peanuts.pro Open in urlscan Pro
104.21.52.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://actrkn.com/trk/25/40392?cls=8a20270c-91d8-4494-a28c-d9fc4c6e3fc6
Effective URL:
https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Submission: On September 08 via manual (September 8th 2022, 10:21:32 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 6 countries across 8 domains to perform 22 HTTP transactions. The main IP is 104.21.52.185, located in and belongs to CLOUDFLARENET, US. The main domain is peanuts.pro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2022. Valid for: a year.

This is the only time peanuts.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:2bcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.91.234.242 34.91.234.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
16	104.21.52.185 104.21.52.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
22	6

1 2606:4700:3036::6815:2bcc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

actrkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com

mr.macgsapptrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

trenhsasolc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.21.52.185 (None, )

ASN13335 (CLOUDFLARENET, US)

peanuts.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	peanuts.pro peanuts.pro	786 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1 KB
1	trenhsasolc.com 1 redirects trenhsasolc.com — Cisco Umbrella Rank: 173790	735 B
1	macgsapptrck.com mr.macgsapptrck.com — Cisco Umbrella Rank: 704979	448 B
1	actrkn.com 1 redirects actrkn.com	721 B
22	8

	Domain	Requested by
16	peanuts.pro	peanuts.pro
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	peanuts.pro
1	fonts.googleapis.com	peanuts.pro
1	trenhsasolc.com	1 redirects
1	mr.macgsapptrck.com
1	actrkn.com	1 redirects
22	8

This site contains links to these domains. Also see Links.

Domain
chrome.google.com

Subject Issuer	Validity	Valid
*.macgsapptrck.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-21` - `2023-04-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Frame ID: B9A749B2E202C949777F2AE1649C20EB
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Peanuts.pro

Page URL History Show full URLs

https://actrkn.com/trk/25/40392?cls=8a20270c-91d8-4494-a28c-d9fc4c6e3fc6 HTTP 302
https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=... Page URL
https://trenhsasolc.com/link?z=5367276&var=197_25&ymid=631a6ae6459e640001e76088 HTTP 302
https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

22
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

6
IPs

6
Countries

880 kB
Transfer

1146 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/aomcoolilopomacpljconemieflcmhmg
Title: Add to Chrome

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://actrkn.com/trk/25/40392?cls=8a20270c-91d8-4494-a28c-d9fc4c6e3fc6 HTTP 302
https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=197_25 Page URL
https://trenhsasolc.com/link?z=5367276&var=197_25&ymid=631a6ae6459e640001e76088 HTTP 302
https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://actrkn.com/trk/25/40392?cls=8a20270c-91d8-4494-a28c-d9fc4c6e3fc6 HTTP 302
https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=197_25

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
mr.macgsapptrck.com/
Redirect Chain

https://actrkn.com/trk/25/40392?cls=8a20270c-91d8-4494-a28c-d9fc4c6e3fc6
https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=197_25

217 B
448 B

197ms
48ms

Document
text/html

34.91.234.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=197_25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.91.234.242 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.234.91.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 375e18ce5f9e8e54e41c4d8b667f6b32280c509b8dbc979230a092b1241f449c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 22:21:26 GMT
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 747b13bcaff05a31-MXP
content-length: 0
date: Thu, 08 Sep 2022 22:21:25 GMT
location: https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=197_25
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0DDLAWP0Bt3q43NRXJZBuUxnoChFMNUMR2T7drSzomcsPIufvSdkmuFl9fRBOO57GrmB%2BBrLb60%2Fw0c3495PDpOOalPFRfiHUueK8I%2B2gFEvT76VX5l7lJ1KXWO%2B6FRxQWJynsAPUDT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-robots-tag: noindex, nofollow

GET
H2

200

Primary Request / Show response
peanuts.pro/
Redirect Chain

https://trenhsasolc.com/link?z=5367276&var=197_25&ymid=631a6ae6459e640001e76088
https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25

9 KB
4 KB

132ms
71ms

Document
text/html

104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: e663bde2d183fae1118426a3f27c7d5d3852b8dc581c6cce72afe1b5b75d8bd4

Request headers

Referer: https://mr.macgsapptrck.com/click?pid=197&offer_id=15149&sub1=de332768-1d4d-4877-823e-08587792a148&sub2=197_25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 747b13bfecfdb89a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 22:21:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqHCDoD%2BIlvjlb2aoSBLu148wNp%2Bu%2BCawmu0lI7klBLIErDgWRtzxikFQYoJYjRd0eP6H50eYvKgGEKinOCXogo8fp16n%2BHeRdnaG7%2FGXvhqcYx%2FSg7FLaPfdzZYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 08 Sep 2022 22:21:26 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://peanuts.pro>; rel="dns-prefetch preconnect"
location: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff
x-trace-id: 724e4dc737a38966b947753a087957b0

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&display=swap

Requested by

Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ce497300fe8c0f540f349fd9cbb09eb6d31fd36066b51486b08d9b990857066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 22:21:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 22:21:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 22:21:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 84ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-69384070-38

Requested by

Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea6b6c531ceb3f797881dfe7deaa600b74d37c668daba82a7dd717c202e46e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41953
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 21:11:47 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Sep 2022 22:21:26 GMT

GET
H2 200 e33b26cf0f0caf793d850ac8c965dcc2.css
peanuts.pro/minify/ 29 KB
6 KB 38ms
35ms Stylesheet
text/css 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://peanuts.pro/minify/e33b26cf0f0caf793d850ac8c965dcc2.css
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773e679d1137e1d31c989a60c05d8517764b7f760a071a4c48b64228aead2142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Sep 2021 14:38:29 GMT
server: cloudflare
age: 2635
etag: W/"7424-5cb7cd5fbd41f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1hxu%2Fu%2F6Wx1iVDldYS8oxdLHUvwS%2Bn%2Bo9Vc78FE6ASDOHoOQUZQKOAIxifgBm4rR4uU3ZspEuVY9MtfCyDc7o%2BpulkBfWv9PWu1Sh%2BVivzkktLxUKmWHuzOVumjcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c07ddfb89a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.svg
peanuts.pro/img/ 5 KB
2 KB 153ms
152ms Image
image/svg+xml 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/logo.svg
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa228e442b3370afd19635ed20cefe171d6b4d9ff98ce3fa82c792ccd8375169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
etag: W/"13b1-5c6fff7488d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL1hqqhBrqp%2FJ7%2BshJaU1QMIn%2B78PZ14wxMNZ9WchLXKSdPFVMnxVefL9D1zosYoUirTo%2Bgv6yAmY68pE4EJiW6IJi03wYxWbWLXjBW3Am4m3BPVZ6dsA6kcnK1IlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c10cabb770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 peanut.svg
peanuts.pro/img/ 1 KB
1 KB 154ms
150ms Image
image/svg+xml 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/peanut.svg
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9107bd96f139cd04901ef26dbba2e3770c864d02285c1053765322453c078f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jul 2021 15:22:06 GMT
server: cloudflare
age: 1278
etag: W/"52e-5c716eacd87e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBpjhWZDgecPg2bHWzzC0N90TAJ%2B25DzWiieYQeAk3LPjHHcHmEOgRhIkUWcalKpnwtkiKdYEXTi4uCdSDdoP41kIiDX6%2F87gpHlKqznmYLPlrpdkMBuQXiIL%2Fip5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c10cb2b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 home_hero.png
peanuts.pro/img/ 235 KB
235 KB 154ms
147ms Image
image/png 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/home_hero.png
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1132d5477eb9374551cc7009e45e1afbea2b4cdcac20241908077cfdeb8e0ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
age: 1278
etag: "3aa21-5c6fff7488d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cR5cKqNUd76ARaeK8s4WdW6CcVY6xVbCqy%2F7uvRVcDM7oIpS4bBbPGnx8bb3AaoC%2BZqed9nCIPnWzitCM4ha9JFBlFVfRfv6eKVWdS9rqmDJwR%2FMfAzBYtzePsb%2FFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 747b13c10cb8b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 240161

GET
H3 200 ext1.png
peanuts.pro/img/ 31 KB
31 KB 81ms
74ms Image
image/png 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/ext1.png
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c47c80911541dbc563de8f4f0c4e177b23cfa805263bccbb6060813342e4a47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
age: 1278
etag: "7a21-5c6fff74881a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4twev4Y4Y7DXQsJbxOqaSs%2FRRqzfK49ORfpVAGTuqlIL8QLv7t2kRjeSzjGX1akKg%2FEbTUBKGcOKlgX%2BK6F8%2FH4glATp9zSBkgGbh%2BxrXybzVPajvb%2FR2oNFDD5Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 747b13c11cb9b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31265

GET
H3 200 ext2.png
peanuts.pro/img/ 41 KB
41 KB 109ms
102ms Image
image/png 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/ext2.png
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809fda7a4ce2e89fae65b214384da401c4f0fc92370d08fd08cd1110ebe8cbd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
age: 1278
etag: "a3c7-5c6fff74881a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN%2FryK%2FX8WBMYExejYCsuNb0T%2FXM4tBKSIB6YZhPDTnZwTp1%2BH3Vj8iVyxZo6fp01WFcul2JgxLBru3EAXYYx7k8VuQyc0PgShXa12juA71u0TbGItZhXz9ibwlXVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 747b13c11cbab770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41927

GET
H3 200 peanuts-right.png
peanuts.pro/img/ 24 KB
24 KB 58ms
51ms Image
image/png 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/peanuts-right.png
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4417123dd2338b3df8b4720c98d9cebcf47592cab6664290be2135ba65525c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
age: 1278
etag: "5f01-5c6fff7489142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5SnW4q2xCRRwdjzmHuiJjEwDkkoOn5fXzW6wUq70YLjgK%2BT7OtF74td0cZ594gpGMsztMeWMb%2BHSCWXJ1kPYLHrilylWeaefH61equJaocjQhE2tocrbPPWHegwXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 747b13c11cbdb770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24321

GET
H3 200 peanuts-left.png
peanuts.pro/img/ 24 KB
25 KB 57ms
50ms Image
image/png 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/peanuts-left.png
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb474c67e678f1153fa36cbfeae48d238616eaee89914c9e2ae00ae1b51a78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
age: 1278
etag: "6023-5c6fff7489142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUDYj%2BKBUDVaUeWdEmodcS5bj2OuULTTDo6IZuNPjLNGE2qpPcdQa0sXW6l6%2FMgm4gvm9KPm7UP1MH1OB2CHyfrk2b3pjmcJngmPW2LW2rCO8FwXhuLo20LUv6VpOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 747b13c11cbeb770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24611

GET
H3 200 amazon.svg
peanuts.pro/img/withdraw/ 4 KB
2 KB 202ms
196ms Image
image/svg+xml 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/withdraw/amazon.svg
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9040ffc0dc05a293b06b1e19bb71423419aa56b37822bab1dc70cec3eec5a200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 13:26:18 GMT
server: cloudflare
age: 1278
etag: W/"10f2-5c8430c525322"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKsfXs0CGwklMnDKO0xbASFiC8QkFwu4QuONJZa8p%2FRKoZLMBTPQp2JHXWlrz0SlZ1gtm1wy9R0gDde17hkoCko7ipXmgtHqtiDjv2ZcfrfnD4RRMgGjWCeSNiAYJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c11cc0b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 paypal.svg
peanuts.pro/img/withdraw/ 3 KB
2 KB 203ms
197ms Image
image/svg+xml 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/withdraw/paypal.svg
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8376b2bf4bbdbd265bc1a4d4d145d70a7338438dc8b1f5a04d808c0b179db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 13:26:18 GMT
server: cloudflare
age: 1278
etag: W/"d06-5c8430c52570a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXTWNI%2BUzEwljubmh0EeCWRqzgWHj3tHm7Nb7E%2BcC%2BO%2BepYzcRg37NEkXieIN5tdZbSjtbMJdxB%2FGNufEbkDKGkYD5QyOYFIG843LW0m%2BXgElPgxtvFYxRNYdx%2FxfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c11cc2b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 crypto.svg
peanuts.pro/img/withdraw/ 30 KB
9 KB 203ms
197ms Image
image/svg+xml 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/withdraw/crypto.svg
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0331d84f04595134645b3c583955b0bc651bfa74019c42aaea1045fa03a50c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 13:26:18 GMT
server: cloudflare
age: 1278
etag: W/"7714-5c8430c52570a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmxLdX1YKVe4elEsUA%2FG4qkMNeejch%2FEZi%2Blf0UGD06plmoEV0pNMV5ikQ%2BtI%2FzPaZtUaV2LHPAVcmUoMQxirFO1kSQ25PvMbZi3IeseXmXJes0PI0QcV6njFUMbmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c11cc7b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 voucher_hero.png
peanuts.pro/img/ 354 KB
354 KB 203ms
198ms Image
image/png 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/voucher_hero.png
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b51d692621e751239349e1ddc201f4599fe0bc8c82ab26109617432fcc00f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jul 2021 11:59:11 GMT
server: cloudflare
age: 1278
etag: "586e1-5c6fff7489912"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4fkhmtIWD4bDWPwffZBrNpKax0Uxp3yiLtouoARTM7S9eJaSvLVM1mS7nskam8vWZTvABqFMCa2lfOcqJATVCjXGNGpMPbbmi2SUPJzgn%2FfOL05TPwm9wCbCHjR1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 747b13c11cc9b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 362209

GET
H3 200 0cd680cb0005a416910d4d966997bbdf.js Show response
peanuts.pro/minify/ 152 KB
46 KB 39ms
39ms Script
application/javascript 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://peanuts.pro/minify/0cd680cb0005a416910d4d966997bbdf.js
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174106193c4f24a447ea0f0924a7d8c3eefee1a841c733a676ae563627707e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 12:08:16 GMT
server: cloudflare
age: 1279
etag: W/"25ecc-5c841f54457b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KeP%2BHU4xjr%2BYOsnpQ2WEbVIT1y%2BXs3MT4LblWO3GX3X8z3YWQbA3%2BEBTlva3aYMpbCom%2FMrDmKMaW1q0XQtIagoGLzOUm8p85c21y1CyY6KPVLvw3Hk%2FqJRzASSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c10ca7b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 67ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://peanuts.pro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 68226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 03:24:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
18ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69384070-38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4766
date: Thu, 08 Sep 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 23:02:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 57ms
26ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=96218097&t=pageview&_s=1&dl=https%3A%2F%2Fpeanuts.pro%2F%3Fcid%3D591867088120066410%26s%3Dzzz1_5367276_197_25&ul=en-us&de=UTF-8&dt=Peanuts.pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=580424408&gjid=1600246512&cid=954940614.1662675687&tid=UA-69384070-38&_gid=1174357004.1662675687&_r=1&gtm=2ou970&z=2027795457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://peanuts.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 22:21:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://peanuts.pro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 get-top-earners Show response
peanuts.pro/api/ 8 KB
2 KB 1012ms
1012ms Fetch
application/json 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://peanuts.pro/api/get-top-earners
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/minify/0cd680cb0005a416910d4d966997bbdf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 9604f15c366557e21dd9611c3c0814d15b0c749cc808294e2e264c5bd292db6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
x-powered-by: PHP/7.4.27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXS2hEDXrCIb%2FNjn8heKGddHRMIVkLIUzN8EigJL2SE0s34xG7gVi3Tk5LqeMRpEfhg8%2Bff9r%2B1NzO0nKcWM5V14oZ6P1EXnPCd%2F7VsFHZxYraWwjltvV42Fp1B5Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 747b13c27e53b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 peanut.svg
peanuts.pro/img/ 1 KB
1 KB 36ms
36ms Image
image/svg+xml 104.21.52.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://peanuts.pro/img/peanut.svg
Requested by: Host: peanuts.pro
URL: https://peanuts.pro/minify/0cd680cb0005a416910d4d966997bbdf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.52.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9107bd96f139cd04901ef26dbba2e3770c864d02285c1053765322453c078f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://peanuts.pro/?cid=591867088120066410&s=zzz1_5367276_197_25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 22:21:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jul 2021 15:22:06 GMT
server: cloudflare
age: 1279
etag: W/"52e-5c716eacd87e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UXbYxnpZ6xHWyg%2FLNnKOh6rWmIE2%2FCAHnieXIR%2Ba01mLruf%2ByhcOPxmO%2BaAwEuzh8i8Z5vqdvUM5GynRmcwjOXsYThbaRJRvK9TkWLHUf%2Fz6WVttW%2FFvrJxrzPMxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747b13c8cda4b770-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
actrkn.com/	1969-12-31 23:59:59	Name: go40392 Value: 4436cd93-95ef-4f23-9af6-6e12fa794406
actrkn.com/	1970-01-20 05:52:42	Name: u25o40392 Value: bf5c6981-7cb7-4bd0-9da7-645e58a6e48b
mr.macgsapptrck.com/	1970-01-20 14:36:51	Name: afclick Value: 631a6ae6459e640001e76088
mr.macgsapptrck.com/	1970-01-20 14:36:51	Name: afoffers Value: {"15149":1662675686}
trenhsasolc.com/	1970-01-20 14:36:51	Name: OAID Value: 2a9387f74a444ce99cc6e0b27f88a76d
trenhsasolc.com/	1970-01-20 14:36:51	Name: oaidts Value: 1662675686
trenhsasolc.com/	1970-01-20 14:36:51	Name: OXCCLK Value: 6065315.1
trenhsasolc.com/	1970-01-20 14:36:51	Name: allcnt Value: 1
peanuts.pro/	1969-12-31 23:59:59	Name: PHPSESSID Value: al3duq5n16spkd3pk8fn6otf3i
peanuts.pro/	1969-12-31 23:59:59	Name: _csrf Value: 8932530ad06359b947cc7a13fa19647230649ad3f27d5a93bbe8eafc113b5dbca%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22QqHUpMoc4PiOeMKYLJ3Yhvj02S3ImFyD%22%3B%7D
.peanuts.pro/	1970-01-20 15:27:15	Name: _ga Value: GA1.2.954940614.1662675687
.peanuts.pro/	1970-01-20 05:52:42	Name: _gid Value: GA1.2.1174357004.1662675687
.peanuts.pro/	1970-01-20 05:51:15	Name: _gat_gtag_UA_69384070_38 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actrkn.com
fonts.googleapis.com
fonts.gstatic.com
mr.macgsapptrck.com
peanuts.pro
trenhsasolc.com
www.google-analytics.com
www.googletagmanager.com
104.21.52.185
139.45.197.238
2606:4700:3036::6815:2bcc
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:400e:80c::200a
34.91.234.242
0331d84f04595134645b3c583955b0bc651bfa74019c42aaea1045fa03a50c82
1132d5477eb9374551cc7009e45e1afbea2b4cdcac20241908077cfdeb8e0ab8
174106193c4f24a447ea0f0924a7d8c3eefee1a841c733a676ae563627707e16
375e18ce5f9e8e54e41c4d8b667f6b32280c509b8dbc979230a092b1241f449c
3c47c80911541dbc563de8f4f0c4e177b23cfa805263bccbb6060813342e4a47
4ce497300fe8c0f540f349fd9cbb09eb6d31fd36066b51486b08d9b990857066
52b51d692621e751239349e1ddc201f4599fe0bc8c82ab26109617432fcc00f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
773e679d1137e1d31c989a60c05d8517764b7f760a071a4c48b64228aead2142
7eb474c67e678f1153fa36cbfeae48d238616eaee89914c9e2ae00ae1b51a78b
809fda7a4ce2e89fae65b214384da401c4f0fc92370d08fd08cd1110ebe8cbd3
9040ffc0dc05a293b06b1e19bb71423419aa56b37822bab1dc70cec3eec5a200
9604f15c366557e21dd9611c3c0814d15b0c749cc808294e2e264c5bd292db6d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa228e442b3370afd19635ed20cefe171d6b4d9ff98ce3fa82c792ccd8375169
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
cd8376b2bf4bbdbd265bc1a4d4d145d70a7338438dc8b1f5a04d808c0b179db5
e663bde2d183fae1118426a3f27c7d5d3852b8dc581c6cce72afe1b5b75d8bd4
ea6b6c531ceb3f797881dfe7deaa600b74d37c668daba82a7dd717c202e46e11
f4417123dd2338b3df8b4720c98d9cebcf47592cab6664290be2135ba65525c7
fe9107bd96f139cd04901ef26dbba2e3770c864d02285c1053765322453c078f

peanuts.pro Open in urlscan Pro 104.21.52.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

6 IPs

6 Countries

880 kBTransfer

1146 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

13 Cookies

Indicators

peanuts.pro Open in urlscan Pro
104.21.52.185 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

6
IPs

6
Countries

880 kB
Transfer

1146 kB
Size

13
Cookies

22 HTTP transactions
0 data transactions