0NGE0YjU1MGE4YWRhNzkyZWZlMmI0NjI3MDMzMzM4OTg2YTEzMmNhNDY3Mjk3YTYifQ%3D%3D; bbrc=eyJpdiI6IjJ3RGl5XC9VZ3N1NUdjNnpBWVlxR1d3PT0iLCJ2YWx1ZSI6IkVIT1BsT0g0UjFHTFwvN3Q3NzlFSGpRPT0iLCJtYWMiOiI1ZjBlNDYxOGM1M2NkMjFlZmZkMDE4ZDBjY2UzODIyMjI2YjY2ZTZhY2RlMWFkYzY3N2M0YzYxOWY4YTQ5NDgyIn0%3D; laravel_session=eyJpdiI6ImxoeEVoeVJpQVhFRVFCZHBnbk1zTnc9PSIsInZhbHVlIjoiZGNoXC84UFdcL0QrN2xTUDBtRjQ4bHVMOGYxcjkyaEgyMDhTc2pZeVJFa2J5V1JoSFF5Slwvc0YyRGVPZCs0cFVOZCtcL0lybDBhQzU5TSs0SXJvMFg2VHVRPT0iLCJtYWMiOiJjMjk0YzljYzNlNTAxODliMTc2OTAxM2Y5YTZhNDI0NzQ0OTMyMmU0MmJkZDI3ZjEwN2U4ODZlNWI1NGM4YmY0In0%3D; AWSELB=719F039D141C26837B606B310FD54CCAC87D48F42266967B9D289F7A23D08915D3660474C927CE79732B24BBF61389CADF414DCEDFB82544D8F1B76409F9ACDD2BA28CB45E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://trkur3.com/248532/42982?s1=wJ1JHLE7GPULGM8M14QKPSES

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
laravel_session=eyJpdiI6ImVFWEZISFRiM0V5aWgyMWxUUmhhZmc9PSIsInZhbHVlIjoiY0JPSDBhWGxzUUxDeWVuTUtEQWUyYm4yYW9SSFdVaTVGQjVkb2dYa2l2Z2FIM2dvS1FMcXdcL3NSaStTNStyazN4SEJkeVBKVUpBeERCdXM0aWU2NllBPT0iLCJtYWMiOiI4OTUxODczZTc5MzBlODBmOTlhZTU3NTg1ODgwNmU4ZTQxYWNhM2Y2NTAzMDE1Y2ZjNTYwYWU2MDI3MjZhYjA2In0%3D; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
HHVM/3.18.1
Server
cloudflare
CF-RAY
4d234405e9f9c2f9-FRA
Content-Encoding
gzip

Redirect headers

status
302
date
Sun, 05 May 2019 14:04:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d585f8a04b1abee5a099945b9ae3ca4231557065088; expires=Mon, 04-May-20 14:04:48 GMT; path=/; domain=.bb2022.info; HttpOnly 51D_Bandwidth=1557065088.8574 ubbc=eyJpdiI6InNvd3hoN1lLS29lVVQ2YnNTT3podnc9PSIsInZhbHVlIjoibDhlTnV3VjQ0RFcxOVcwV3laNHJQQT09IiwibWFjIjoiZDAwMGE3YWZiM2VjMjBmMjBkOTM1YmNjNTQyYWFlNDdlOTQ2OWM1ZTU4OTMwOWM0YjhlMzFiZTM4Y2UxMGJkOSJ9; expires=Mon, 06-May-2019 14:04:48 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6IlI2ZE1cL0pTZCtJWmF6UjFFNVwvYmJhdz09IiwidmFsdWUiOiJhclRFTE1CVDh2KzA4R0VyT1VZOW0wRjNiUzAzRXB1RmRVMzFmdVNNUUQwPSIsIm1hYyI6ImJjN2VhZWViNmI1MmIxNzE0NGE0YjU1MGE4YWRhNzkyZWZlMmI0NjI3MDMzMzM4OTg2YTEzMmNhNDY3Mjk3YTYifQ%3D%3D; expires=Mon, 06-May-2019 14:04:48 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6IjJ3RGl5XC9VZ3N1NUdjNnpBWVlxR1d3PT0iLCJ2YWx1ZSI6IkVIT1BsT0g0UjFHTFwvN3Q3NzlFSGpRPT0iLCJtYWMiOiI1ZjBlNDYxOGM1M2NkMjFlZmZkMDE4ZDBjY2UzODIyMjI2YjY2ZTZhY2RlMWFkYzY3N2M0YzYxOWY4YTQ5NDgyIn0%3D; expires=Sun, 05-May-2019 21:04:48 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6ImxoeEVoeVJpQVhFRVFCZHBnbk1zTnc9PSIsInZhbHVlIjoiZGNoXC84UFdcL0QrN2xTUDBtRjQ4bHVMOGYxcjkyaEgyMDhTc2pZeVJFa2J5V1JoSFF5Slwvc0YyRGVPZCs0cFVOZCtcL0lybDBhQzU5TSs0SXJvMFg2VHVRPT0iLCJtYWMiOiJjMjk0YzljYzNlNTAxODliMTc2OTAxM2Y5YTZhNDI0NzQ0OTMyMmU0MmJkZDI3ZjEwN2U4ODZlNWI1NGM4YmY0In0%3D; path=/; httponly AWSELB=719F039D141C26837B606B310FD54CCAC87D48F42266967B9D289F7A23D08915D3660474C927CE79732B24BBF61389CADF414DCEDFB82544D8F1B76409F9ACDD2BA28CB45E;PATH=/;MAX-AGE=60
cache-control
no-cache no-cache="set-cookie"
location
http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1
vary
Accept-Encoding
x-powered-by
HHVM/3.18.1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d234404ae1097b4-FRA
Primary Request /
1biene.com/bb/go4/
Redirect Chain
  • https://xdom.net/bd09de14-1570-4f9a-afa9-a423e659c74a?publisher_id=212&clickID=px1557065088c884d5cceed80d5f53823277858&LP=27
  • https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
20 KB
6 KB
Document
General
Full URL
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Requested by
Host: delivery.bb2022.info
URL: http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
e717da1ab3e859684c754ff3d80de634c184547548b24a8a356601b7082bb9ea
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Host
1biene.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://delivery.bb2022.info/r?url=https%3A%2F%2Fxdom.net%2Fbd09de14-1570-4f9a-afa9-a423e659c74a%3Fpublisher_id%3D212%26clickID%3Dpx1557065088c884d5cceed80d5f53823277858%26LP%3D27&redirect_back=%2F%2Fdelivery.bb2022.info%2F39902%2F%3Fsubaffiliate_id%3D248532%26session_id%3D2595584228%26tt%3D1

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=0
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6139
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
nginx
Date
Sun, 05 May 2019 14:04:49 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Pragma
no-cache
Set-Cookie
bd09de14-1570-4f9a-afa9-a423e659c74a-v4=bd09de14-1570-4f9a-afa9-a423e659c74a;domain=xdom.net;path=/;HttpOnly cc-v4=765cTmAHuwhUD246JlceNHpt%2BR3oV8WSZ8XeHmgISoex2ANg18uAYtaJyiDEgr5n6BBwL1DeetkvxKqDQF9vKoNPqgXnJF1tkuh3Dd7OfhBvSyCK0TYOqSz7bAkyexI3wzvMJVTU7OjWjSUQx8MWRw%3D%3D;Max-Age=31536000;Expires=Mon, 04-May-2020 14:04:49 GMT;domain=xdom.net;path=/;HttpOnly
style_003.css
1biene.com/bb/go4/dateien/
9 KB
2 KB
Stylesheet
General
Full URL
https://1biene.com/bb/go4/dateien/style_003.css
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
0a018fa202b49bf0bb997f6cb536d4e4eb6d80a9c3d9cc9a2ae4b7d99dfedd48
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 12:03:31 GMT
Server
Apache/2.4.25 (Debian)
ETag
"2252-574a5dd132ac0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1852
step.css
1biene.com/bb/go4/dateien/
3 KB
1 KB
Stylesheet
General
Full URL
https://1biene.com/bb/go4/dateien/step.css
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
77ad0c4a2f0cda54cda6ed088bda93e7d9540c36e7190dc325894627637cf60d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 12:03:51 GMT
Server
Apache/2.4.25 (Debian)
ETag
"a84-574a5de4457c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
971
css_002.css
1biene.com/bb/go4/dateien/
6 KB
1 KB
Stylesheet
General
Full URL
https://1biene.com/bb/go4/dateien/css_002.css
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
f45b533d99b19ac258e3805d1ff9eaa0a7c72e3915b0fd22988b94ff5ef4a276
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1802-56037e29d9840-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1022
thumbs-deps.js
1biene.com/bb/go4/dateien/
92 KB
33 KB
Script
General
Full URL
https://1biene.com/bb/go4/dateien/thumbs-deps.js
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"16eac-56037e29d9840-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
33140
jquery-2.js
1biene.com/bb/go4/dateien/
84 KB
29 KB
Script
General
Full URL
https://1biene.com/bb/go4/dateien/jquery-2.js
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"14e4a-56037e29d9840-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
29822
reset.css
1biene.com/bb/go4/dateien/
6 KB
2 KB
Stylesheet
General
Full URL
https://1biene.com/bb/go4/dateien/reset.css
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
19745951ba2ef409b50d260873577f0994948af33503caf0cb36dd891d197329
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1833-56037e29d9840-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1531
OneSignalSDK.js
cdn.onesignal.com/sdks/
17 KB
6 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 14:04:49 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"a5067802576549b3e0627521f03ee508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
4d23440809ffc2f9-FRA
expires
Mon, 06 May 2019 02:04:49 GMT
steps.js
1biene.com/
145 KB
48 KB
Script
General
Full URL
https://1biene.com/steps.js
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
20588c731ea4db0854919d76229738f8918f42c1ea28bfe77b38dff600508181
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Aug 2018 15:29:31 GMT
Server
Apache/2.4.25 (Debian)
ETag
"2430a-574949ff26cc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
48471
loading.gif
1biene.com/bb/go4/dateien/
2 KB
2 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/loading.gif
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
d406b7570cd85680923d9356a53c6d14179f842cc433d3123a5e217a4a01a24e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"67a-56037e29d9840"
Strict-Transport-Security
max-age=0
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1658
info-sign.png
1biene.com/bb/go4/dateien/
480 B
794 B
Image
General
Full URL
https://1biene.com/bb/go4/dateien/info-sign.png
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
2ff9996e95f867f4470d13ba962ce4b69dfd889ae7a567a282fbf7efbf75098c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1e0-56037e29d9840"
Strict-Transport-Security
max-age=0
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
480
safeadlt.gif
1biene.com/bb/go4/dateien/
1 KB
1 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/safeadlt.gif
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
e57bdcceda37337a83498c18210cff60fdaf3f23b809c1a6ad52e2cfcd6d3316
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"49e-56037e29d9840"
Strict-Transport-Security
max-age=0
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1182
jquery.js
1biene.com/bb/go4/dateien/
1 KB
1 KB
Script
General
Full URL
https://1biene.com/bb/go4/dateien/jquery.js
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
2b84b8afa65c22a729e86ad914cfdeae311256b86d12be99c12cd610d14e65a1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2017 12:27:05 GMT
Server
Apache/2.4.25 (Debian)
ETag
"549-56037e29d9840-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=0
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
708
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
212 KB
52 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 14:04:49 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
etag
W/"c855e8eb5fbdafddfa15bc848b662c44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
4d234408ce14c2f9-FRA
expires
Wed, 08 May 2019 14:04:49 GMT
sprite.png
1biene.com/bb/go4/dateien/
6 KB
7 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/sprite.png
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
af0fca656c6f4f7bfe20036687609f23bf289c1aaa7f454aa777a4667cb451eb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:30:00 GMT
Server
Apache/2.4.25 (Debian)
ETag
"19d5-56037ed0be200"
Strict-Transport-Security
max-age=0
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
6613
bg01.jpg
1biene.com/bb/go4/dateien/
71 KB
72 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg01.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
ab74c3b62cdd1358bfa56ecfd503883f57befed9681a68c98464be742cadf242
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:28:02 GMT
Server
Apache/2.4.25 (Debian)
ETag
"11dcd-56037e6035880"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
73165
bg02.jpg
1biene.com/bb/go4/dateien/
181 KB
181 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg02.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
c3039d7531e6d986f8aad59a670f3e6169abe426d50a64f1c13e8fc506dac107
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:28:11 GMT
Server
Apache/2.4.25 (Debian)
ETag
"2d44c-56037e68cacc0"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
185420
bg03.jpg
1biene.com/bb/go4/dateien/
98 KB
99 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg03.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
5389af7f60430cb664932e26dc2a2c865bf97289f48237f4756ad65cf92230ed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:28:20 GMT
Server
Apache/2.4.25 (Debian)
ETag
"188c8-56037e7160100"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
100552
bg04.jpg
1biene.com/bb/go4/dateien/
110 KB
110 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg04.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
073310f007ffa68710708209dad43517659ff9bce1d239b37f9cbbe67ed2962f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:28:31 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1b642-56037e7bdd9c0"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
112194
bg05.jpg
1biene.com/bb/go4/dateien/
79 KB
79 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg05.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
02129573bed815a29137240976fe784699b7ea8690fbc116f12e1be7519e0003
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:28:44 GMT
Server
Apache/2.4.25 (Debian)
ETag
"13a44-56037e8843700"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
80452
bg06.jpg
1biene.com/bb/go4/dateien/
195 KB
196 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg06.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
724d490bae5c543caa225440bfd57c358f04b9b0e5ffbb97766d3d24df983f29
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:28:57 GMT
Server
Apache/2.4.25 (Debian)
ETag
"30d6c-56037e94a9440"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
200044
bg07.jpg
1biene.com/bb/go4/dateien/
134 KB
134 KB
Image
General
Full URL
https://1biene.com/bb/go4/dateien/bg07.jpg
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
d2572397d1b1c72f48f3394740b18fd99e677fc84e89e7faae73b6938031bc1a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Last-Modified
Wed, 13 Dec 2017 12:29:10 GMT
Server
Apache/2.4.25 (Debian)
ETag
"2189a-56037ea10f180"
Strict-Transport-Security
max-age=0
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
137370
CWB0XYA8bzo0kSThX0UTuA.woff2
fonts.gstatic.com/s/roboto/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/CWB0XYA8bzo0kSThX0UTuA.woff2
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1biene.com/bb/go4/dateien/css_002.css
Origin
https://1biene.com

Response headers

date
Sat, 09 Mar 2019 01:50:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:56 GMT
server
sffe
age
4968870
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15344
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 01:50:19 GMT
M9jLCKQXJLpx_E5bTHjE-I4P5ICox8Kq3LLUNMylGO4.woff2
fonts.gstatic.com/s/balootamma/v3/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/balootamma/v3/M9jLCKQXJLpx_E5bTHjE-I4P5ICox8Kq3LLUNMylGO4.woff2
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c41f7e355b9ffaf009a0a8ef5abee8bf5285771c54e39cd1e8461f000aa7e428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1biene.com/bb/go4/dateien/css_002.css
Origin
https://1biene.com

Response headers

date
Sat, 09 Mar 2019 00:08:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 18:28:57 GMT
server
sffe
age
4974975
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
25196
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 00:08:34 GMT
d-6IYplOFocCacKzxwXSOFtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/roboto/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/d-6IYplOFocCacKzxwXSOFtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1biene.com/bb/go4/dateien/css_002.css
Origin
https://1biene.com

Response headers

date
Sat, 09 Mar 2019 04:59:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:12 GMT
server
sffe
age
4957495
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15436
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 04:59:54 GMT
/
uchat.de/li3/
Redirect Chain
  • https://1biene.com/bb/go4/dateien/bg08.jpg
  • https://xdom.net/6b0034ed-8c45-49c0-b6be-ee59cd2a013c?publisher_id=53&prof=bb/go4/dateien/bg08.jpg&domain=1biene.com
  • https://uchat.de/li3/?cid=wRC5U6787U5REM8M14Q53CV2&domain=1biene.com&prof=bb%2Fgo4%2Fdateien%2Fbg08.jpg&publisher_id=53
26 KB
26 KB
Image
General
Full URL
https://uchat.de/li3/?cid=wRC5U6787U5REM8M14Q53CV2&domain=1biene.com&prof=bb%2Fgo4%2Fdateien%2Fbg08.jpg&publisher_id=53
Requested by
Host: 1biene.com
URL: https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.246.85 , Russian Federation, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85.246.201.195.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://1biene.com/bb/go4/dateien/style_003.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 14:04:49 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Strict-Transport-Security
max-age=0
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
7576

Redirect headers

Pragma
no-cache
Date
Sun, 05 May 2019 14:04:49 GMT
Server
nginx
Location
https://uchat.de/li3/?cid=wRC5U6787U5REM8M14Q53CV2&domain=1biene.com&prof=bb%2Fgo4%2Fdateien%2Fbg08.jpg&publisher_id=53
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
web
onesignal.com/api/v1/sync/c000122e-d26d-4bfa-bdf4-fd9d8a437577/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/c000122e-d26d-4bfa-bdf4-fd9d8a437577/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.2
Resource Hash
640f0f21810b35dc3d636b9d9af1bd06b9dda51587b85a4057e4e0df1cee7476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 14:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Phusion Passenger 5.3.2
status
200, 200 OK
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
ccaea24e-5c2e-496b-bde6-9a10fdefdaa0
x-runtime
0.091412
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=3232
cf-ray
4d23440978f4c2f9-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 05 May 2019 14:09:49 GMT
webPushAnalytics
onesignal.com/ Frame 17D9
0
0
Document
General
Full URL
https://onesignal.com/webPushAnalytics
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onesignal.com
:scheme
https
:path
/webPushAnalytics
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27
accept-encoding
gzip, deflate, br
cookie
__cfduid=dd4b824a9139af4da1c037b9abf5e76181557065089
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1biene.com/bb/go4/?cid=wEG2EHMMR4NKRM8M19P3TJKC&publisher_id=212&LP=27

Response headers

status
200
date
Sun, 05 May 2019 14:04:51 GMT
content-type
text/html
last-modified
Tue, 30 Apr 2019 22:47:05 GMT
cf-cache-status
HIT
expires
Sun, 05 May 2019 15:04:51 GMT
cache-control
public, max-age=3600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4d2344170f3bc2f9-FRA
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| OneSignal function| updateNumberOfDays function| daysInMonth object| form function| goTo object| monthNames object| date string| month string| year number| days number| __oneSignalSdkLoadCount function| __jp0

1 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cfduid
Value: dd4b824a9139af4da1c037b9abf5e76181557065089

1 Console Messages

Source Level URL
Text
console-api error URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703(Line 1)
Message:
TypeError: Cannot read property 'permission' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1biene.com
cdn.onesignal.com
delivery.bb2022.info
fonts.googleapis.com
fonts.gstatic.com
onesignal.com
sharebutton.co
slemories-intsures.com
trkur3.com
uchat.de
usd.dauid-iep.com
usd.odysseus-nua.com
ww25.sharebutton.co
www.google-analytics.com
www.google.com
xdom.net
103.224.182.250
18.195.149.11
195.201.246.85
199.59.242.151
2606:4700:30::681f:52f1
2606:4700:30::681f:53f1
2606:4700::6810:cda5
2a00:1450:4001:815::2003
2a00:1450:4001:817::2004
2a00:1450:4001:818::200a
2a00:1450:4001:820::200e
35.175.21.193
52.59.161.204
54.236.74.179
67.228.247.10
02129573bed815a29137240976fe784699b7ea8690fbc116f12e1be7519e0003
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
073310f007ffa68710708209dad43517659ff9bce1d239b37f9cbbe67ed2962f
0a018fa202b49bf0bb997f6cb536d4e4eb6d80a9c3d9cc9a2ae4b7d99dfedd48
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b
19745951ba2ef409b50d260873577f0994948af33503caf0cb36dd891d197329
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
20588c731ea4db0854919d76229738f8918f42c1ea28bfe77b38dff600508181
2b84b8afa65c22a729e86ad914cfdeae311256b86d12be99c12cd610d14e65a1
2ff9996e95f867f4470d13ba962ce4b69dfd889ae7a567a282fbf7efbf75098c
392e6161ab305e7c8aef5d62c3ad4ba5f1645c78f13449731aa9b15164fc6521
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
5389af7f60430cb664932e26dc2a2c865bf97289f48237f4756ad65cf92230ed
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5ec26ec183f831b50901866b59e8b5d37edc6a7e49844d2c33698ea13337e455
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50
640f0f21810b35dc3d636b9d9af1bd06b9dda51587b85a4057e4e0df1cee7476
724d490bae5c543caa225440bfd57c358f04b9b0e5ffbb97766d3d24df983f29
77ad0c4a2f0cda54cda6ed088bda93e7d9540c36e7190dc325894627637cf60d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88848d68fac5206dbbc23232c03bdd42c4978a0acfd5f10e1c72ce3ef2c5a28a
973f2101155a662b8f9efbb9af28aeb7e1d8e7183dac08ff7ae246a2e6ac3406
986699d16a0b29e0730ddc76fe58117a79d0be0d1deb11fe94c952a36421b25b
ab74c3b62cdd1358bfa56ecfd503883f57befed9681a68c98464be742cadf242
af0fca656c6f4f7bfe20036687609f23bf289c1aaa7f454aa777a4667cb451eb
c3039d7531e6d986f8aad59a670f3e6169abe426d50a64f1c13e8fc506dac107
c33a15662931819c573f4c4f164ef3281d0cec57175d259c6f3bf88779c1050d
c41f7e355b9ffaf009a0a8ef5abee8bf5285771c54e39cd1e8461f000aa7e428
d2572397d1b1c72f48f3394740b18fd99e677fc84e89e7faae73b6938031bc1a
d406b7570cd85680923d9356a53c6d14179f842cc433d3123a5e217a4a01a24e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57bdcceda37337a83498c18210cff60fdaf3f23b809c1a6ad52e2cfcd6d3316
e717da1ab3e859684c754ff3d80de634c184547548b24a8a356601b7082bb9ea
e94d3d80ea6feefaa3717dffe225d5f2d4aaa6be3f4959b10e8f9697a201b4ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45b533d99b19ac258e3805d1ff9eaa0a7c72e3915b0fd22988b94ff5ef4a276