www.cryptonewzs.live Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cryptonewzs.live/
Effective URL:
https://www.cryptonewzs.live/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On April 15 via api (April 15th 2023, 11:57:34 am UTC) from DE — Scanned from DE

Summary HTTP 157 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 32 domains to perform 157 HTTP transactions. The main IP is 2a00:1450:4001:806::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.cryptonewzs.live.
TLS certificate: Issued by GTS CA 1D4 on April 14th 2023. Valid for: 3 months.

This is the only time www.cryptonewzs.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:e::210:f113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:e0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2009	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::5f65:36c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eb0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
7	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
12	99.81.25.188 99.81.25.188	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
12	52.51.126.33 52.51.126.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3 6	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
6	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
3	54.194.98.250 54.194.98.250	16509 (AMAZON-02) (AMAZON-02)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
157	37

1 216.239.38.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

cryptonewzs.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.cryptonewzs.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:e::210:f113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

ljii.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e0a (United States)

ASN13335 (CLOUDFLARENET, US)

lib.wtg-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:36c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb0a (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.81.25.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.51.126.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::d (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.98.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-98-250.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 6515 trends.revcontent.com — Cisco Umbrella Rank: 1911 yeet.revcontent.com — Cisco Umbrella Rank: 7043 images.revcontent.com — Cisco Umbrella Rank: 7237	184 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	335 KB
20	googlesyndication.com 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 138 pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	213 KB
19	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 15043	489 KB
12	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2685	4 KB
6	cryptonewzs.live 2 redirects cryptonewzs.live www.cryptonewzs.live	51 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	244 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 337	1 KB
3	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1674	1 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 443	2 KB
3	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1349	486 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 510	194 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	gstatic.com fonts.gstatic.com	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	89 KB
2	typekit.net p.typekit.net — Cisco Umbrella Rank: 564 use.typekit.net — Cisco Umbrella Rank: 450	18 KB
2	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5174	198 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 26135	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9047	531 B
1	e-planning.net pbjs.e-planning.net — Cisco Umbrella Rank: 6372	162 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1024	281 B
1	demand.supply live.demand.supply — Cisco Umbrella Rank: 33910
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 9115	56 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	28 KB
1	wtg-ads.com lib.wtg-ads.com — Cisco Umbrella Rank: 37588
1	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 14498	1 KB
1	github.io ljii.github.io — Cisco Umbrella Rank: 438849	2 KB
1	hooliganmedia.com cdn.hooliganmedia.com — Cisco Umbrella Rank: 728751	227 KB
0	rlcdn.com Failed api.rlcdn.com Failed
157	32

	Domain	Requested by
24	securepubads.g.doubleclick.net	cdn.hooliganmedia.com securepubads.g.doubleclick.net www.cryptonewzs.live www.googletagservices.com 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
19	blogger.googleusercontent.com	www.cryptonewzs.live
12	yeet.revcontent.com	assets.revcontent.com
12	trends.revcontent.com	assets.revcontent.com
10	tpc.googlesyndication.com	www.cryptonewzs.live 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	mug.criteo.com
6	gum.criteo.com	3 redirects
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	assets.revcontent.com	www.cryptonewzs.live 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com assets.revcontent.com
5	www.googletagservices.com	securepubads.g.doubleclick.net www.cryptonewzs.live 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
5	www.cryptonewzs.live	1 redirects www.cryptonewzs.live cdnjs.cloudflare.com
4	8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	match.adsrvr.org	ads.pubmatic.com
3	id.crwdcntrl.net	ads.pubmatic.com
3	id5-sync.com	ads.pubmatic.com
3	lexicon.33across.com	ads.pubmatic.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.cryptonewzs.live
3	ads.pubmatic.com	assets.revcontent.com
2	fonts.gstatic.com	www.cryptonewzs.live
2	connect.facebook.net	www.cryptonewzs.live connect.facebook.net
2	pro.fontawesome.com	www.cryptonewzs.live pro.fontawesome.com
1	www.google.com	tpc.googlesyndication.com
1	images.revcontent.com
1	www.googletagmanager.com	a.vdo.ai
1	fonts.googleapis.com	8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
1	a.vdo.ai	www.cryptonewzs.live
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	pbjs.e-planning.net	cdn.hooliganmedia.com
1	prebid.a-mo.net	cdn.hooliganmedia.com
1	live.demand.supply	cdn.hooliganmedia.com
1	use.typekit.net	www.cryptonewzs.live
1	www.blogger.com	www.cryptonewzs.live
1	cdnjs.cloudflare.com	www.cryptonewzs.live
1	lib.wtg-ads.com	www.cryptonewzs.live
1	4.bp.blogspot.com	www.cryptonewzs.live
1	ljii.github.io	www.cryptonewzs.live
1	p.typekit.net	client
1	cdn.hooliganmedia.com	www.cryptonewzs.live
1	cryptonewzs.live	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
157	41

This site contains links to these domains. Also see Links.

Domain
www.mrjaz.com
sohanisharma.com
quikfinance.blogspot.com
miniescort.com
sunainapatel.com
hooliganmedia.com
www.blogger.com

Subject Issuer	Validity	Valid
www.cryptonewzs.live GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
hooliganmedia.com E1	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.a-mo.net R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.e-planning.net R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
assets.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
revcontent.com Amazon RSA 2048 M01	`2023-02-14` - `2023-07-16`	5 months	crt.sh
images.revcontent.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.cryptonewzs.live/
Frame ID: 907B33C0312F17DBAFA0BF8D56D46998
Requests: 63 HTTP requests in this frame

Frame: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A198F7338EC9B5D0BF2F058D65C4E1AE
Requests: 1 HTTP requests in this frame

Frame: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90991DA93BA2ED0400FBB4F43FA2E75C
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGJwUbt1qBVzEIqZJ2GuInExl7rh6Bgm7ND0tE0vuE4esdJxRjiw09MCwMShon45wqFNGSEavK3qJdl6d8NzBngfuKtUIBfK5FjmuvRZd3H5YX4cUaBil0muu0vX88-5vq-ZwBNsQQivgrYZgi5DSBpVg8KWnGHI3_My1DHrJW8H-oi1f-_xfENJezy_qPIcsuT5e8N3WAbw8BpEyZsnXMAN5Pze3IaGsTJy9lHxo_btFQWuJDNvbyO81TbqJGEJbow_hgMxeH-k6GOcTpskAv3Iuc4s-HA7qfwHGMBZut98MZ1IgPC8h3yugO9VtKezO7WQ&sai=AMfl-YRYM9CtJRtzBMvZ0XE-Q8PBFMLFwHp6DnReC3CE2YmKP71ULBT52w9dnOG2O5n7pWXB4JiiETMbaw6Re_OAcUJNsHEw2T879DeyC_9q9X7ctA4zS89-EMW2cFmfWmBsonV9llI0s3dYZIcRC9vB&sig=Cg0ArKJSzPfY_iucZH_AEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6ED5BAB4A8D1DAAEDCECFA2041F2BDCA
Requests: 8 HTTP requests in this frame

Frame: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5E55D2A583750CCE6EF3A21869296EAB
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Frame ID: 9BD3B231E860811677B32F9B0FE0D59E
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty2m7jTryiZWQnz5-jNPvIV9EFHzZ0PQNlOUc0dCDEmpdFMai1td9btg_t-W8IRhqfWZrY-nkBRv3p56qbw1fKhw-U3veH6AK5D6DUwBMUwJuhdXCxELb3k0n9XZcG1Q0nz-b8BatRTS1-oUmM_ZxN3ZDis_UrwHew5syEnElQeXN4bv5chQ6vDlgLgMHQwVHvE53OqHo901K4bazoKNsT9o_gjBa0WGHBiszoq_TacCVbFQ9YdsMfxWAKZ4A9Kq0ZGAYOaJdklVCfKeXo9JB6317nK2YkIr3sZ51Isxm49zkGNpk0Fk7iJGyQsLiF4Nen-rqOjw&sai=AMfl-YRkVP-0vleAS9byR8tDV0-x3X72vxG3hWOs9YXQD8t8jxCBRb2yCJWnLlVz3SlMjWeJt7Up1sFJxldpIhXUc5JqkTjmBeQney0vIqABCoHUfdC37ldYVvfRTVIWbrYTheyTUmTRB2t9Y7IbzuzY&sig=Cg0ArKJSzEAJ0iAKF_zyEAE&uach_m=[UACH]&adurl=
Frame ID: 1EB759629283F4945CED1C36BEC938B5
Requests: 8 HTTP requests in this frame

Frame: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3EB235D31D60732E08B2A3758AD9E82
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80A81549C3AC4EB58F971327C48D4D13
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83960BB4055BC971B36C936130D091D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CRYPTO NEWS

Page URL History Show full URLs

http://cryptonewzs.live/ HTTP 301
http://www.cryptonewzs.live/ HTTP 301
https://www.cryptonewzs.live/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

157
Requests

96 %
HTTPS

68 %
IPv6

32
Domains

41
Subdomains

37
IPs

5
Countries

2422 kB
Transfer

5262 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mrjaz.com/
Title: MrJaz

Search URL Search Domain Scan URL

URL: https://sohanisharma.com/
Title: ahmedabad escorts

Search URL Search Domain Scan URL

URL: https://quikfinance.blogspot.com/
Title: Quik Finance

Search URL Search Domain Scan URL

URL: https://sohanisharma.com/khushi-chhetri-independent-call-girls-in-ahmedabad-escorts-service
Title: ahmedabad call girl

Search URL Search Domain Scan URL

URL: https://miniescort.com/
Title: Mini Escort

Search URL Search Domain Scan URL

URL: https://sunainapatel.com/
Title: Mumbai Escorts

Search URL Search Domain Scan URL

URL: https://hooliganmedia.com/?utm_source=hms
Title: Powered by Hooligan Media

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/09231171654107761752
Title: CRYPTO NEWS

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cryptonewzs.live/ HTTP 301
http://www.cryptonewzs.live/ HTTP 301
https://www.cryptonewzs.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-3YoHnx2aDhuU0lvbDViUmI5KzFzVzdyNzkwV0piU0dhY3Z6T01wMnVtS2Y5UnhRS0ExdkoycmtvNnd4L09taDdPREg1cWJ6SjZQbnVWU0N4WEJPOFBTZ0NLalUxNjBicUd1OG93bEZ3MzFNSlVxWTZ5VEs2SDBHekxpSDR6T3Fzc3dZOEdZN21Ubnhud1h0aVhuRzZoeWYwTFk2RXJWTElpOUpSa0F3SjhhTStWZ0NPRVNhS2c0RjQ4UGUrYm5iQWg3TVRRcG82Z3ZaUHE3blFiMzQzRUlSNFRRYVB0SmsyU0lvRXF4YmVrMmhvYkhpblZ6aStpQS9ZOWR4T3gwRTFLUGZmQ3h3QjBERWNtRGdDOGNWenBFcmRNSzFpTHJ5VENWZ3oxR1dHUi9PdDE0YlA2OVg0VnpmMDFXQzVmRXpqVGU3M3UzcHlrbG9HZXcxdENyR0lxNHY1VFE9PXw&cppv=2

Request Chain 143

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Io0rYnw0NExJcVNCRFpVUHJ1YVczYmw3Y2RsN0xYbm5YWnMzVWlocDZiS1l1cUt4cUVVYXRHNUNKem1mRGpwc0JpdU1peFFBTVEwcDFKQWpRZVNmblp6RFhHbnd6b09UdkpnZ3dTV29qTVBEWUdBV1JOYmVGZEFZV1Y4M2MyMXBpZUc5cFRrNXZ3c3gyOW8xZTNscmVLVWozc3VPcmRKOHJJNmw0RHFab3RQekMrdWxMbm5RWEVGVTVIMFkrcG9TaWFDYmNBRFFUV1NtV0h5TGRBbXhoRmFhUStyRVFNdHErc3VsZU83WDl3eFEwL0xJbmFPTi83SHdXdGVaNzlHUndiWUVvNThhR2FwTmM4RHJMVFdPQ09yRmVrMmRCUCttTE0xV0hsQ1E5aU8rb2h4SG9CRjJQMzZnVTVBMEkrSWs5aURBandmcklramt4bXA3cGxwNlFaK3NGWGc9PXw&cppv=2

Request Chain 150

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=s2hbTHx6TEhSSDF2czZOVkd3Z1I1eWZMaUhCMU1tNlZpMHBiR1AwZkV6eXQyK21ERXFaenJtVUh5N1BEUWI2RytPeXJ1M2dZeWh3RDZOQXRhNDVySGJ3czNkbEhDeHNMb1RTL0hkTmZqWko3S1VjZEJpSWg2Y0RSYjl1OXAyNURmRU5DUWZDRWtnakVuQkljOUZwRjBFTFFraGI5TkZoRUwzK3R0VXR1RFBwbHd4eHhlMjVQamNOZWZqcDZ3cVlPNmNqMWxnS0dCVDN2YmZBSUcrb2VUQTlZbGdQeUFNQzYzV2tnK2hXeG1TbzE2RTB5UUZ1ZUVQcXZMRmk5WkM0NWNHTVBQSTNMWEdHa0NaSStDVW54UFRQSlpxQlBYUlVzWDhoYmRraWRUdHFYSU9jUy82TmhUU09rNmlaaTlDcGRNNUJRbXw&cppv=2

157 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cryptonewzs.live/
Redirect Chain

http://cryptonewzs.live/
http://www.cryptonewzs.live/
https://www.cryptonewzs.live/

182 KB
39 KB

541ms
453ms

Document
text/html

2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

583c3baa016be25c3719795e60a29e5b461bd80c130e3b3529237d57fe8f54b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 39320
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 11:57:27 GMT
etag: W/"7ce1ac3dee266cda54998bfba42cc10286d2795b50400434de118c8675ceac64"
expires: Sat, 15 Apr 2023 11:57:27 GMT
last-modified: Sat, 18 Mar 2023 13:26:00 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 177
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 11:57:26 GMT
Expires: Sat, 15 Apr 2023 11:57:26 GMT
Location: https://www.cryptonewzs.live/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 hmads0.js Show response
cdn.hooliganmedia.com/ 227 KB
227 KB 99ms
19ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/hmads0.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a6cac730363f4ef6de9926f12b3dcce9459d4e6a7c9dc563e18a044bbc6a8ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 29 Mar 2023 20:41:58 GMT
x-amz-request-id: tx0000000000000ea567342-00643a8b65-58c8a03d-nyc3c
etag: "3e552ff171ee0937027c55914f79d611"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1681559847.dop146.am5.t,1681559847.cds115.am5.hn,1681559847.cds125.am5.c
content-type: text/javascript
cache-control: max-age=2126
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 232031

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ 170 KB
32 KB 97ms
39ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
x-amz-request-id: EJAPTFBVDW5EN3D1
age: 3065552
etag: W/"a28e912c1a41becec7f68848d739d5c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b8402d67e8b8fe3-FRA
x-amz-id-2: c40P5sg8OME1qQAf0650Lptp63kvF3mMzAzq4/QIpzZLyNeDBQjAN5NfETLAGz99Di9Hz+P3gxo=

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 76ms
7ms Stylesheet
text/css 2a02:26f0:480:e::210:f113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=byr0bra&ht=tk&f=6846.15528.15529.15530&a=4009364&app=typekit&e=css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 37ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ea3a1fe2cf3b77153fa485debb8aff5fb3afbe72e1e93edf417aed959967fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cryptonewzs.live/
Origin: https://www.cryptonewzs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 11:57:27 GMT
content-md5: 6dSMbQ3MV162hKeuz6nK4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1690
x-fb-rlafr: 0
x-fb-debug: chJOxgmKp6RNtvIai3WKUVD63pPNG1fdPRPY8FdXf2WbMBkHrOQejnlAHGQak5LaZWZ/mvTFRKvptC96QTMHnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 457b230cbf88d7ac1e2d6ede396742f9
cross-origin-opener-policy: same-origin-allow-popups
etag: "b08ee6c2af801f637faa0253d41b585f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 15 Apr 2023 12:08:50 GMT

GET
H2 200 m.js Show response
ljii.github.io/m/ 3 KB
2 KB 34ms
8ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ljii.github.io/m/m.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

5f2fb1103aa2e5de6f77622fdc8a6535e1da85cf940826dc513a71c6f6488982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-fastly-request-id: bf6c4529d08ad2c50afbdaf617105124d81bbd14
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Sat, 15 Apr 2023 11:57:27 GMT
age: 403
x-cache: HIT
x-cache-hits: 3
x-proxy-cache: HIT
content-length: 1150
x-served-by: cache-fra-eddf8230105-FRA
last-modified: Sat, 11 Mar 2023 10:06:58 GMT
server: GitHub.com
x-github-request-id: E060:9A21:5EFDBD:62BD7F:64391DD8
x-timer: S1681559847.422842,VS0,VE1
etag: W/"640c52c2-b12"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Fri, 14 Apr 2023 09:35:30 GMT

GET
H2 200 avatar.jpg
4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w45-h45-p-k-no-nu/ 760 B
1 KB 128ms
35ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w45-h45-p-k-no-nu/avatar.jpg

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4aac7b10598e32993914e36ca8b78080cf04c8c18f9d10f8051ee68943ce934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:28:36 GMT
x-content-type-options: nosniff
age: 12531
content-disposition: inline;filename="avatar.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 760
x-xss-protection: 0
server: fife
etag: "v85e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 16 Apr 2023 08:28:36 GMT

GET
H2 404 cryptonewzs_sb_ad.js
lib.wtg-ads.com/publisher/cryptonewzs.live/ 0
0 83ms
55ms Script
text/html 2606:4700:20::681a:e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.wtg-ads.com/publisher/cryptonewzs.live/cryptonewzs_sb_ad.js
Requested by: Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 AVvXsEgYtYoSVPXcO9G6Xi4Mc8VU9x-Tnd-bvOmeszzk3_vuo-qDTSqd1PCgTywhTUwyA0S-1DLeJyXNuJuZG24BJxxikRVHht4FByLHPN7LUyEKSXnUMMe2cTiuizeZDgHlSC4a5Yew9jP7icOyaJ0qaKWKMU_r7HLt6PuRt8q5Dtqh7EOboapQ5hKFtzLv=s222
blogger.googleusercontent.com/img/a/ 919 B
1 KB 942ms
847ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgYtYoSVPXcO9G6Xi4Mc8VU9x-Tnd-bvOmeszzk3_vuo-qDTSqd1PCgTywhTUwyA0S-1DLeJyXNuJuZG24BJxxikRVHht4FByLHPN7LUyEKSXnUMMe2cTiuizeZDgHlSC4a5Yew9jP7icOyaJ0qaKWKMU_r7HLt6PuRt8q5Dtqh7EOboapQ5hKFtzLv=s222

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

52e5f0f9cf3c2ad4889ae7abf873a192534b0e99604913bd35f8256fabe745e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v43"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220904_145602.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 42ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 144674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97cJgYVoloMLaT%2BoKwUvylZYA2369xGeU9v7aPBJShuQK5CNWDP%2FtXT1s394JMq%2F6EGGiMoCpIIOFVBhSqOE6octgABQg4B4HcwW8ak7t4x6fTsWdaFANqSvRNptHMDjr0rikPRJccyq0jj2w2c5yiqX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b8402d6ee0e9217-FRA
expires: Thu, 04 Apr 2024 11:57:27 GMT

GET
H2 200 cookienotice.js Show response
www.cryptonewzs.live/js/ 6 KB
2 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cryptonewzs.live/js/cookienotice.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 15 Apr 2023 11:52:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 22 Apr 2023 11:57:27 GMT

GET
H2 200 1852870454-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 161ms
36ms Script
text/javascript 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1852870454-widgets.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fd3601f141256ba274c063d5915626a24d906d74eaa4fbe2c1e38c601e23e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 21:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57021
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 16:53:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 13 Apr 2024 21:40:15 GMT

GET
H2 200 l
use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/ 18 KB
18 KB 50ms
12ms Font
application/font-woff2 2a02:26f0:780::5f65:36c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415

Request headers

Referer: https://www.cryptonewzs.live/
Origin: https://www.cryptonewzs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
server: nginx
etag: "e2418760f00448874f89ae40256bf9d1d180c197"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18512

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 165 KB
165 KB 410ms
393ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://www.cryptonewzs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
cf-cache-status: MISS
x-amz-request-id: P9E78WYRFZD0DM8N
content-length: 168768
x-amz-id-2: iJN3ZO0Gac1F7955zTZO0vBTdtnZK/UWDMGz5g4hc1I05gjbkh+J8EJLXdPs39iNJ/mxD84xjZk=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "d8689b99dce7c881d3130f3c91cfefdf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7b8402d6ecd93a82-FRA

GET
H2 200 6xKjdSxYI9_3nPWNAGn5LA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 123ms
35ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Origin: https://www.cryptonewzs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:21:53 GMT
x-content-type-options: nosniff
age: 329734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10108
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:43:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 16:21:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5a5eceab20d5b1db58f4244550629c74

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e2675e98e7c6aa6649c44fac4dbb9a4846a265090495a8e5b250d47e420e94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cryptonewzs.live/
Origin: https://www.cryptonewzs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 11:57:27 GMT
content-md5: Ngm+NpGUgyxNVXE/BxJe3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88563
x-fb-rlafr: 0
x-fb-debug: Cog1i3fhQL45OXWmYfbpdcVA4BpjtftEZa7MH8PFWWpvjkJ4pYKuPEHB8Fk2Bwwdb4Ly+wUPeB+lZW8T3iuiYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: d39e7b8dd3657c0c16525cc409503b5f
cross-origin-opener-policy: same-origin-allow-popups
etag: "1a9d6549365b8fc28cd43d9be43ef01d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 14 Apr 2024 11:41:37 GMT

GET
H2 403 up.js
live.demand.supply/ 0
0 83ms
36ms Script
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 235ms
122ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f48a15c9e44b3ecfbc9e87b5217744b2dc0ef379461a6391c11e2ba8e2977d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25676
x-xss-protection: 0
server: cafe
etag: 911 / 19462 / 31073843 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:57:27 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
281 B 158ms
108ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cryptonewzs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cryptonewzs.live
date: Sat, 15 Apr 2023 11:57:27 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 94
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5f393/1/www.cryptonewzs.live/ 2 B
162 B 57ms
15ms XHR
text/plain 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5f393/1/www.cryptonewzs.live/ROS?rnd=0.1418345755922752&e=728x90_0%3A728x90%2C970x250%2C970x90%2B728x90_1%3A728x90%2C970x250%2C970x90%2B728x90_2%3A728x90%2B728x90_3%3A728x90%2B300x600_0%3A300x600%2C160x600%2C120x600%2B300x600_1%3A300x600%2C160x600%2C120x600%2B300x250_0%3A300x250%2C336x280%2C250x250%2C200x200%2B300x250_1%3A300x250%2C336x280%2C250x250%2C200x200%2B300x250_2%3A300x250%2C336x280%2C250x250%2C200x200%2B300x250_3%3A300x250%2C336x280%2C250x250%2C200x200&ur=https%3A%2F%2Fwww.cryptonewzs.live%2F&pbv=7.42.0&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cryptonewzs.live%2F
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.cryptonewzs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cryptonewzs.live
date: Sat, 15 Apr 2023 11:57:27 GMT
access-control-allow-credentials: true
content-type: text/plain
server: openresty
content-length: 2
x-sid: AMS-936

GET
H2 200 6xKudSxYI9__J9CYLUv0BnYASA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0BnYASA.woff2

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Origin: https://www.cryptonewzs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:50:30 GMT
x-content-type-options: nosniff
age: 331617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10244
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:38:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:50:30 GMT

GET
H2 200 default Show response
www.cryptonewzs.live/feeds/posts/ 30 KB
9 KB 305ms
304ms XHR
application/json 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cryptonewzs.live/feeds/posts/default?alt=json&max-results=3

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

c88d72b612a5cb5aaa4bf7ed8b2661e28482ff6a695b8c2e90b97bc4e599d4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cryptonewzs.live/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 18 Mar 2023 13:26:00 GMT
server: blogger-renderd
etag: W/"5422dba8f1fb7eb4802784dbd9e48fc3301dc21f26df4bd46cc27a330130fe76"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 8505
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 default Show response
www.cryptonewzs.live/feeds/comments/ 1 KB
761 B 347ms
346ms XHR
application/json 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cryptonewzs.live/feeds/comments/default?alt=json&max-results=3

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

6ce228ef724b2873dda4b84e29adc72f0688c483afb87ee4342086635c85a80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cryptonewzs.live/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: blogger-renderd
etag: W/"8ffb5c2c9675c8819669e9c063a91a1d2a92f84353b620b3c9283c9ef810acef"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 619
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220703_130045.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7OLy1mpNdiUgM0NF3xX2Az_w12R-L72wTDqFWwO0XwjlS6ZRL4yCgG12Zek3WiQFwt3eoGEDcGMlSYo6vMAjxXaGxQeiJp3-nIYKNKru0eOREgF70pCBhKBn4FQNWI_dlb3XtnRIsgWTuUY5k... 36 KB
36 KB 846ms
845ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7OLy1mpNdiUgM0NF3xX2Az_w12R-L72wTDqFWwO0XwjlS6ZRL4yCgG12Zek3WiQFwt3eoGEDcGMlSYo6vMAjxXaGxQeiJp3-nIYKNKru0eOREgF70pCBhKBn4FQNWI_dlb3XtnRIsgWTuUY5kHdWHR5z-g7OUjkxEo_dW-A0BkKOdrJsP1f_OLohv/w373-h220-p-k-no-nu/IMG_20220703_130045.JPG

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9ed7e8aecc4e85528397f500bcfe0c74f4fbf43ffc88e0408c1fdf04c51a9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220703_130045.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36998
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2136682167.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh25sPS7Qu_LqNJWJY0dLxr-a_v3TeKOsAjOJX8oa0f6wuwC-WvDeTJqdn8HacO79uXJP4WW1tW-xGZJ9zD_XOuVwHp9SIkFcMgT4jtUTMCPJ5g13rKA8-6L5FihINZ620yrplmhceF8bRIYCXp... 27 KB
27 KB 822ms
820ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh25sPS7Qu_LqNJWJY0dLxr-a_v3TeKOsAjOJX8oa0f6wuwC-WvDeTJqdn8HacO79uXJP4WW1tW-xGZJ9zD_XOuVwHp9SIkFcMgT4jtUTMCPJ5g13rKA8-6L5FihINZ620yrplmhceF8bRIYCXpx930vWfwoZ0N5BVmN5zaQZ_8e12NwtSiuAV8Kh2U/w373-h220-p-k-no-nu/shutterstock_2136682167.webp

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5992195728f6d8bd4d7f59f6e28e55c188a094466f707ffd32123ee185f79cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2136682167.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27844
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 adobestock-sergei-simanovic-1-1___media_library_original_600_400.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBIACO4NUYJNgLEvn5XSS_fvZxnuJrXg3OUupTqNzZwW4V_Vqye3MUfEzGgaVhG9GRDbuv1pHdbZILQuT32TuhTby92PW1lSBCTFmXr_CZ_uKWv43uoq6Tp0QqX2Xzj-RdEFZ1Tcc2FFwQ8Emk... 26 KB
26 KB 876ms
874ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBIACO4NUYJNgLEvn5XSS_fvZxnuJrXg3OUupTqNzZwW4V_Vqye3MUfEzGgaVhG9GRDbuv1pHdbZILQuT32TuhTby92PW1lSBCTFmXr_CZ_uKWv43uoq6Tp0QqX2Xzj-RdEFZ1Tcc2FFwQ8Emkq4_rFhjlAaWJN8NIC8iRBJT84tbFcfg_p8d4YL-g/w373-h220-p-k-no-nu/adobestock-sergei-simanovic-1-1___media_library_original_600_400.jpg

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7511d76cede55f4e3be93bd82319ad1cc185522d68dad76ac2a8284d7052d7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="adobestock-sergei-simanovic-1-1___media_library_original_600_400.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26585
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220703_130045.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7OLy1mpNdiUgM0NF3xX2Az_w12R-L72wTDqFWwO0XwjlS6ZRL4yCgG12Zek3WiQFwt3eoGEDcGMlSYo6vMAjxXaGxQeiJp3-nIYKNKru0eOREgF70pCBhKBn4FQNWI_dlb3XtnRIsgWTuUY5k... 20 KB
20 KB 896ms
895ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

072cf45646504c1c47a352a285e840415a03df47b9d4c25990dedbbf079cad2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220703_130045.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20709
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2136682167.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh25sPS7Qu_LqNJWJY0dLxr-a_v3TeKOsAjOJX8oa0f6wuwC-WvDeTJqdn8HacO79uXJP4WW1tW-xGZJ9zD_XOuVwHp9SIkFcMgT4jtUTMCPJ5g13rKA8-6L5FihINZ620yrplmhceF8bRIYCXp... 14 KB
14 KB 895ms
894ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1bff7e04389669c69e1e836cbec6e90386301c21ed24a01f72de3b0f81325ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2136682167.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2138262997%20(1).webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dxDWE_gOh5o0W4J8F5huhV4GSUtGick6YP4wUGhLrNAQAxOzpcSjMEemuATGoR0lxY_yi2Lf_NIWB0KQLDGnD85qYzd-ZKCDapWHmTD9O3RrmRHHA1Tvd7UhrSh3DqiMQWgFUqx87brJvp3X... 10 KB
10 KB 902ms
901ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dxDWE_gOh5o0W4J8F5huhV4GSUtGick6YP4wUGhLrNAQAxOzpcSjMEemuATGoR0lxY_yi2Lf_NIWB0KQLDGnD85qYzd-ZKCDapWHmTD9O3RrmRHHA1Tvd7UhrSh3DqiMQWgFUqx87brJvp3XkheCTYOQXA7fyADqyx63IBSLucZCUsUrwEXUL0m0/w220-h146-p-k-no-nu/shutterstock_2138262997%20(1).webp

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

901bbdbe86648857cc7129945198c11708ebb4050d30f1067a29772e2c1654d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v2e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2138262997 (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10498
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220703_130045.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7OLy1mpNdiUgM0NF3xX2Az_w12R-L72wTDqFWwO0XwjlS6ZRL4yCgG12Zek3WiQFwt3eoGEDcGMlSYo6vMAjxXaGxQeiJp3-nIYKNKru0eOREgF70pCBhKBn4FQNWI_dlb3XtnRIsgWTuUY5k... 7 KB
7 KB 815ms
814ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d55a86e26ed20ceaa4bf90af9a6603005da727fe07f226e7d6f399ae18ccb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220703_130045.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7006
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2136682167.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh25sPS7Qu_LqNJWJY0dLxr-a_v3TeKOsAjOJX8oa0f6wuwC-WvDeTJqdn8HacO79uXJP4WW1tW-xGZJ9zD_XOuVwHp9SIkFcMgT4jtUTMCPJ5g13rKA8-6L5FihINZ620yrplmhceF8bRIYCXp... 5 KB
5 KB 802ms
802ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ff1faea3fb83ae73cab22ea557c3a3e5053ff35b742409b5bc717fe8feacce2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2136682167.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 adobestock-sergei-simanovic-1-1___media_library_original_600_400.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBIACO4NUYJNgLEvn5XSS_fvZxnuJrXg3OUupTqNzZwW4V_Vqye3MUfEzGgaVhG9GRDbuv1pHdbZILQuT32TuhTby92PW1lSBCTFmXr_CZ_uKWv43uoq6Tp0QqX2Xzj-RdEFZ1Tcc2FFwQ8Emk... 5 KB
6 KB 923ms
922ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBIACO4NUYJNgLEvn5XSS_fvZxnuJrXg3OUupTqNzZwW4V_Vqye3MUfEzGgaVhG9GRDbuv1pHdbZILQuT32TuhTby92PW1lSBCTFmXr_CZ_uKWv43uoq6Tp0QqX2Xzj-RdEFZ1Tcc2FFwQ8Emkq4_rFhjlAaWJN8NIC8iRBJT84tbFcfg_p8d4YL-g/w108-h72-p-k-no-nu/adobestock-sergei-simanovic-1-1___media_library_original_600_400.jpg

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

88121c6c3761da89487f3035b115389016de2705a8b3817698fa2a9b2fb36ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="adobestock-sergei-simanovic-1-1___media_library_original_600_400.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5584
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/ 398 KB
124 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62449
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126317
x-xss-protection: 0
server: cafe
etag: 18140124545370589291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:36:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
68 B 143ms
71ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cryptonewzs.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fd5970e809bd4c18f05432ad0b571f92c80359461e2309fc3710a0c5bccaea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:27 GMT

GET
H2 200 IMG_20220703_130045.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7OLy1mpNdiUgM0NF3xX2Az_w12R-L72wTDqFWwO0XwjlS6ZRL4yCgG12Zek3WiQFwt3eoGEDcGMlSYo6vMAjxXaGxQeiJp3-nIYKNKru0eOREgF70pCBhKBn4FQNWI_dlb3XtnRIsgWTuUY5k... 92 KB
92 KB 727ms
723ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f397740b48aba7c806a9e0b2d19721dc10a4b500e740cfe725ebc76acd6edac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220703_130045.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94053
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220625_174852.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjinFmGUobJ8P_RV8VYgCMIlChxYue2Ey7oEJ6apZWyZNSlC3khAAysjxMtXjmFH7eQiEEpjv1yasZEuSwbVLmSasSwp_mAgSSiL_vAnMFTdb4_UR72EuetzOwJzN0SRtL5VCvlAltQP4y42fJd... 75 KB
75 KB 733ms
728ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjinFmGUobJ8P_RV8VYgCMIlChxYue2Ey7oEJ6apZWyZNSlC3khAAysjxMtXjmFH7eQiEEpjv1yasZEuSwbVLmSasSwp_mAgSSiL_vAnMFTdb4_UR72EuetzOwJzN0SRtL5VCvlAltQP4y42fJdEgf7hWeyus4KdtvxTdOZ2grg6qj76p5zb7RzmVWD/w410-h640/IMG_20220625_174852.JPG

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c7be9da993d148b182fc3dfa525ee849b594cb633e2e5cebd275be7615bcbb35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220625_174852.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77013
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2136682167.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh25sPS7Qu_LqNJWJY0dLxr-a_v3TeKOsAjOJX8oa0f6wuwC-WvDeTJqdn8HacO79uXJP4WW1tW-xGZJ9zD_XOuVwHp9SIkFcMgT4jtUTMCPJ5g13rKA8-6L5FihINZ620yrplmhceF8bRIYCXp... 11 KB
11 KB 689ms
685ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de9512a23fe7374fad6f3d3c08a061d6193e71c7b4da94d8e5408ef83a5d5e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2136682167.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10927
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2138262997%20(1).webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dxDWE_gOh5o0W4J8F5huhV4GSUtGick6YP4wUGhLrNAQAxOzpcSjMEemuATGoR0lxY_yi2Lf_NIWB0KQLDGnD85qYzd-ZKCDapWHmTD9O3RrmRHHA1Tvd7UhrSh3DqiMQWgFUqx87brJvp3X... 21 KB
22 KB 705ms
702ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5a21b7b7ece90c01570a137d1522d3707799a1771d012b20e6faffc2f9c8fe90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v2e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2138262997 (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21987
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220626_094709.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMMjWLwVApVScf51YC1TfawhDyRhOgj9WcAdMUgNs0s_wI9DFlAaUT6ZgXwD9raym-wCEXZYKHVpnk1zntD4ixK1bP-La9tofUlsCmLklL3l5hBk5iMOsyHbaGZIThQ4LJLQhI61fdwc-hHhta... 41 KB
42 KB 818ms
816ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMMjWLwVApVScf51YC1TfawhDyRhOgj9WcAdMUgNs0s_wI9DFlAaUT6ZgXwD9raym-wCEXZYKHVpnk1zntD4ixK1bP-La9tofUlsCmLklL3l5hBk5iMOsyHbaGZIThQ4LJLQhI61fdwc-hHhtahV-ATR1LCpvsALZ27S6BhAyGcZktI08wAw1U0YrL/w640-h342/IMG_20220626_094709.JPG

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f49b37a52bc1b7f41bc24bc2f4c5348d3658482a8bceb2c556339d9f7d18f0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v30"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220626_094709.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42370
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220626_095027.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicpqU70FhmmXeZpDcadni9q-kIZqkVcWbqddUorpFm8FAyyYsWri9DX9e7_C-BwBlpggk4K4XlUJ0ELMW7cNiP4-EfnXoFTg10ngADrJoSBgf0_W1AqwlCNgG-6juPkvBi0K0DZBQT2laVt08-... 44 KB
44 KB 800ms
798ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicpqU70FhmmXeZpDcadni9q-kIZqkVcWbqddUorpFm8FAyyYsWri9DX9e7_C-BwBlpggk4K4XlUJ0ELMW7cNiP4-EfnXoFTg10ngADrJoSBgf0_W1AqwlCNgG-6juPkvBi0K0DZBQT2laVt08-7qeg_QXLowYleFr80ikuDTpod_QHcdOjC1uHFvdr/w640-h348/IMG_20220626_095027.JPG

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b6d932c0d4a5a8b0abf14259f994f9a5b7bab85f0d236081baeecb99fe3e578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v32"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220626_095027.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45089
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 IMG_20220703_130045.JPG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7OLy1mpNdiUgM0NF3xX2Az_w12R-L72wTDqFWwO0XwjlS6ZRL4yCgG12Zek3WiQFwt3eoGEDcGMlSYo6vMAjxXaGxQeiJp3-nIYKNKru0eOREgF70pCBhKBn4FQNWI_dlb3XtnRIsgWTuUY5k... 22 KB
22 KB 814ms
811ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

228cc580945f04a5ea4afecf8f4330cd8cb2268631aa88bb8a73c6b0071c3ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v3d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20220703_130045.JPG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22523
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2136682167.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh25sPS7Qu_LqNJWJY0dLxr-a_v3TeKOsAjOJX8oa0f6wuwC-WvDeTJqdn8HacO79uXJP4WW1tW-xGZJ9zD_XOuVwHp9SIkFcMgT4jtUTMCPJ5g13rKA8-6L5FihINZ620yrplmhceF8bRIYCXp... 16 KB
16 KB 722ms
720ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd014fc83a926b60a32afa9def3681c63bdd37764bc416ec1c78767f12b8d457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2136682167.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16567
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 shutterstock_2138262997%20(1).webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dxDWE_gOh5o0W4J8F5huhV4GSUtGick6YP4wUGhLrNAQAxOzpcSjMEemuATGoR0lxY_yi2Lf_NIWB0KQLDGnD85qYzd-ZKCDapWHmTD9O3RrmRHHA1Tvd7UhrSh3DqiMQWgFUqx87brJvp3X... 12 KB
12 KB 723ms
721ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dxDWE_gOh5o0W4J8F5huhV4GSUtGick6YP4wUGhLrNAQAxOzpcSjMEemuATGoR0lxY_yi2Lf_NIWB0KQLDGnD85qYzd-ZKCDapWHmTD9O3RrmRHHA1Tvd7UhrSh3DqiMQWgFUqx87brJvp3XkheCTYOQXA7fyADqyx63IBSLucZCUsUrwEXUL0m0/w250-h154-p-k-no-nu/shutterstock_2138262997%20(1).webp

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91319e8ba8838f64cc8629ba8ea6afecc5071e80ad09ceeaad987e68cab095b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v2e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_2138262997 (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0
expires: Sun, 16 Apr 2023 11:57:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 148ms
44ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cryptonewzs.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 140ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cryptonewzs.live

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 90ms
89ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=2214689440248271&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Chm-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1874771964&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dinterstitial&sc=1&cookie_enabled=1&abxe=1&dt=1681559848023&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

539ddf79dd26092e9a710863283a4c41f5dff6ec1539b58f24d894ec29883dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13511
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851892
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 124ms
123ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Chm-anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2830129390&sfv=1-0-40&ists=1&fas=2&prev_scp=pos%3Danchor-top&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848029&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93ff7c040855033686404ee65134e7177faefd8a53151ccad4171eaf22bfe55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11178
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 109ms
106ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=3&adks=2141707104&sfv=1-0-40&prev_scp=pos%3Dbillboard-3&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848032&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62e6c14bd467d728e3e32cc08ab459f73e0491598e1729e9c7ef45b524bcdfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9774
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851874
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 150ms
148ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=4&adks=1135442077&sfv=1-0-40&prev_scp=pos%3Dskyscraper-2&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848034&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c11a656f867ba0dc74c9c667b03d957c9b733bbb685e3d7705469dde1d092df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10152
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851904
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 92ms
90ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2CMPU-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=5&adks=2469478460&sfv=1-0-40&prev_scp=pos%3DMPU-1&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848035&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fe96178225d00acdcd9def5bb3b2aaed386b96454d7d8603ea54466f4687a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10150
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 137ms
135ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2CMPU-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=6&adks=2809825188&sfv=1-0-40&prev_scp=pos%3DMPU-2&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848037&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd1a457761a87a48f2117c7a6c5eb03d0580889a45189f3fffbc553e9bf0406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10133
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851892
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
21 KB 157ms
155ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2CMPU-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=7&adks=2542882550&sfv=1-0-40&prev_scp=pos%3DMPU-3&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848039&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a7422e9a037bf7f957e2e2d18189555b70395727ab08806f1ada14a4376e7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21251
x-xss-protection: 0
google-lineitem-id: 6170889775
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138414933747
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 130ms
128ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2CMPU-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=8&adks=1584201766&sfv=1-0-40&prev_scp=pos%3DMPU-4&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848041&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b1691f14b72669dc9adb44d553361ba51d00ae6cb670100d4140051a64c52b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10179
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851895
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 152ms
150ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=9&adks=2271901398&sfv=1-0-40&prev_scp=pos%3Dleaderboard-1&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848042&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcf84b0f9ff25a07c6d3ded30b52c23097631c4a0c9232636415b5ede8d41c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9710
x-xss-protection: 0
google-lineitem-id: 6194223014
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138418618682
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 143ms
141ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=10&adks=3572833128&sfv=1-0-40&prev_scp=pos%3Dleaderboard-2&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848044&lmt=1679145960&dlt=1681559847350&idt=608&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cf10666aa3cbf3e951e1abb627febed9bf4d63b81d85389a71c4b3a249bcf16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9795
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 114ms
112ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Chm-video&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=11&adks=3389423198&sfv=1-0-40&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848046&lmt=1679145960&dlt=1681559847350&idt=608&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=300&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34d402ad79f5fcb799f942cf55d6813b557113bfa2a91cd5a5ae727ba9dc07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9748
x-xss-protection: 0
google-lineitem-id: 6248598645
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138426978229
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A198 6 KB
3 KB 163ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:57:28 GMT
expires: Sun, 14 Apr 2024 11:57:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/ 33 KB
12 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl_page_level_ads.js?cb=31073843

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5636d365a0661cbb44132368305829e057e4436ea52cb4a523dd2b2e95c41e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62399
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11977
x-xss-protection: 0
server: cafe
etag: 123158789673412185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:37:29 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
20 KB 139ms
138ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=12&adks=2462566126&sfv=1-0-40&prev_scp=pos%3Dbillboard-1&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848080&lmt=1679145960&dlt=1681559847350&idt=608&adxs=271&adys=99&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=1058x15&msz=1058x15&fws=4&ohw=1600&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03002ac33483a4f9ef47518ec62dc3b60210548d3c69dd5935bd0483e9064b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20896
x-xss-protection: 0
google-lineitem-id: 6122225467
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138406043480
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 132ms
131ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=13&adks=67937500&sfv=1-0-40&prev_scp=pos%3Dskyscraper-1&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848083&lmt=1679145960&dlt=1681559847350&idt=608&adxs=1046&adys=391&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=266x15&msz=266x15&fws=4&ohw=1600&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72fae323027821c029cc2613c6c631b5aacae27a56d6d399e47bbfe3236c0580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10164
x-xss-protection: 0
google-lineitem-id: 5758330002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138367851901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
20 KB 137ms
137ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3874848049779083&correlator=4172373073706179&eid=31073838%2C31073843&output=ldjh&gdfp_req=1&vrg=202304130101&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=14&adks=3697072775&sfv=1-0-40&prev_scp=pos%3Dbillboard-2&eri=1&cust_params=site%3Dwww.cryptonewzs.live&sc=1&cookie_enabled=1&abxe=1&dt=1681559848087&lmt=1679145960&dlt=1681559847350&idt=608&adxs=271&adys=2300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cryptonewzs.live%2F&frm=20&vis=1&psz=1058x15&msz=1058x15&fws=4&ohw=1600&ga_vid=1567283864.1681559848&ga_sid=1681559848&ga_hid=297315007&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e7f7ae1bfd6b63dfb492d96179ad7375f63767b918bfe2ebe36d1e294cf7a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20744
x-xss-protection: 0
google-lineitem-id: 5996443147
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390012799
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9099 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:57:28 GMT
expires: Sun, 14 Apr 2024 11:57:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6ED5 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGJwUbt1qBVzEIqZJ2GuInExl7rh6Bgm7ND0tE0vuE4esdJxRjiw09MCwMShon45wqFNGSEavK3qJdl6d8NzBngfuKtUIBfK5FjmuvRZd3H5YX4cUaBil0muu0vX88-5vq-ZwBNsQQivgrYZgi5DSBpVg8KWnGHI3_My1DHrJW8H-oi1f-_xfENJezy_qPIcsuT5e8N3WAbw8BpEyZsnXMAN5Pze3IaGsTJy9lHxo_btFQWuJDNvbyO81TbqJGEJbow_hgMxeH-k6GOcTpskAv3Iuc4s-HA7qfwHGMBZut98MZ1IgPC8h3yugO9VtKezO7WQ&sai=AMfl-YRYM9CtJRtzBMvZ0XE-Q8PBFMLFwHp6DnReC3CE2YmKP71ULBT52w9dnOG2O5n7pWXB4JiiETMbaw6Re_OAcUJNsHEw2T879DeyC_9q9X7ctA4zS89-EMW2cFmfWmBsonV9llI0s3dYZIcRC9vB&sig=Cg0ArKJSzPfY_iucZH_AEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/parent/2694/video/ Frame 6ED5 2 KB
1 KB 179ms
124ms Script
text/javascript 2606:4700:3038::6815:eb0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/parent/2694/video/vdo.ai.js
Requested by: Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40294406c4e87632e68f4d5ec561af907ccc62e0268342b8c86bd633a001942d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 15 Apr 2023 11:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
vdo-server: Tag1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFzAwCF2%2FzWRdE0EOKle%2B%2B18va%2BwODXn1gI24Y3PX69GEYJ3hjfjyIaQAAyUxi%2FqXKUuV6eWojidnMM0wq7wFYTzMJskJwhostQpX9d6dDNEug%2Bdnd45OCPb2P8FVyDzrmEN%2Bsvv9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 7b8402dbb83cbb61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6ED5 159 KB
49 KB 60ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 container.html Show response
8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5E55 6 KB
3 KB 44ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:57:28 GMT
expires: Sun, 14 Apr 2024 11:57:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 9099 4 KB
1 KB 244ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 11:13:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9BD3 24 KB
7 KB 220ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Apr 2024 09:41:53 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame 9BD3 161 KB
51 KB 202ms
17ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:05 GMT
server: AmazonS3
x-amz-request-id: 9QCWX5DBB2V34SK3
etag: "cd6ef508acd21fd90cc2de7163af0d41"
x-amz-server-side-encryption: AES256
x-hw: 1681559848.cds300.am5.hn,1681559848.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 51622
x-amz-id-2: b9ZC6PNfA5KihEhmICd7PHF/EsTMWcYLiBmYu97fQt6gBa94uScndiuzkETkahKBnFsQY1q4B1c=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BD3 159 KB
49 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame 9099 19 KB
8 KB 256ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 18:12:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EB7 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty2m7jTryiZWQnz5-jNPvIV9EFHzZ0PQNlOUc0dCDEmpdFMai1td9btg_t-W8IRhqfWZrY-nkBRv3p56qbw1fKhw-U3veH6AK5D6DUwBMUwJuhdXCxELb3k0n9XZcG1Q0nz-b8BatRTS1-oUmM_ZxN3ZDis_UrwHew5syEnElQeXN4bv5chQ6vDlgLgMHQwVHvE53OqHo901K4bazoKNsT9o_gjBa0WGHBiszoq_TacCVbFQ9YdsMfxWAKZ4A9Kq0ZGAYOaJdklVCfKeXo9JB6317nK2YkIr3sZ51Isxm49zkGNpk0Fk7iJGyQsLiF4Nen-rqOjw&sai=AMfl-YRkVP-0vleAS9byR8tDV0-x3X72vxG3hWOs9YXQD8t8jxCBRb2yCJWnLlVz3SlMjWeJt7Up1sFJxldpIhXUc5JqkTjmBeQney0vIqABCoHUfdC37ldYVvfRTVIWbrYTheyTUmTRB2t9Y7IbzuzY&sig=Cg0ArKJSzEAJ0iAKF_zyEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 1EB7 22 KB
9 KB 208ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 08:59:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 1EB7 3 KB
1 KB 237ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Apr 2023 09:37:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EB7 159 KB
49 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 15030683822279363882
tpc.googlesyndication.com/simgad/ Frame 1EB7 127 KB
128 KB 242ms
76ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15030683822279363882

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39a5002bda56d66137a61bd2e5a140310f8c85e3aee91a958effe526aaa5471d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 02:07:32 GMT
x-content-type-options: nosniff
age: 35396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130239
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 19:39:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 02:07:32 GMT

GET
H3 200 container.html Show response
8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3EB 6 KB
3 KB 42ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:57:28 GMT
expires: Sun, 14 Apr 2024 11:57:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5E55 24 KB
6 KB 201ms
45ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Apr 2024 09:41:53 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame 5E55 161 KB
51 KB 195ms
40ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:05 GMT
server: AmazonS3
x-amz-request-id: 9QCWX5DBB2V34SK3
etag: "cd6ef508acd21fd90cc2de7163af0d41"
x-amz-server-side-encryption: AES256
x-hw: 1681559848.cds300.am5.hn,1681559848.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 51622
x-amz-id-2: b9ZC6PNfA5KihEhmICd7PHF/EsTMWcYLiBmYu97fQt6gBa94uScndiuzkETkahKBnFsQY1q4B1c=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E55 159 KB
49 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6ED5 112 KB
44 KB 136ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-44

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/parent/2694/video/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84e9b78c468d27530f6802d50bf90bd72f9a2720a5de0fd92b2faec2daf3bdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44626
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E3EB 24 KB
6 KB 97ms
93ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 09:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Apr 2024 09:41:53 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame E3EB 161 KB
51 KB 20ms
17ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:05 GMT
server: AmazonS3
x-amz-request-id: 9QCWX5DBB2V34SK3
etag: "cd6ef508acd21fd90cc2de7163af0d41"
x-amz-server-side-encryption: AES256
x-hw: 1681559848.cds300.am5.hn,1681559848.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 51622
x-amz-id-2: b9ZC6PNfA5KihEhmICd7PHF/EsTMWcYLiBmYu97fQt6gBa94uScndiuzkETkahKBnFsQY1q4B1c=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3EB 159 KB
49 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame 9BD3 210 KB
65 KB 79ms
24ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=74011
accept-ranges: bytes
content-length: 65523
expires: Sun, 16 Apr 2023 08:30:59 GMT

GET
DATA 200
OK truncated
/ Frame 1EB7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9d1f5885175315b9e7e901bff70d18cb54ead11b2e2cde9eef33744b16ca143

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EB7 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAbOZ315p35vgT7oqCtZO1S2zYJxWvI89QU20MebaK7uj6AxyZKTVSFMdndmwjG32CtISpgMHNZyZQ2PSi2V7Ct_L9KeX30wzzieLJLdzohFOD0b4MaCb3D2BG84tv6xbiGhCmjx-mHDs7ZhhrUp_qs7qCxfN_Kp_irJUmXk7hCFdRiMvgu6yBudy8fCJ_6Z1D6DrCdSewbeMySvSJIpvdxlBsdP99nkTg7TzIcj3dDvXpn1W_WEodqTbwUz4KLCIHBMg_-UOycOUEHPNxzWNs8W2Icyp3G0d5JRiYhGdMdr5XvGoX4Axyb9KJ4LUFe0MOVd77J6p2&sai=AMfl-YQYgfWaRAXRl-OouFhJPX6b8c0wdckTKAsne8GCE5-fvFqlOz8b3AFBNSjah4KT2lMkrM8C9YABlY5hyUJ_XhR4hQeAOr3ctkx4g2mhsfQXzDcJNz68mG5X2c_Es8G0Rq2azUcynBbaE09_XsaT&sig=Cg0ArKJSzJ7ld_kL__ixEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6ED5 49 KB
20 KB 113ms
35ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 10:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 12:11:32 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame 5E55 210 KB
65 KB 7ms
7ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=74011
accept-ranges: bytes
content-length: 65523
expires: Sun, 16 Apr 2023 08:30:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3EB 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRvNqFDpvIS_2AIdF2Dr4Hgm7vRizZtfPKSHhVC3i-aQnE0bm3SfSlVb8L-0yZuE8gEGKzWh0rCZzJmQsnsyRkxxbdWf_Uhiah1T2a8G0bMhMyJPpBHnWV0CjN4uPWBxiqJek4ohMqO4lQ6gUHjOgeYuU2jIpb9LoKlq6GRPu8czPRvpoKZ5k3uXJ47q92Ph-HJp2pYefC1OTc18EfI92FP8_oqXlZJE_3O3exhR4EX2q-TGaWuWy1YS_9cskcwKqgj5EF1F8uyXkGSW3j9hGRArGQy66JHu_FVtc2PU2c8EVD6kPSeTtfRP7PHanNz6nh2iYLEI0&sai=AMfl-YRgI62-iUzzR44SNZldshSy8KgA4dPBxKs1gBfrXoKfzEy6s708vie7F7G0rZ05OHGDo7-4O63FhgiazKoLkFwrV180Csa9qblA7HGiK4czdH9OHzYZkyvuaOOV_VYYzBoDh17p5-tm7CF1PM9y&sig=Cg0ArKJSzDim3QZJxufGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/demand/ Frame 9BD3 52 B
444 B 239ms
115ms Fetch
text/html 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=220328

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:28 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52

GET
H/1.1 204
No Content sync
trends.revcontent.com/ Frame 9BD3 0
0 159ms
35ms Fetch 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Date: Sat, 15 Apr 2023 11:57:28 GMT
access-control-allow-credentials: true
Server: openresty
Connection: keep-alive
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
DATA 200
OK truncated
/ Frame E3EB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3d3aea45e475b197f422a8e3420054d3707c868208111e77815f32c68cd42e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame E3EB 210 KB
65 KB 7ms
7ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=74011
accept-ranges: bytes
content-length: 65523
expires: Sun, 16 Apr 2023 08:30:59 GMT

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/demand/ Frame 5E55 52 B
444 B 237ms
139ms Fetch
text/html 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=220329

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52

GET sync
trends.revcontent.com/ Frame 5E55 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 6ED5 1 B
148 B 42ms
41ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=412879179&t=event&_s=1&dl=https%3A%2F%2Fwww.cryptonewzs.live%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=video&ea=Parent_loaded&el=Parent_2694&_u=YEBAAUABAAAAACAAI~&jid=110759789&gjid=39142201&cid=359520817.1681559849&tid=UA-113932176-44&_gid=679133720.1681559849&_r=1&gtm=457e34c0&jsscut=1&z=1807068170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cryptonewzs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cryptonewzs.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 6ED5 35 B
194 B 35ms
34ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=412879179&t=event&_s=2&dl=https%3A%2F%2Fwww.cryptonewzs.live%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=VDOError&ea=Tag%20not%20found&el=Parent_2694&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=359520817.1681559849&tid=UA-113932176-44&_gid=679133720.1681559849&gtm=457e34c0&jsscut=1&z=2105120345

Requested by

Host: www.cryptonewzs.live
URL: https://www.cryptonewzs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64336
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/demand/ Frame E3EB 52 B
444 B 134ms
49ms Fetch
text/html 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=220336

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:28 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52

GET
H/1.1 204
No Content sync
trends.revcontent.com/ Frame E3EB 0
0 135ms
45ms Fetch 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Date: Sat, 15 Apr 2023 11:57:28 GMT
access-control-allow-credentials: true
Server: openresty
Connection: keep-alive
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3EB 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRx2Nj4k9IXpF_MtEub8QlWW6gGk8ujugvMKrltdSwSupoJZjRO2kHlcQAZ05zI8v-0KAemz9UwSQvV5VKaGGLWCzcFTNz7FTUjlsvcsDmwyobPN8cwYfVg9Jsmj0qxWhgS0B0wc3ztA5AIxX7xMh3L_674Xn1ftsjXR4FPqiKItKdJtUKimrs2SJqDzHGaMY8poTtWoVNmau4fscAQp-r8swbebYufRM-fMvf2VXM9TjnGNN224FOnbAE6p9sOTiuRC7kEoE5gmBAHrSWeY17IELfbSUIutSD-GDNWuxziQxixLCyCKCXecS5kkfBsG5VCCfjerBa1g&sai=AMfl-YQgkJwiEHoMFMfRdzQLBhDwfOITPrJpbTpPQpAohnXk9g9nWvrTx8hyC1DrBU-SPd9yxIS0NXl6HaMK7o8KQeEC-NL7tNPbwNK79gcnaOwaLlNzfhurDI3z9vEJpu_UiprKAKP9F8g_iCK487jQ&sig=Cg0ArKJSzJcVLtRxJ9CBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6ED5 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrBa4FYeeu_kAXVuk241vgPrvQ2UcfQ9xkkNMZziJmQS6HTqEBJouGJ3OnM4xrCi_KcPSS64AIhDcaZBHGexyK1yGHnLG1r4qiiHDh5bVTovxcl_vzDdPnKiDr2CK91Rr20QG94p86wKR7ZivoX3lzlQESm0l5EhLFOOaZxFnqxQo-ILaHjcN1m-r6JwDV9um8JwabvI2NHiH6WDdCBZo-K65QqhZoWoGfr1kUNDYwPPWFU7us6GHi2iu3E_PA-ZqlUFbrV1XLsns2EU7i3WKlTw59bTx-Dx5n9V2Etpr3o8z4vUaMkB_ttwIMGJR2uVLcxUdU&sai=AMfl-YTIHzeQ97XRrhGMKUs4hoN5Iy1v4V-3gbZdQq30C1MwYk77YRcht5m6xQzaHX5bGd0-5zvZJhLZlG_PT_PRppjLWWte5bahSYnUUPaGtkeE5qtxsGUQ6RssW955nwCfvPovhm7qV-pjrqe_4Mzf&sig=Cg0ArKJSzHmRjH-_P6W_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Apr 2023 11:57:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 214ms
86ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eb93c1121843d17455f90d34bfc736879f1141458187107e032dad843e12820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11335
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/delivery/ Frame E3EB 4 KB
4 KB 77ms
76ms Fetch
application/json 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=220336&width=160&rev_allow_cookies=0&site_url=https%3A%2F%2F8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&icr_url=&referer=https%3A%2F%2Fwww.cryptonewzs.live%2F&revsub[SITE]=cryptonewzs.live&va=0&time=1681559849002&banner_size=160x600&up=pc&bn=chrome&bv=112&widget_width=0&style_id=0&idhub[pubcid]=755eb262-2544-48c9-a70b-24bb372a7f4c&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

1e851e43ef54a6a0262daa05c5058178f1390eb1da477637354b415104aeb720

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
vary: Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

POST
H/1.1 204
No Content api-errors
yeet.revcontent.com/yeet/events/ Frame 5E55 0
0 48ms
48ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Sat, 15 Apr 2023 11:57:29 GMT
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H/1.1 200
OK api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 149ms
40ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 11:57:29 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/delivery/ Frame 9BD3 8 KB
6 KB 98ms
98ms Fetch
application/json 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=220328&width=0&rev_allow_cookies=0&site_url=https%3A%2F%2F8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&icr_url=&referer=https%3A%2F%2F8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&revsub[SITE]=cryptonewzs.live&va=0&time=1681559849034&banner_size=300x250&up=pc&bn=chrome&bv=112&widget_width=0&style_id=0&idhub[pubcid]=ba6ff175-c9ed-4185-bf39-3a2a0106ccaa&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

1693e3e361c09836d54360d8314b77c27d97d9d32db58a0835fe91ab2c362147

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
vary: Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/delivery/ Frame 5E55 5 KB
4 KB 118ms
118ms Fetch
application/json 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=220329&width=0&rev_allow_cookies=0&site_url=https%3A%2F%2F8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&icr_url=&referer=https%3A%2F%2Fwww.cryptonewzs.live%2F&revsub[SITE]=cryptonewzs.live&va=0&user_uuid=undefined&time=1681559849063&banner_size=970x90&up=pc&bn=chrome&bv=112&widget_width=0&style_id=0&idhub[pubcid]=89f37e70-5d57-46de-8449-eaac1edc5b42&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

4f35a627b6e1975a8ee29439ce58ff274de5619d837e895aa3b5fd642525657a

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
vary: Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

GET
H2 200 rtbWidget.delivery.js Show response
assets.revcontent.com/master/ Frame E3EB 16 KB
5 KB 18ms
17ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rtbWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 6b04ad305dd0977f956aa9bce900bfd63ad1276c931d655bcf7b7c6f3b63bf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:08 GMT
server: AmazonS3
x-amz-request-id: RZS0C8FM77FDV1P2
etag: "140dffe450085c869d449ea4861e853f"
x-amz-server-side-encryption: AES256
x-hw: 1681559849.cds300.am5.hn,1681559849.cds221.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 5033
x-amz-id-2: ICcuFaq2EhKcsfLJNVP3mIPhhYUaALu/iPKME64OQ8nUCMP2OVXVns5zLnYIYUd2HFdPETrsOZU=

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304130101/pubads_impl.js?cb=31073843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 11:57:29 GMT

GET
H2 200 63da81264df152-63961953.jpeg
images.revcontent.com/revcontent/image/fetch/f_webp,q_auto:eco,h_100,w_160,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ Frame E3EB 2 KB
2 KB 88ms
25ms Image
image/webp 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_webp,q_auto:eco,h_100,w_160,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/63da81264df152-63961953.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

2a6fd1ef2d7da2903dd425b575ee207275585ae592ea5dcd2308cae415809700

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="63da81264df152-63961953.webp"
server-timing: cld-fastly;mitm=po;dur=153;cpu=1;start=2023-04-13T11:43:40.334Z;desc=miss,rtt;dur=0,cloudinary;dur=58;start=2023-04-13T11:43:40.383Z
content-length: 1980
last-modified: Wed, 08 Feb 2023 12:36:38 GMT
server: Cloudinary
etag: "d0ff9deb45e4a358a16ada9997ac8ee9"
x-hw: 1681559849.cds307.am5.hn,1681559849.cds236.am5.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 204
No Content impression
trends.revcontent.com/event/ Frame E3EB 0
0 147ms
55ms Fetch 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Origin
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

GET
H2 200 rtbWidget.delivery.js Show response
assets.revcontent.com/master/ Frame 9BD3 16 KB
5 KB 17ms
16ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rtbWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 6b04ad305dd0977f956aa9bce900bfd63ad1276c931d655bcf7b7c6f3b63bf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:08 GMT
server: AmazonS3
x-amz-request-id: RZS0C8FM77FDV1P2
etag: "140dffe450085c869d449ea4861e853f"
x-amz-server-side-encryption: AES256
x-hw: 1681559849.cds300.am5.hn,1681559849.cds221.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 5033
x-amz-id-2: ICcuFaq2EhKcsfLJNVP3mIPhhYUaALu/iPKME64OQ8nUCMP2OVXVns5zLnYIYUd2HFdPETrsOZU=

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80A8 13 KB
5 KB 35ms
35ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cryptonewzs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 51
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:56:38 GMT
expires: Sun, 14 Apr 2024 11:56:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8396 783 B
1 KB 128ms
47ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d4ea2d61eef950cc8255ff75755a83aa0b496b3aabb4c8cd0970747097da51a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7VX1n0RsHK0rJQ8PDUzVag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cryptonewzs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-7VX1n0RsHK0rJQ8PDUzVag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 11:57:29 GMT
expires: Sat, 15 Apr 2023 11:57:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 rtbWidget.delivery.js Show response
assets.revcontent.com/master/ Frame 5E55 16 KB
5 KB 17ms
17ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rtbWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 6b04ad305dd0977f956aa9bce900bfd63ad1276c931d655bcf7b7c6f3b63bf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:08 GMT
server: AmazonS3
x-amz-request-id: RZS0C8FM77FDV1P2
etag: "140dffe450085c869d449ea4861e853f"
x-amz-server-side-encryption: AES256
x-hw: 1681559849.cds300.am5.hn,1681559849.cds221.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 5033
x-amz-id-2: ICcuFaq2EhKcsfLJNVP3mIPhhYUaALu/iPKME64OQ8nUCMP2OVXVns5zLnYIYUd2HFdPETrsOZU=

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 80A8 36 KB
14 KB 106ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Apr 2024 08:02:16 GMT

POST
H/1.1 204
No Content impression
trends.revcontent.com/event/ Frame 9BD3 0
0 60ms
39ms Fetch 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Origin
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

POST
H/1.1 204
No Content impression
trends.revcontent.com/event/ Frame 5E55 0
0 52ms
41ms Fetch 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Origin
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8396 0
0 69ms
68ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304130101&jk=3874848049779083&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 80A8 0
10 B 35ms
34ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Lw8GYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 11:57:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content view
trends.revcontent.com/event/ Frame E3EB 0
0 36ms
35ms Fetch 99.81.25.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/view

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-25-188.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1c
Date: Sat, 15 Apr 2023 11:57:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Origin
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
access-control-allow-credentials: true
Connection: keep-alive

OPTIONS
H/1.1 200
OK page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 120ms
120ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 11:57:29 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H/1.1 200
OK widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 195ms
108ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 11:57:29 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 204
No Content page-view
yeet.revcontent.com/yeet/events/ Frame E3EB 0
0 58ms
57ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Sat, 15 Apr 2023 11:57:29 GMT
Server: openresty
Connection: keep-alive
vary: Origin

POST
H/1.1 204
No Content widget-loaded
yeet.revcontent.com/yeet/events/ Frame E3EB 0
0 157ms
157ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Sat, 15 Apr 2023 11:57:29 GMT
Server: openresty
Connection: keep-alive
vary: Origin

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EB7 42 B
174 B 73ms
71ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQr6c8VAngRyTvHCQ1sEZFUQhMw4LM3DPY5fnsCkRaTyGSF-CnT5PxN5Ss2JRz4RUn5VUujboO7KBJZLPSbH7xl17X9ca5qCI-Cps-8enMdT5NRUAj&sig=Cg0ArKJSzB5na19_nkZHEAE&id=lidar2&mcvt=1000&p=99,436,189,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2462566126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681559848306&rpt=374&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E3EB 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZgGHFaiz82Ib9SaFdf_inDWetOJgML7sx9vSAGLiVCsQAUeGT7qjkrVtHKJvlAag_fVORmLpG3RQCqWsby4HUUIZr8aouuFB8ivuv-b6BhCVOw_vP&sig=Cg0ArKJSzLfOqOVKs84TEAE&id=lidar2&mcvt=1000&p=481,1099,1081,1259&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=67937500&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681559848325&rpt=537&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304130101&jk=3874848049779083&bg=!9vWl9aHNAAZA7GLoYOw7ADkAdvg8WjQ4QnZ95Pt_-QNbSqxnAZhGRPBGanLu7IFhKqQj0XmaOTfg62Ie5Z7IW5PXKEwNUQez9X4CAAAAUlIAAAAEaAEHCgCI1eNYyWK15WuTU9bHcyZ03C_ZZclllIkZReirwREbAKHH0OziBoWi8x_fs6OM_tIP3N7jnB_slO-RD3hRbkDk3D_A-Qa4I4rULWtkbvllYnX8YPnK-5iCuK5Zrb0EeUV_lDaYRFKvdOTWI-sF7XHf9ac8owOIMUL-_RPmNC8LEfL7j4P-OhmG4ZkC79KhhFTXU_jCn_s086EEHWOhSuQzyBqu4okzer4_2uDj2pPO1WpCAc322iFF8oeGO02tlz2UhF6-mPN9KYOFZ5shWlvqGacHfyxQ8TbfN2-tlKe_v6H_4b4wPuXsuiSVxXO3yjKurYYKXgR6ij4-nxUAIcNHlMsTI7z5g3hrcCbNq3kvoRQnVWehOnNLYRN7CpwsX5zlYbJsuqgwoHN3RuxD-clFg-b9J19tg4RlmnWOgAFo0pR8-FISqQRXqQbegrRj75OS1xwSKMTI5IWBHARt9itI6W8dSLl3Ns5Bfr7V9_2f3-Uah9NRn5Eurq2ifk6c8U24YUU3EPS46OiZ62ntNnubgZRHbgGxVywgcrtj3VijmyFG2fUPg_OElBfJ0d2uKaSZ-j4BGylyufGljxXDNG9qvZYiXzLOTSVjWabYVMA_gbC_QtTGYIekFhfFAVIN6q74PwNlBW-KoTsa0yA3p2DyzUuNPYfBt5y1Rcf8wCKqqRdX3Fei-JlxnDiz0NtAxUypJ8L4M5bugAiYXXS-OpzbGPWASaUsdzRQhn-Gk229E3xhsix3ILkOmmktER2ZclvQXQkPEYHG9uPbTFFtZs9ePTd0N4B-VqRoi7mJqILc1dZiRS4hFIPQeFdKIzUzJM2YvNqIpdIe2_QTweJpqg1LLxHrV1PPKFZu11oZYFhiKC7yONHG8kdK55izrd6Kv3I64UnKNQotwzxuxEoo6O4zL0u1VyKIh0_ybblTgvCIgVcIu41bBssKvaNpRUXVif1WqvFZb8WFRy0R_UTKJAx-H73XNbsHOwlN6g81pIQZ62dUEP_cCo1O3XLhNWo9I_hCF3NiRM1m8eObpzlUKf-zfnNNoHUqQ_cqbonPsqRUXTdeDRbHDbO3rmXZrClGiz1A61RrfjvJp8un0W1-kXnIMQrGkktGsra0GeeT0QnETaTNuTugMe-n_cSO4OvoRHUqe2S7RpLiY2RtiwNQNLubZ0erxRzIw_we0Sk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cryptonewzs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

POST
H/1.1 204
No Content vcpm-event
yeet.revcontent.com/yeet/events/ Frame E3EB 0
0 83ms
48ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Sat, 15 Apr 2023 11:57:30 GMT
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H/1.1 200
OK vcpm-event
yeet.revcontent.com/yeet/events/ Frame 0
0 60ms
60ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 11:57:30 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 204
No Content vcpm-event
yeet.revcontent.com/yeet/events/ Frame E3EB 0
0 48ms
34ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Sat, 15 Apr 2023 11:57:30 GMT
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H/1.1 200
OK vcpm-event
yeet.revcontent.com/yeet/events/ Frame 0
0 47ms
45ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 11:57:30 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 204
No Content vcpm-event
yeet.revcontent.com/yeet/events/ Frame E3EB 0
0 35ms
34ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Sat, 15 Apr 2023 11:57:30 GMT
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H/1.1 200
OK vcpm-event
yeet.revcontent.com/yeet/events/ Frame 0
0 113ms
65ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 15 Apr 2023 11:57:30 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 49ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 11:57:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 281105
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame 9BD3 49 B
101 B 148ms
105ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 11:57:30 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9BD3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=-3YoHnx2aDhuU0lvbDViUmI5KzFzVzdyNzkwV0piU0dhY3Z6T01wMnVtS2Y5UnhRS0ExdkoycmtvNnd4L09taDdPREg1cWJ6SjZQbnVWU0N4WEJPOFBTZ0NLalUxNjBicUd1OG93bEZ3MzFNSlVxWTZ5VEs2SDBHekxpSD...

418 B
553 B

44ms
16ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-3YoHnx2aDhuU0lvbDViUmI5KzFzVzdyNzkwV0piU0dhY3Z6T01wMnVtS2Y5UnhRS0ExdkoycmtvNnd4L09taDdPREg1cWJ6SjZQbnVWU0N4WEJPOFBTZ0NLalUxNjBicUd1OG93bEZ3MzFNSlVxWTZ5VEs2SDBHekxpSDR6T3Fzc3dZOEdZN21Ubnhud1h0aVhuRzZoeWYwTFk2RXJWTElpOUpSa0F3SjhhTStWZ0NPRVNhS2c0RjQ4UGUrYm5iQWg3TVRRcG82Z3ZaUHE3blFiMzQzRUlSNFRRYVB0SmsyU0lvRXF4YmVrMmhvYkhpblZ6aStpQS9ZOWR4T3gwRTFLUGZmQ3h3QjBERWNtRGdDOGNWenBFcmRNSzFpTHJ5VENWZ3oxR1dHUi9PdDE0YlA2OVg0VnpmMDFXQzVmRXpqVGU3M3UzcHlrbG9HZXcxdENyR0lxNHY1VFE9PXw&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

294344674a7433fb67658cad513dabc694eafe3861678492d0c4a4c7ea0faeee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 808636
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=-3YoHnx2aDhuU0lvbDViUmI5KzFzVzdyNzkwV0piU0dhY3Z6T01wMnVtS2Y5UnhRS0ExdkoycmtvNnd4L09taDdPREg1cWJ6SjZQbnVWU0N4WEJPOFBTZ0NLalUxNjBicUd1OG93bEZ3MzFNSlVxWTZ5VEs2SDBHekxpSDR6T3Fzc3dZOEdZN21Ubnhud1h0aVhuRzZoeWYwTFk2RXJWTElpOUpSa0F3SjhhTStWZ0NPRVNhS2c0RjQ4UGUrYm5iQWg3TVRRcG82Z3ZaUHE3blFiMzQzRUlSNFRRYVB0SmsyU0lvRXF4YmVrMmhvYkhpblZ6aStpQS9ZOWR4T3gwRTFLUGZmQ3h3QjBERWNtRGdDOGNWenBFcmRNSzFpTHJ5VENWZ3oxR1dHUi9PdDE0YlA2OVg0VnpmMDFXQzVmRXpqVGU3M3UzcHlrbG9HZXcxdENyR0lxNHY1VFE9PXw&cppv=2
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 334075
content-length: 0
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ Frame 9BD3 216 B
674 B 31ms
8ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

d57c29e105b689be62a10292c91f8d581e2c3d45137ca184ec7680388c1f012a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame 9BD3 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 9BD3 43 B
351 B 99ms
31ms XHR
application/json 54.194.98.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.98.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-98-250.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache
x-server: 10.45.17.66
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 9BD3 63 B
423 B 106ms
33ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: d094d6ea87886204bbafd8ed7e3754effc69d2c5d019b7728ae44642a6767456

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 11:57:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 15 May 2023 11:57:30 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 11:57:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 235189
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame 5E55 49 B
284 B 112ms
104ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 11:57:30 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5E55
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Io0rYnw0NExJcVNCRFpVUHJ1YVczYmw3Y2RsN0xYbm5YWnMzVWlocDZiS1l1cUt4cUVVYXRHNUNKem1mRGpwc0JpdU1peFFBTVEwcDFKQWpRZVNmblp6RFhHbnd6b09UdkpnZ3dTV29qTVBEWUdBV1JOYmVGZEFZV1Y4M2...

408 B
546 B

46ms
17ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Io0rYnw0NExJcVNCRFpVUHJ1YVczYmw3Y2RsN0xYbm5YWnMzVWlocDZiS1l1cUt4cUVVYXRHNUNKem1mRGpwc0JpdU1peFFBTVEwcDFKQWpRZVNmblp6RFhHbnd6b09UdkpnZ3dTV29qTVBEWUdBV1JOYmVGZEFZV1Y4M2MyMXBpZUc5cFRrNXZ3c3gyOW8xZTNscmVLVWozc3VPcmRKOHJJNmw0RHFab3RQekMrdWxMbm5RWEVGVTVIMFkrcG9TaWFDYmNBRFFUV1NtV0h5TGRBbXhoRmFhUStyRVFNdHErc3VsZU83WDl3eFEwL0xJbmFPTi83SHdXdGVaNzlHUndiWUVvNThhR2FwTmM4RHJMVFdPQ09yRmVrMmRCUCttTE0xV0hsQ1E5aU8rb2h4SG9CRjJQMzZnVTVBMEkrSWs5aURBandmcklramt4bXA3cGxwNlFaK3NGWGc9PXw&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0f1770c09857ac64c0b1cb8fd656586af03a8845cf5faf1a8646841c465850b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 650658
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=Io0rYnw0NExJcVNCRFpVUHJ1YVczYmw3Y2RsN0xYbm5YWnMzVWlocDZiS1l1cUt4cUVVYXRHNUNKem1mRGpwc0JpdU1peFFBTVEwcDFKQWpRZVNmblp6RFhHbnd6b09UdkpnZ3dTV29qTVBEWUdBV1JOYmVGZEFZV1Y4M2MyMXBpZUc5cFRrNXZ3c3gyOW8xZTNscmVLVWozc3VPcmRKOHJJNmw0RHFab3RQekMrdWxMbm5RWEVGVTVIMFkrcG9TaWFDYmNBRFFUV1NtV0h5TGRBbXhoRmFhUStyRVFNdHErc3VsZU83WDl3eFEwL0xJbmFPTi83SHdXdGVaNzlHUndiWUVvNThhR2FwTmM4RHJMVFdPQ09yRmVrMmRCUCttTE0xV0hsQ1E5aU8rb2h4SG9CRjJQMzZnVTVBMEkrSWs5aURBandmcklramt4bXA3cGxwNlFaK3NGWGc9PXw&cppv=2
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 297876
content-length: 0
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ Frame 5E55 216 B
674 B 7ms
7ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

84345307dac699a661f6679a355029f914b0b07d846961f48af3187909ab07f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame 5E55 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 5E55 43 B
350 B 94ms
61ms XHR
application/json 54.194.98.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.98.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-98-250.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache
x-server: 10.45.3.54
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 5E55 63 B
424 B 69ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: d094d6ea87886204bbafd8ed7e3754effc69d2c5d019b7728ae44642a6767456

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 11:57:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 15 May 2023 11:57:30 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 17ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 11:57:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 315952
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame E3EB 49 B
101 B 102ms
102ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 11:57:30 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/ Frame E3EB
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cryptonewzs.live%2F&domain=8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=s2hbTHx6TEhSSDF2czZOVkd3Z1I1eWZMaUhCMU1tNlZpMHBiR1AwZkV6eXQyK21ERXFaenJtVUh5N1BEUWI2RytPeXJ1M2dZeWh3RDZOQXRhNDVySGJ3czNkbEhDeHNMb1RTL0hkTmZqWko3S1VjZEJpSWg2Y0RSYjl1OX...

396 B
544 B

46ms
16ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=s2hbTHx6TEhSSDF2czZOVkd3Z1I1eWZMaUhCMU1tNlZpMHBiR1AwZkV6eXQyK21ERXFaenJtVUh5N1BEUWI2RytPeXJ1M2dZeWh3RDZOQXRhNDVySGJ3czNkbEhDeHNMb1RTL0hkTmZqWko3S1VjZEJpSWg2Y0RSYjl1OXAyNURmRU5DUWZDRWtnakVuQkljOUZwRjBFTFFraGI5TkZoRUwzK3R0VXR1RFBwbHd4eHhlMjVQamNOZWZqcDZ3cVlPNmNqMWxnS0dCVDN2YmZBSUcrb2VUQTlZbGdQeUFNQzYzV2tnK2hXeG1TbzE2RTB5UUZ1ZUVQcXZMRmk5WkM0NWNHTVBQSTNMWEdHa0NaSStDVW54UFRQSlpxQlBYUlVzWDhoYmRraWRUdHFYSU9jUy82TmhUU09rNmlaaTlDcGRNNUJRbXw&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a0b98772ad75795df734bed11ec3281d62db73cc98c5a999280f7fbcec6c5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 717734
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=s2hbTHx6TEhSSDF2czZOVkd3Z1I1eWZMaUhCMU1tNlZpMHBiR1AwZkV6eXQyK21ERXFaenJtVUh5N1BEUWI2RytPeXJ1M2dZeWh3RDZOQXRhNDVySGJ3czNkbEhDeHNMb1RTL0hkTmZqWko3S1VjZEJpSWg2Y0RSYjl1OXAyNURmRU5DUWZDRWtnakVuQkljOUZwRjBFTFFraGI5TkZoRUwzK3R0VXR1RFBwbHd4eHhlMjVQamNOZWZqcDZ3cVlPNmNqMWxnS0dCVDN2YmZBSUcrb2VUQTlZbGdQeUFNQzYzV2tnK2hXeG1TbzE2RTB5UUZ1ZUVQcXZMRmk5WkM0NWNHTVBQSTNMWEdHa0NaSStDVW54UFRQSlpxQlBYUlVzWDhoYmRraWRUdHFYSU9jUy82TmhUU09rNmlaaTlDcGRNNUJRbXw&cppv=2
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 270158
content-length: 0
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ Frame E3EB 216 B
674 B 8ms
7ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

fed457e1030b627d20e97dcf6113de526e8a65806a1b9aef42c719f8f8316c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
date: Sat, 15 Apr 2023 11:57:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame E3EB 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame E3EB 43 B
350 B 42ms
42ms XHR
application/json 54.194.98.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.98.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-98-250.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 11:57:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: no-cache
x-server: 10.45.0.112
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame E3EB 63 B
423 B 32ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: d094d6ea87886204bbafd8ed7e3754effc69d2c5d019b7728ae44642a6767456

Request headers

Referer: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 11:57:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 15 May 2023 11:57:30 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 72ms
15ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 11:57:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 274772
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 73ms
16ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 11:57:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 301734
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 56ms
15ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 11:57:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 312323
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/sync

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demand.supply/	1970-01-20 11:06:01	Name: __cf_bm Value: 8D94Mr5UGFBuFUUXUfyM7Z.4TPLXr_wGQvrJpRv3bfU-1681559847-0-Ad5cW4cxj9uV3tGJ6VH5vyhjl/PD2lRtpSu8GzAiDg3Q/DR0mb+ktQWwsuDIcCVB12yA1t4dNO1fLpucsJ4bPIw=
.prebid.a-mo.net/	1970-01-20 19:51:35	Name: __amc Value: 1_1681559847_1681559847
.cryptonewzs.live/	1970-01-20 20:27:35	Name: __gads Value: ID=5ea5ae8f83e1d0fc:T=1681559848:S=ALNI_Mai_n4igBRzYdf_ehnlYHQF4oiO7Q
.cryptonewzs.live/	1970-01-20 20:27:35	Name: __gpi Value: UID=00000c02bb9cd8d5:T=1681559848:RT=1681559848:S=ALNI_MaLerp09ApkgeLF-iAhqpGzqVP__g
.doubleclick.net/	1970-01-20 20:27:35	Name: IDE Value: AHWqTUnLE-42iAKdHq2O0aSk7JjoJIBUY8OXfV8Vo8VW2FWiImrJRKM0gDlNvIelI0s
.cryptonewzs.live/	1970-01-20 20:41:59	Name: _ga Value: GA1.2.359520817.1681559849
.cryptonewzs.live/	1970-01-20 11:07:26	Name: _gid Value: GA1.2.679133720.1681559849
.cryptonewzs.live/	1970-01-20 11:05:59	Name: _gat_gtag_UA_113932176_44 Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lib.wtg-ads.com/publisher/cryptonewzs.live/cryptonewzs_sb_ad.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://live.demand.supply/up.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
8ffaf69ad937826b43703af7d0537c97.safeframe.googlesyndication.com
a.vdo.ai
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.rlcdn.com
assets.revcontent.com
blogger.googleusercontent.com
cdn.hooliganmedia.com
cdnjs.cloudflare.com
connect.facebook.net
cryptonewzs.live
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
id.crwdcntrl.net
id5-sync.com
images.revcontent.com
lexicon.33across.com
lib.wtg-ads.com
live.demand.supply
ljii.github.io
match.adsrvr.org
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
pbjs.e-planning.net
prebid.a-mo.net
pro.fontawesome.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
trends.revcontent.com
use.typekit.net
www.blogger.com
www.cryptonewzs.live
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
yeet.revcontent.com
api.rlcdn.com
trends.revcontent.com
141.95.33.111
147.75.84.158
151.139.128.10
178.250.1.11
193.3.178.4
2.19.228.187
205.185.216.42
216.239.38.21
2600:1901:0:8344::
2606:4700:20::681a:e0a
2606:4700:3038::6815:eb0a
2606:4700::6810:8616
2606:4700::6811:180e
2606:4700::6812:1634
2606:50c0:8000::153
2a00:1450:4001:801::2009
2a00:1450:4001:806::200a
2a00:1450:4001:806::2013
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a02:2638:d::d
2a02:26f0:480:e::210:f113
2a02:26f0:780::5f65:36c8
2a03:2880:f01c:8012:face:b00c:0:3
35.71.131.137
52.51.126.33
54.194.98.250
99.81.25.188
03002ac33483a4f9ef47518ec62dc3b60210548d3c69dd5935bd0483e9064b73
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
072cf45646504c1c47a352a285e840415a03df47b9d4c25990dedbbf079cad2c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a7422e9a037bf7f957e2e2d18189555b70395727ab08806f1ada14a4376e7dd
0f1770c09857ac64c0b1cb8fd656586af03a8845cf5faf1a8646841c465850b0
0f48a15c9e44b3ecfbc9e87b5217744b2dc0ef379461a6391c11e2ba8e2977d0
0fe96178225d00acdcd9def5bb3b2aaed386b96454d7d8603ea54466f4687a2c
11e4342c37d88d69519e3d4be0ed9da7c51f1febe2abc7944745fc583b29c3a3
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
1693e3e361c09836d54360d8314b77c27d97d9d32db58a0835fe91ab2c362147
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1bff7e04389669c69e1e836cbec6e90386301c21ed24a01f72de3b0f81325ef4
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e2675e98e7c6aa6649c44fac4dbb9a4846a265090495a8e5b250d47e420e94b
1e851e43ef54a6a0262daa05c5058178f1390eb1da477637354b415104aeb720
21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
228cc580945f04a5ea4afecf8f4330cd8cb2268631aa88bb8a73c6b0071c3ee2
23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
294344674a7433fb67658cad513dabc694eafe3861678492d0c4a4c7ea0faeee
2a6fd1ef2d7da2903dd425b575ee207275585ae592ea5dcd2308cae415809700
2e7f7ae1bfd6b63dfb492d96179ad7375f63767b918bfe2ebe36d1e294cf7a96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37fd3601f141256ba274c063d5915626a24d906d74eaa4fbe2c1e38c601e23e7
39a5002bda56d66137a61bd2e5a140310f8c85e3aee91a958effe526aaa5471d
3cf10666aa3cbf3e951e1abb627febed9bf4d63b81d85389a71c4b3a249bcf16
3fd5970e809bd4c18f05432ad0b571f92c80359461e2309fc3710a0c5bccaea6
40294406c4e87632e68f4d5ec561af907ccc62e0268342b8c86bd633a001942d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4aac7b10598e32993914e36ca8b78080cf04c8c18f9d10f8051ee68943ce934e
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4ea3a1fe2cf3b77153fa485debb8aff5fb3afbe72e1e93edf417aed959967fa6
4f35a627b6e1975a8ee29439ce58ff274de5619d837e895aa3b5fd642525657a
52e5f0f9cf3c2ad4889ae7abf873a192534b0e99604913bd35f8256fabe745e2
539ddf79dd26092e9a710863283a4c41f5dff6ec1539b58f24d894ec29883dff
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583c3baa016be25c3719795e60a29e5b461bd80c130e3b3529237d57fe8f54b8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5992195728f6d8bd4d7f59f6e28e55c188a094466f707ffd32123ee185f79cf2
5a21b7b7ece90c01570a137d1522d3707799a1771d012b20e6faffc2f9c8fe90
5d4ea2d61eef950cc8255ff75755a83aa0b496b3aabb4c8cd0970747097da51a
5f2fb1103aa2e5de6f77622fdc8a6535e1da85cf940826dc513a71c6f6488982
5f3d3aea45e475b197f422a8e3420054d3707c868208111e77815f32c68cd42e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e6c14bd467d728e3e32cc08ab459f73e0491598e1729e9c7ef45b524bcdfce
6a0b98772ad75795df734bed11ec3281d62db73cc98c5a999280f7fbcec6c5c5
6b04ad305dd0977f956aa9bce900bfd63ad1276c931d655bcf7b7c6f3b63bf10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce228ef724b2873dda4b84e29adc72f0688c483afb87ee4342086635c85a80e
6d55a86e26ed20ceaa4bf90af9a6603005da727fe07f226e7d6f399ae18ccb3c
72fae323027821c029cc2613c6c631b5aacae27a56d6d399e47bbfe3236c0580
7511d76cede55f4e3be93bd82319ad1cc185522d68dad76ac2a8284d7052d7c0
7b1691f14b72669dc9adb44d553361ba51d00ae6cb670100d4140051a64c52b8
7cd1a457761a87a48f2117c7a6c5eb03d0580889a45189f3fffbc553e9bf0406
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
84345307dac699a661f6679a355029f914b0b07d846961f48af3187909ab07f3
84e9b78c468d27530f6802d50bf90bd72f9a2720a5de0fd92b2faec2daf3bdb7
88121c6c3761da89487f3035b115389016de2705a8b3817698fa2a9b2fb36ff5
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b6d932c0d4a5a8b0abf14259f994f9a5b7bab85f0d236081baeecb99fe3e578
901bbdbe86648857cc7129945198c11708ebb4050d30f1067a29772e2c1654d5
91319e8ba8838f64cc8629ba8ea6afecc5071e80ad09ceeaad987e68cab095b3
9eb93c1121843d17455f90d34bfc736879f1141458187107e032dad843e12820
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6cac730363f4ef6de9926f12b3dcce9459d4e6a7c9dc563e18a044bbc6a8ea0
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9ed7e8aecc4e85528397f500bcfe0c74f4fbf43ffc88e0408c1fdf04c51a9f1
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b93ff7c040855033686404ee65134e7177faefd8a53151ccad4171eaf22bfe55
b9d1f5885175315b9e7e901bff70d18cb54ead11b2e2cde9eef33744b16ca143
c11a656f867ba0dc74c9c667b03d957c9b733bbb685e3d7705469dde1d092df5
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c7be9da993d148b182fc3dfa525ee849b594cb633e2e5cebd275be7615bcbb35
c88d72b612a5cb5aaa4bf7ed8b2661e28482ff6a695b8c2e90b97bc4e599d4e0
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
d094d6ea87886204bbafd8ed7e3754effc69d2c5d019b7728ae44642a6767456
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d5636d365a0661cbb44132368305829e057e4436ea52cb4a523dd2b2e95c41e8
d57c29e105b689be62a10292c91f8d581e2c3d45137ca184ec7680388c1f012a
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415
dd014fc83a926b60a32afa9def3681c63bdd37764bc416ec1c78767f12b8d457
de9512a23fe7374fad6f3d3c08a061d6193e71c7b4da94d8e5408ef83a5d5e50
e34d402ad79f5fcb799f942cf55d6813b557113bfa2a91cd5a5ae727ba9dc07c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f397740b48aba7c806a9e0b2d19721dc10a4b500e740cfe725ebc76acd6edac4
f49b37a52bc1b7f41bc24bc2f4c5348d3658482a8bceb2c556339d9f7d18f0d2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcf84b0f9ff25a07c6d3ded30b52c23097631c4a0c9232636415b5ede8d41c84
fed457e1030b627d20e97dcf6113de526e8a65806a1b9aef42c719f8f8316c9a
ff1faea3fb83ae73cab22ea557c3a3e5053ff35b742409b5bc717fe8feacce2f

www.cryptonewzs.live Open in urlscan Pro 2a00:1450:4001:806::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

96 %HTTPS

68 %IPv6

32 Domains

41 Subdomains

37 IPs

5 Countries

2422 kBTransfer

5262 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cryptonewzs.live Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

96 %
HTTPS

68 %
IPv6

32
Domains

41
Subdomains

37
IPs

5
Countries

2422 kB
Transfer

5262 kB
Size

8
Cookies

157 HTTP transactions
2 data transactions