sales-software-luxembourg-737205.xyz Open in urlscan Pro
104.17.157.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sales-software-luxembourg-737205.xyz/
Submission: On March 28 via api (March 28th 2024, 1:56:16 am UTC) from BE — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 35 HTTP transactions. The main IP is 104.17.157.1, located in and belongs to CLOUDFLARENET, US. The main domain is sales-software-luxembourg-737205.xyz.
TLS certificate: Issued by E1 on March 24th 2024. Valid for: 3 months.

This is the only time sales-software-luxembourg-737205.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.17.157.1 104.17.157.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:235... 2600:9000:2359:ca00:9:bf39:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	54.247.38.52 54.247.38.52	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
3 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 3	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
35	14

2 104.17.157.1 (None, )

ASN13335 (CLOUDFLARENET, US)

sales-software-luxembourg-737205.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:ca00:9:bf39:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.greencolumnblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

s.flocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.greencolumnblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.38.52 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-38-52.eu-west-1.compute.amazonaws.com

soflopxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.228 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	flocdn.com s.flocdn.com — Cisco Umbrella Rank: 27483	564 KB
6	greencolumnblog.com ob.greencolumnblog.com — Cisco Umbrella Rank: 43193 obs.greencolumnblog.com — Cisco Umbrella Rank: 37964	39 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	398 KB
4	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2624	1 KB
4	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 4987 www.googleadservices.com — Cisco Umbrella Rank: 128	5 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	52 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7099	192 B
3	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39	72 B
2	soflopxl.com soflopxl.com — Cisco Umbrella Rank: 24183	415 B
2	sales-software-luxembourg-737205.xyz sales-software-luxembourg-737205.xyz	3 KB
35	10

	Domain	Requested by
6	s.flocdn.com	sales-software-luxembourg-737205.xyz s.flocdn.com
5	www.googletagmanager.com	ob.greencolumnblog.com www.googletagmanager.com
5	obs.greencolumnblog.com	ob.greencolumnblog.com sales-software-luxembourg-737205.xyz
4	www.adsensecustomsearchads.com	www.google.com sales-software-luxembourg-737205.xyz
4	www.google.com	3 redirects s.flocdn.com
3	www.google.de	sales-software-luxembourg-737205.xyz
3	googleads.g.doubleclick.net	3 redirects
3	www.googleadservices.com	www.googletagmanager.com
2	soflopxl.com	s.flocdn.com
2	sales-software-luxembourg-737205.xyz
1	partner.googleadservices.com	www.google.com
1	ob.greencolumnblog.com	sales-software-luxembourg-737205.xyz
35	12

This site contains no links.

Subject Issuer	Validity	Valid
sales-software-luxembourg-737205.xyz E1	`2024-03-24` - `2024-06-22`	3 months	crt.sh
*.greencolumnblog.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-16`	a year	crt.sh
*.flocdn.com Amazon RSA 2048 M02	`2023-12-06` - `2025-01-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
pxtres.com Amazon RSA 2048 M03	`2024-01-20` - `2025-02-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sales-software-luxembourg-737205.xyz/
Frame ID: C9DAAA8633CF77359390F4CED28B94B0
Requests: 35 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2Fserp%3Fsc%3DJilkTUGUSB6T20%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2640706365197983&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r5&nocache=6711711590971573&num=0&output=afd_ads&domain_name=sales-software-luxembourg-737205.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1711590971574&u_w=800&u_h=600&biw=1600&bih=1113&psw=1600&psh=1113&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=618877072&rurl=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F
Frame ID: BBCABA30FDD69BC1F1CCB8C52A344F5D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sales-software-luxembourg-737205.xyz

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

35
Requests

86 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

14
IPs

4
Countries

1063 kB
Transfer

2896 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI9bCUn-2VhQMVNuO7CB3D4QMgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI9bCUn-2VhQMVNuO7CB3D4QMgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtq-ALHvQMOGwjtEO1yWw_4GjJHa9ixxA&random=1058251366 HTTP 302
https://www.google.de/pagead/1p-conversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI9bCUn-2VhQMVNuO7CB3D4QMgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtq-ALHvQMOGwjtEO1yWw_4GjJHa9ixxA&random=1058251366&ipr=y

Request Chain 26

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIyI6Vn-2VhQMVbOK7CB2kWwzMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIyI6Vn-2VhQMVbOK7CB2kWwzMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqNFJgJcOtDyowMK4qn-CTLGaoxXNjkQ&random=847415290 HTTP 302
https://www.google.de/pagead/1p-conversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIyI6Vn-2VhQMVbOK7CB2kWwzMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqNFJgJcOtDyowMK4qn-CTLGaoxXNjkQ&random=847415290&ipr=y

Request Chain 27

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAgiYwbEC&pscrd=IhMI7fuWn-2VhQMVWOi7CB0w6gbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov HTTP 302
https://www.google.com/pagead/1p-conversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAgiYwbEC&pscrd=IhMI7fuWn-2VhQMVWOi7CB0w6gbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqlqIdBS68RhcGzmBrxXNJICC7pVQ5tg&random=2859205487 HTTP 302
https://www.google.de/pagead/1p-conversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAgiYwbEC&pscrd=IhMI7fuWn-2VhQMVWOi7CB0w6gbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqlqIdBS68RhcGzmBrxXNJICC7pVQ5tg&random=2859205487&ipr=y

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sales-software-luxembourg-737205.xyz/ 7 KB
3 KB 449ms
272ms Document
text/html 104.17.157.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdb2a02890b75654dfd94bb79607b85eb43b896d90fe8966845af7e72e81aaae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 86b4008ffe034d79-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 01:56:11 GMT
server: cloudflare
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALo4A9ch0h+1WaF7eiREQsF8ZSdjSPKx9KkKjCqabhCJSzV17noE3IU0F05CJ672CxyFRxdONAgr69GDBpn7MRECAwEAAQ==_gDv274foUEhYV+L1WPRPwMkF8pUhzTByEASOQX+wzk/ZZYKSFUmps0alCP8db0ioNpu5+wcGSA78Yu2p2FV4gw==

GET
H2 200 35289458b2de2bf5220f730bdbc66486.js Show response
ob.greencolumnblog.com/i/ 101 KB
37 KB 63ms
10ms Script
text/javascript 2600:9000:2359:ca00:9:bf39:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:ca00:9:bf39:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 51de161a43568cdeb06913ee697f8137516774ae6692fcb4e5b6501ce296a692

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 20:09:20 GMT
content-encoding: gzip
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA60-P10
age: 20811
etag: "195e4-32DItXs6tXlmiZx026SyDqYdQWs"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37939
x-amz-cf-id: 9-2n6oFHVvqC2DNBBH-d_ShLKOCd1xcE2POY-nbMPLMBnmOz0b9_wQ==
expires: Thu, 28 Mar 2024 08:09:20 GMT

GET
H2 200 deps.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/ 127 KB
42 KB 61ms
15ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/deps.js
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
Origin: https://sales-software-luxembourg-737205.xyz
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wjK9yWzBuwqf4YrnWchPFXX6oF0E27Gf
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
date: Wed, 27 Mar 2024 21:54:44 GMT
x-amz-cf-pop: FRA60-P4
age: 14487
x-cache: Hit from cloudfront
last-modified: Tue, 26 Mar 2024 17:20:18 GMT
server: AmazonS3
etag: W/"64e5013ef8a5e0bc3cce7af5f7adf182"
access-control-max-age: 60000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: _LvaBji2WSO4vOAWwno8ihufGvlNh7bqt0TYpOBqs8op0kW5u_syvA==

GET
H2 200 runtime.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/ 1 KB
1 KB 57ms
10ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/runtime.js
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
Origin: https://sales-software-luxembourg-737205.xyz
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xVo8Fz_c_dp2VEpW30RiFKrPmqRbnsh.
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
date: Wed, 27 Mar 2024 21:54:44 GMT
x-amz-cf-pop: FRA60-P4
age: 14487
x-cache: Hit from cloudfront
last-modified: Tue, 26 Mar 2024 17:20:18 GMT
server: AmazonS3
etag: W/"1d64d5f0dfaefdd7c95884fc4268f57e"
access-control-max-age: 60000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: UZWdxatnW2lvEXixEOfjUu6inUm2dEZrkkRHMN9fD9XBwO4a7aIlnw==

GET
H2 200 UiSyndication.js Show response
s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/lib/ 1 MB
335 KB 23ms
8ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/lib/UiSyndication.js
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8401ec402d8fdf076010ade4767a5369c1a62cbdba00f794fdb17cc7e489826

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: bUvPhCRhIAaVldpmDCSfzBm.naV38CcQ
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
date: Wed, 27 Mar 2024 18:06:58 GMT
last-modified: Tue, 26 Mar 2024 17:20:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28154
etag: W/"0a9f1b4d732095613938f46f09198cd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RDN0MmuXRFmFprg9cp7zQPSoa31U1fr0YP7Ql_aBeNhqVuxeW-3q8Q==

GET
H2 200 ct Show response
obs.greencolumnblog.com/ 4 KB
2 KB 409ms
188ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/ct?id=28382&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&sf=0&tpi=&ch=cheq4ppc&uvid=fizhxdb03r715whqrbrrxvp3&tsf=0&tsfmi=&tsfu=&cb=1711590971425&hl=2&op=0&ag=2689156234&rand=040921829719720188981281851250299459054822515192668029268112548119255822258017611118&fs=1600x1113&fst=1600x1113&np=win32&nv=google%20inc.&ref=&ss=800x600&nc=0&at=&di=W1siZWYiLDY2MzVdLFsiYm5jaCIsNF0sWyJhYm5jaCIsNV0sWy04LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTIzLCIrIl0sWy0xOSwiWzU3MCw3NzAsNTcwLDc3MCwwLDAsMSwyNCwyNCxcIi1cIiw4MDAsNjAwLDgwMCw2MDAsMTYwMCwxMjAwLDE2MDAsMTExMywwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTExM10iXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W1wiXzBcIixcIjM0NjcxNTYwMDNcIl0sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTU1LCIwIl0sWy01OSwiZGVmYXVsdCJdLFstMjAsIi0iXSxbLTMyLCItIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTIsIjE2LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo3LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTA2MTA2NTIxMixcInNlY1wiOlwiXCJ9Il0sWy0xNywiMTIiXSxbLTM4LCJpLC0xLC0xLDAsMCwxNTcsMCwwLDIxLDI3MywtMSwwLCwsNjU1LDY1NSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy00NCwiMCwwLDAsNSJdLFstNjcsIjI1MzIzMTI4ODg6MjYiXSxbLTksIisiXSxbLTI4LCJlbi1VUyxlbiJdLFstMzMsIi0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIzO3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDtcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy0yNiwie1widGpoc1wiOjc0MzkyNTcsXCJ1amhzXCI6MzcxMzE2NSxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMjEsIi0iXSxbLTQsIjxodG1sIGxhbmc9XCJlblwiPjxoZWFkIGlkPVwiaGVhZFwiPlxuICAgIDx0aXRsZT5zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXo8L3RpdGxlPjxtZXRhIG5hbWU9XCJkZXNjcmlwdGlvblwiIGNvbnRlbnQ9XCJEZXNjcmlwdGlvbiBwbGFjZWhvbGRlclwiPjxtZXRhIG5hbWU9XCJ2aWV3cG9ydFwiIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgbWluaW11bS1zY2FsZT0xXCI%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vb2IuZ3JlZW5jb2x1bW5ibG9nLmNvbS9pLzM1Mjg5NDU4YjJkZTJiZjUyMjBmNzMwYmRiYzY2NDg2LmpzXCIgZGF0YS1jaD1cImNoZXE0cHBjXCIgY2xhc3M9XCJjdF9jbGlja3RydWVfMjgzODJcIiBkYXRhLXV2aWQ9XCJmaXpoeGRiMDNyNzE1d2hxcmJycnh2cDNcIj48L3NjcmlwdD5cbiAgPHNjcmlwdCBzcmM9XCJodHRwczovL3MuZmxvY2RuLmNvbS9Ac2VhcmNoL2J1bmRsZXMvQHMxL3N5bmRpY2F0aW9uLzAuMS43L2U4ZDM3Y2EyMy9saWIvVWlTeW5kaWNhdGlvbi5qc1wiPjwvc2NyaXB0PjwvaGVhZD5cbiAgPGJvZHk%2BXG4gICAgPGRpdiBpZD1cInJvb3RcIj48L2Rpdj5cbiAgICBcbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9zLmZsb2Nkbi5jb20vQHNlYXJjaC9idW5kbGVzL0BzMS9zeW5kaWNhdGlvbi8wLjEuNy9lOGQzN2NhMjMvZGVwcy5qc1wiIGNyb3Nzb3JpZ2luPVwiXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vcy5mbG9jZG4uY29tL0BzZWFyY2gvYnVuZGxlcy9AczEvc3luZGljYXRpb24vMC4xLjcvZThkMzdjYTIzL3J1bnRpbWUuanNcIiBjcm9zc29yaWdpbj1cIlwiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgZnVuY3Rpb24gbG9nSHlkcmF0aW9uU2NyaXB0TG9hZEVycm9yKGVyck1zZykge1xuICAgIHZhciBwYXJhbXMgPSBuZXcgRm9ybURhdGEoKTtcbiAgICBwYXJhbXMuYXBwZW5kKCdlcnJvcicsIGVyck1zZyk7XG4gICAgcGFyYW1zLmFwcGVuZCgnc2MnLCAnSmlsa1RVR1VTQjZUMjAnKTtcbiAgICBwYXJhbXMuYXBwZW5kKCd1cmwnLCB3aW5kb3cubG9jYXRpb24uaHJlZik7XG4gICAgcGFyYW1zLmFwcGVuZCgnZ2xvYmFsUmVmJywgJ1VJU3luZGljYXRpb24uVWlTeW5kaWNhdGlvbicpXG4gICAgZmV0Y2goJy9zZXJyJywge1xuICAgICAgbWV0aG9kOiAnUE9TVCcsXG4gICAgICBib2R5OiBwYXJhbXMsXG4gICAgICByZWRpcmVjdDogJ21hbnVhbCdcbiAgICB9KTtcbiAgfVxuXG4gIGZ1bmN0aW9uIGh5ZHJhdGVTU1IoKSB7XG4gICAgdmFyIHJvb3ROb2RlID0gZG9jdW1lbnQucXVlcnlTZWxlY3RvcignI3Jvb3QnKVxuICAgIGlmICghcm9vdE5vZGUpIHtcbiAgICAgIHZhciBlcnJNc2cgPSBcIkh5ZHJhdGlvbiBmYWlsZWQuIEVsZW1lbnQgd2l0aCAnI3Jvb3QnIG5vdCBmb3VuZFwiXG4gICAgICBjb25zb2xlLmVycm9yKGVyck1zZyk7XG4gICAgICBsb2dIeWRyYXRpb25TY3JpcHRMb2FkRXJyb3IoZXJyTXNnKVxuICAgICAgcmV0dXJuXG4gICAgfVxuICAgIGlmICh0eXBlb2YgVUlTeW5kaWNhdGlvbi5VaVN5bmRpY2F0aW9uID09PSAndW5kZWZpbmVkJykge1xuICAgICAgdmFyIGVyck1zZyA9IFwiSHlkcmF0aW9uIGZhaWxlZC4gJ1VJU3luZGljYXRpb24uVWlTeW5kaWNhdGlvbicgaXMgdW5kZWZpbmVkXCJcbiAgICAgIGNvbnNvbGUuZXJyb3IoZXJyTXNnKTtcbiAgICAgIGxvZ0h5ZHJhdGlvblNjcmlwdExvYWRFcnJvcihlcnJNc2cpXG4gICAgICByZXR1cm5cbiAgICB9XG4gICAgUmVhY3RET00uaHlkcmF0ZShcbiAgICAgIFJlYWN0LmNyZWF0ZUVsZW1lbnQoVUlTeW5kaWNhdGlvbi5VaVN5bmRpY2F0aW9uLCB7XCJyZW5kZXJcIjp7XCJyZXF1ZXN0XCI6e1wiZW5kcG9pbnRcIjpcInNlYXJjaC5ob21lXCIsXCJ1XCI6e1wiY291bnRyeV9jb2RlXCI6XCJERVwiLFwiZGV2aWNlX3R5cGVcIjpcImRlc2t0b3BcIn19LFwiYWR1bHRfZmlsdGVyXCI6XCJtb2RlcmF0ZVwiLFwiYmFzZV9jbGlja191cmxcIjpcIi9jbGljaz9zYz0wNUNLUlVWWU9aaUZXbTVCSXZ6TWJMOEt6Z3JVV2ZlME5fYkdjczdwdU1vNWRCS0hmSVdGc1JDcFdNTTluSzZtM0pYc0w5TS1KeGdzeWxPMHY0a0VVU0JySUlQVWNORktxU3RJVi1POEpueVE5NGM5WEp5YW1HYkViZ3NLcnV4cUFLVCJdLFstNiwie1wid1wiOltdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNjQsIlswLFwiV2luMzJcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTIzXCJ9LHtcImJcIjpcIk5vdDpBLUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMjNcIn1dXSJdLFstNjgsIi0iXSxbLTE1LCItIl0sWy0yOSwiLSJdLFstNTIsIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xNiwiMCJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNTEsIi0iXSxbLTEzLCItIl0sWy03LCItIl0sWy00OSwiLSJdLFstMTQsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy00NiwiMCJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTY1LCItIl0sWy0xLCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy02MiwiODAiXSxbLTUwLCItIl0sWy02MCwyMDRdLFstMzQsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTUsIi0iXSxbLTU4LCItIl0sWy0zNSwiWzE3MTE1OTA5NzE0MDQsLTFdIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaV1d4ZGVTMXhjVjFwV1ZVeFVWMXRWVmw0WFdsWlVGbEFXQ2d3TEFRQU5EQUZiQzExY0MxdGZEQXNMQ1Y4T0NnbGJYVnRhRHc4TkFROFhVMG9EQ0FNUERna05DUkE9Il0sWy0xMiwibnVsbCJdLFstNDgsIjAsMCJdLFstNTMsIjEwMCJdLFstNjMsIjAiXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxsb2NhbGZvbnRzLG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy00NSwiLSJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00MCwiMzMiXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWyJkZGIiLCIwLDE2LDAsMCwwLDEsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMSwyLDAsMCwxNiwwLDMsMCwwLDAsMCwwLDAsMCwxLDEsMCw2LDEsMCwwLDEsMCwwLDI3LDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDcsMCwwLDAsMCwwLDAsMCwxLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=bmRpwlvyQP&pto=735&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1711590971.KMBiE9qwJg28XPCH&suid=1.1711590971.gI8nJqfM9DgjfppC&tuid=1.1711590971.fSmpNU4ZYbsMSv2x&fbc=-&gtm=-&it=8%2C473%2C67&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44552cb49a2802472b8bbe1997e717afc1b50cf092358163273132346a4f6443

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 28 Mar 2024 01:56:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1469
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 dpl-search.js Show response
s.flocdn.com/@s1/dpl/4.15.0/ 53 KB
16 KB 7ms
7ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/lib/UiSyndication.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e4e995a6c5f630393a2e10ae5e6c48fb73d597835a7ca4894b5d369c5388cf6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 14 Mar 2024 19:49:44 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: 7vFAJa757erdk2WKjVQ7yYMc87mDzKPA
last-modified: Wed, 13 Mar 2024 21:54:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1145187
etag: "cbe576251bb163f6c0072e2f2c93f563"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 15985
x-amz-cf-id: flwinA1bbjixIDFz-R7l0sNREYUx9JsbmxQfBGEDrQN0l5aZmBp_SA==

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 142 KB
52 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: s.flocdn.com
URL: https://s.flocdn.com/@search/bundles/@s1/syndication/0.1.7/e8d37ca23/lib/UiSyndication.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d224f81f790e5ab8639e1635ae79af8635a49df0607e744c35cf3cf9e02af4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "1403097391178795343"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Thu, 28 Mar 2024 01:56:11 GMT

GET
H2 200 texture.png
s.flocdn.com/layout/gd05/ 83 KB
83 KB 8ms
7ms Image
image/png 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.flocdn.com/layout/gd05/texture.png
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9nrwm6vbihUL1RldyKfYApKff2o.FEKN
date: Wed, 27 Mar 2024 18:39:50 GMT
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Tue, 16 May 2017 22:02:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 26182
etag: "57bbfe7c227619d47a41639eba996150"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-version-id: HC_iG.nfn0YuLDYFlnJj0jQC5XTNCe04
content-length: 84780
x-amz-cf-id: fcIHowzTa1uaTYTDxgHcVTStnZx8Rl6Zlum3YgXc98wvGiR0PbhBkg==

GET
H2 200 arrows-rainbow_559.png
s.flocdn.com/layout/pship508/ 86 KB
86 KB 9ms
8ms Image
image/png 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.flocdn.com/layout/pship508/arrows-rainbow_559.png
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: q0xUrgBtkt1zPXsMOtCQmqJsqJAEmQZm
date: Wed, 27 Mar 2024 04:37:24 GMT
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 19:08:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 76728
etag: "9ca21edfdf15faf735dad1f024227fbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 87916
x-amz-cf-id: 74WIvHbLEK0mstsG4a6c5ZQNz7tFweKslGW4_R_QzGuUN6WpA3K58A==

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 426 B
282 B 70ms
52ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sales-software-luxembourg-737205.xyz&client=dp-dotzup27_3ph_js&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a743c225604b5957af46865a99fb6d4017dc417d390a7322b936d5fb1a0ff59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0

GET
H2 200 ads
www.adsensecustomsearchads.com/afs/ Frame BBCA 0
0 220ms
200ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1646507740&client=dp-dotzup27_3ph_js&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2Fserp%3Fsc%3DJilkTUGUSB6T20%26ivt%3Dfalse&rpqp=query&max_radlink_len=40&type=3&uiopt=false&swp=as-drid-2640706365197983&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r5&nocache=6711711590971573&num=0&output=afd_ads&domain_name=sales-software-luxembourg-737205.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1711590971574&u_w=800&u_h=600&biw=1600&bih=1113&psw=1600&psh=1113&frm=0&uio=-&cont=ads&drt=0&jsid=caf&jsv=618877072&rurl=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-VrsLW_YnxePuWVjm2KTblg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://sales-software-luxembourg-737205.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2955
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-VrsLW_YnxePuWVjm2KTblg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Thu, 28 Mar 2024 01:56:11 GMT
expires: Thu, 28 Mar 2024 01:56:11 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
907 B 46ms
25ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=ifujwddtzszx&pbt=rd&ivt=false&dA=true&msg=client-side%20changes%20applied.

Requested by

Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-5S1C4JfpKqf-_8BO6lC38g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-5S1C4JfpKqf-_8BO6lC38g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 28 Mar 2024 01:56:11 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
78 KB 116ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-932435890

Requested by

Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd2ca0bdff0003832dbfc84dac72638eb326298a7d50fb3eb6c4d4a6c3b24fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79471
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 00:20:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 01:56:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 97ms
18ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982246529

Requested by

Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f44cf995e4dc4c54434af3bb62fa8e3afd7cd865a14afa65b349bc8b16710a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82408
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 00:20:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 01:56:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 109ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Requested by

Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97ce4222c0b4c15dbf25f24298b3173e2e25d3ce6c2eb41f5455e3cc8a1f54c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82421
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 00:20:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 01:56:11 GMT

GET
H2 200 tc_imp.gif
obs.greencolumnblog.com/tracker/ 43 B
79 B 99ms
98ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.greencolumnblog.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126befc23cea4e8d9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c198e652517071a10acf9f29f671fd4d58f047e361ef87d73518039d963c5573802729306045960525ac2ec6b4c77be26bb25cb43e2916af05365ac097c7a1bda53ee14f497d7df3dbb2807ff7ecaa8556d8e0e3143714493d60264f260b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7978677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1143f7336ba0924266bcd1aa228e55fb44e38c1dc64fcdce76c46c34949173db778cc0b6a69de5e0182bff33a4feb875433eae8b27d4f401b95a594286010fc6cd92c5c5ea9033d82d9f90a2927fe17c7623947d64c1c5c41e7587a469b019aad303d671a83d1a181a8c26b80ecdcaa23fe0d6699c52a78e9c8327a87e0423bd5e540b2d073ed0af23ec139a8c9723a19975ed973c9adaa9be33cfb1ed1f3e3e89e359578da51b5b42baacee37e263cdbb18b6bf70a076b26f874fc64386db609e4f79a0d7c674352d7d1136190a45d9bdd5398c46ce115c493be5a653cdda441ef4d3dcb9b570c1efe2e08ff8aff0574e3cfb4786aa586e83436607d6635d716aea7aaf7619c5f7c0638a60df398aab2cceb811987b0f22211e7d139cc3e6c73d7b559e1e5994d3d9bfb7d652059eb5bd6195d36e7ad8d2123c75e490d95621b43b985e9f1ae339870fdac813f8bd2eff9a88d2984f7ef2e13b638176ba90b1ab169f6d280b0494684052adbe5e8fec10cc8586c954cd83802f133647be38ab19b75cb281688a2f40294226607ce653929c3256bd73dda4f335c5d24b8c756fb2177c2e83f5d70a59836de7da558353230a58bd252d85aed66dc257379d840ddaa2afa6f54b9b1a2f7517fa1f4521e482104ef979beaad3279dd2f20f5a7da36f29080dc8164eb1e0e6466bd1340cdae3d01b9f94fabc4b3ea874fe5e3e44c65c2261d4d705408edfe3dfe5b30db759fb2eab40c5e56b96ae854871edce52de8cfcf292e1dca6595e9ea4610c893592168f0ab0a07ad4909e8435ebd98b9aae1122cbbff4f442dd46dc075470186bc99925249c38bb4fdf8b2abf5775b72f4cc433b0876366e53a32034f9ce8ca72c6880f30734630c2809ee9c76a841fb8af3b2284dd555b4953633923f172f0e97155fea6d0c4e5bab4f5ffb66890a9d54c712419356720300cd64d0245&cri=bmRpwlvyQP&ts=510&cb=1711590971935
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 28 Mar 2024 01:56:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK f689f555-f9cd-4c01-abd8-3e5b4d8bb9c5
https://sales-software-luxembourg-737205.xyz/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sales-software-luxembourg-737205.xyz/f689f555-f9cd-4c01-abd8-3e5b4d8bb9c5
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d342b5e24c1eb20130964658645b4868f0e340da73a1856578ba7f6725bf0adc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

POST
H2 204 dplpxs
soflopxl.com/ 0
208 B 124ms
39ms Ping
text/plain 54.247.38.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soflopxl.com/dplpxs
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.38.52 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-38-52.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://sales-software-luxembourg-737205.xyz
date: Thu, 28 Mar 2024 01:56:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST
expires: Thu, 28 Mar 2024 01:56:11 GMT

GET
BLOB 200
OK 963fec36-6e90-4ad2-a2e5-2e46b6a9b693
https://sales-software-luxembourg-737205.xyz/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sales-software-luxembourg-737205.xyz/963fec36-6e90-4ad2-a2e5-2e46b6a9b693
Requested by: Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77ccbe9289b79c30f5139d947a514f53bc29f0b0e3a549e3fb5497071310773

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
78 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-932435890&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7477441763356d5ee7d54aed3e53336c6884d7ff6587e03d08490bc0b695495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79487
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 00:20:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 01:56:12 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/982246529/ 3 KB
2 KB 63ms
24ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/982246529/?random=1711590972081&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9f3cf05026211e4ff4ea7baba37434818b02d6233e90b6c99744ffb61d069788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1563
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 23ms
22ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058340534&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-982246529

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f100bfe25d94637d2f22e0a04ab353c9ba7d2f6430ac07f8b2171fb7872739f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82447
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 00:20:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 01:56:12 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1058340534/ 3 KB
2 KB 22ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1058340534/?random=1711590972133&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058340534

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7405d80045f14fbbc1ffef655fc45b2ef6b7fee349f8c744a5a68c2387a1497e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1566
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/932435890/ 3 KB
2 KB 22ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/932435890/?random=1711590972168&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932435890

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

29b5f68707fbb36d5395b3cc2ed8cceaad5c4560c733ef1ec2f99c34efaaaf83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1561
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/982246529/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_...
https://www.google.de/pagead/1p-conversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h...

42 B
64 B

21ms
20ms

Image
image/gif

172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI9bCUn-2VhQMVNuO7CB3D4QMgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtq-ALHvQMOGwjtEO1yWw_4GjJHa9ixxA&random=1058251366&ipr=y

Requested by

Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/

Protocol

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sales-software-luxembourg-737205.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/982246529/?random=1830024665&cv=11&fst=1711590972081&bg=ffffff&guid=ON&async=1&gtm=45be43p0v868528064za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=sT-ICP-w_JQZEIHJr9QD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI9bCUn-2VhQMVNuO7CB3D4QMgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtq-ALHvQMOGwjtEO1yWw_4GjJHa9ixxA&random=1058251366&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1058340534/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cp...
https://www.google.com/pagead/1p-conversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=80...
https://www.google.de/pagead/1p-conversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800...

42 B
64 B

40ms
21ms

Image
image/gif

172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIyI6Vn-2VhQMVbOK7CB2kWwzMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqNFJgJcOtDyowMK4qn-CTLGaoxXNjkQ&random=847415290&ipr=y

Requested by

Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/

Protocol

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sales-software-luxembourg-737205.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1058340534/?random=1991972070&cv=11&fst=1711590972133&bg=ffffff&guid=ON&async=1&gtm=45be43p0h1v9100102812za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=w8daCMaRmpQZELb90_gD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMIyI6Vn-2VhQMVbOK7CB2kWwzMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqNFJgJcOtDyowMK4qn-CTLGaoxXNjkQ&random=847415290&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/932435890/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&...
https://www.google.com/pagead/1p-conversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=h...
https://www.google.de/pagead/1p-conversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=ht...

42 B
64 B

37ms
19ms

Image
image/gif

172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAgiYwbEC&pscrd=IhMI7fuWn-2VhQMVWOi7CB0w6gbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqlqIdBS68RhcGzmBrxXNJICC7pVQ5tg&random=2859205487&ipr=y

Requested by

Host: sales-software-luxembourg-737205.xyz
URL: https://sales-software-luxembourg-737205.xyz/

Protocol

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sales-software-luxembourg-737205.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:56:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/932435890/?random=524554689&cv=11&fst=1711590972168&bg=ffffff&guid=ON&async=1&gtm=45be43p0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=800&u_h=600&url=https%3A%2F%2Fsales-software-luxembourg-737205.xyz%2F&label=HtPMCKDQp5QZELKvz7wD&hn=www.googleadservices.com&frm=0&tiba=sales-software-luxembourg-737205.xyz&gtm_ee=1&npa=1&pscdl=noapi&auid=866362853.1711590972&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAgiYwbEC&pscrd=IhMI7fuWn-2VhQMVWOi7CB0w6gbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjotaHR0cHM6Ly9zYWxlcy1zb2Z0d2FyZS1sdXhlbWJvdXJnLTczNzIwNS54eXov&is_vtc=1&cid=CAQSGwB7FLtqlqIdBS68RhcGzmBrxXNJICC7pVQ5tg&random=2859205487&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 dplpxs
soflopxl.com/ 0
207 B 34ms
33ms Ping
text/plain 54.247.38.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://soflopxl.com/dplpxs
Requested by: Host: s.flocdn.com
URL: https://s.flocdn.com/@s1/dpl/4.15.0/dpl-search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.38.52 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-38-52.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://sales-software-luxembourg-737205.xyz
date: Thu, 28 Mar 2024 01:56:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST
expires: Thu, 28 Mar 2024 01:56:11 GMT

GET
H2 204 favicon.ico
sales-software-luxembourg-737205.xyz/ 0
103 B 132ms
131ms Other
text/plain 104.17.157.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sales-software-luxembourg-737205.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.157.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:56:12 GMT
cache-control: public, max-age=14400
cf-cache-status: MISS
server: cloudflare
cf-ray: 86b40098fb294d79-FRA
vary: Accept-Encoding
expires: Thu, 28 Mar 2024 05:56:12 GMT

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
162 B 98ms
97ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://sales-software-luxembourg-737205.xyz
date: Thu, 28 Mar 2024 01:56:12 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
16 B 98ms
98ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://sales-software-luxembourg-737205.xyz
date: Thu, 28 Mar 2024 01:56:12 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
214 B 30ms
29ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=5u4eab78yfa9&aqid=O84EZu2XLaXKjuwP0-qviAY&psid=1646507740&pbt=bs&adbx=550&adby=60&adbh=810&adbw=500&adbah=171%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=618877072&csala=3%7C0%7C282%7C91%7C74&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-aH6T62vZ93KLkQLLFZ_o6A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-aH6T62vZ93KLkQLLFZ_o6A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 28 Mar 2024 01:56:13 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
19 B 27ms
27ms Image
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-dotzup27_3ph_js&output=uds_ads_only&zx=w9pgy42sqs1d&aqid=O84EZu2XLaXKjuwP0-qviAY&psid=1646507740&pbt=bv&adbx=550&adby=60&adbh=810&adbw=500&adbah=171%2C155%2C155%2C155%2C155&adbn=master-1&eawp=partner-dp-dotzup27_3ph_js&errv=618877072&csala=3%7C0%7C282%7C91%7C74&lle=0&ifv=1&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-O558oxdhcmbe-ir7s8wAlw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-O558oxdhcmbe-ir7s8wAlw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 28 Mar 2024 01:56:14 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 mon Show response
obs.greencolumnblog.com/ 0
39 B 98ms
98ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.greencolumnblog.com/mon
Requested by: Host: ob.greencolumnblog.com
URL: https://ob.greencolumnblog.com/i/35289458b2de2bf5220f730bdbc66486.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://sales-software-luxembourg-737205.xyz/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://sales-software-luxembourg-737205.xyz
date: Thu, 28 Mar 2024 01:56:14 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sales-software-luxembourg-737205.xyz/	1969-12-31 23:59:59	Name: _cfuvid Value: jTok5JKgAg81TFU8lopyvzSb0pXCGpp.erQTGRbeDUo-1711590971134-0.0.1.1-604800000
.sales-software-luxembourg-737205.xyz/	1970-01-20 21:37:54	Name: _cq_duid Value: 1.1711590971.KMBiE9qwJg28XPCH
.sales-software-luxembourg-737205.xyz/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1711590971.gI8nJqfM9DgjfppC
.sales-software-luxembourg-737205.xyz/	1970-01-21 04:48:06	Name: __gsas Value: ID=90646974347a8b43:T=1711590971:RT=1711590971:S=ALNI_Ma3s6zv2IjDx99Yx5k0X74IqrDwDw
obs.greencolumnblog.com/	1970-01-21 03:30:21	Name: cg_uuid Value: fff63b95654e72612c87a0d46ef54b03
.sales-software-luxembourg-737205.xyz/	1970-01-20 21:36:06	Name: _gcl_au Value: 1.1.866362853.1711590972
.doubleclick.net/	1970-01-20 19:26:31	Name: test_cookie Value: CheckForPermission

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.google.com/adsense/domains/caf.js(Line 202) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://sales-software-luxembourg-737205.xyz/f689f555-f9cd-4c01-abd8-3e5b4d8bb9c5(Line 1) Message: Error
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sales-software-luxembourg-737205.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
ob.greencolumnblog.com
obs.greencolumnblog.com
partner.googleadservices.com
s.flocdn.com
sales-software-luxembourg-737205.xyz
soflopxl.com
www.adsensecustomsearchads.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.157.1
142.250.184.194
142.250.184.228
142.250.185.78
142.250.186.162
142.250.186.34
172.217.18.3
18.66.147.49
216.58.206.72
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2359:ca00:9:bf39:bec0:93a1
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
54.247.38.52
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0f44cf995e4dc4c54434af3bb62fa8e3afd7cd865a14afa65b349bc8b16710a2
29b5f68707fbb36d5395b3cc2ed8cceaad5c4560c733ef1ec2f99c34efaaaf83
44552cb49a2802472b8bbe1997e717afc1b50cf092358163273132346a4f6443
4cdefd5a96161d56973e6c28b7c0dc6fb48599634f227234310f2899bc1d68ed
51de161a43568cdeb06913ee697f8137516774ae6692fcb4e5b6501ce296a692
52711ce4a13307c1b467dd942b1c90baf41b6a0264d01d71280421c37e8b8bc0
52c9836027763edf4c94459fe44e695960bb1d4d974669e6afdcbd4b9d3be020
5e4e995a6c5f630393a2e10ae5e6c48fb73d597835a7ca4894b5d369c5388cf6
7405d80045f14fbbc1ffef655fc45b2ef6b7fee349f8c744a5a68c2387a1497e
97ce4222c0b4c15dbf25f24298b3173e2e25d3ce6c2eb41f5455e3cc8a1f54c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac584704539b6bdae9db66aebabb19c41cc858272b85581fedf1f7ab26f73e9
9f3cf05026211e4ff4ea7baba37434818b02d6233e90b6c99744ffb61d069788
a743c225604b5957af46865a99fb6d4017dc417d390a7322b936d5fb1a0ff59b
c77ccbe9289b79c30f5139d947a514f53bc29f0b0e3a549e3fb5497071310773
c8401ec402d8fdf076010ade4767a5369c1a62cbdba00f794fdb17cc7e489826
cdb2a02890b75654dfd94bb79607b85eb43b896d90fe8966845af7e72e81aaae
d224f81f790e5ab8639e1635ae79af8635a49df0607e744c35cf3cf9e02af4b9
d342b5e24c1eb20130964658645b4868f0e340da73a1856578ba7f6725bf0adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7477441763356d5ee7d54aed3e53336c6884d7ff6587e03d08490bc0b695495
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100bfe25d94637d2f22e0a04ab353c9ba7d2f6430ac07f8b2171fb7872739f7
fd2ca0bdff0003832dbfc84dac72638eb326298a7d50fb3eb6c4d4a6c3b24fd0

sales-software-luxembourg-737205.xyz Open in urlscan Pro 104.17.157.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

86 %HTTPS

33 %IPv6

10 Domains

12 Subdomains

14 IPs

4 Countries

1063 kBTransfer

2896 kBSize

7 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

sales-software-luxembourg-737205.xyz Open in urlscan Pro
104.17.157.1 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

86 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

14
IPs

4
Countries

1063 kB
Transfer

2896 kB
Size

7
Cookies

35 HTTP transactions
1 data transactions