urlscan.io logo urlscan.io
SecurityTrails logo

dlh.media-bucket.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clkdu.com/redirect.php?c=127973&p=170097&sid=
Effective URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZ...
Submission: On July 20 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dlh.media-bucket.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2023. Valid for: a year.
This is the only time dlh.media-bucket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    170.249.206.34 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.dollarupload.com
clkdu.com
dollarupload.com
10    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
approved-offer.xyz
dlh.media-bucket.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.228.252.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-252-125.eu-west-1.compute.amazonaws.com
router.pon-prairie.com
1    2606:4700:3035::6815:3d39 (United States)

ASN13335 (CLOUDFLARENET, US)
router.delta-holder.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 media-bucket.com
dlh.media-bucket.com
355 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 56
21 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5665
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 116
352 B
1 delta-holder.net
router.delta-holder.net
1 KB
1 pon-prairie.com
router.pon-prairie.com
896 B
1 approved-offer.xyz
approved-offer.xyz
2 KB
1 dollarupload.com
dollarupload.com
906 B
1 clkdu.com
clkdu.com
568 B
19 12
Domain Requested by
9 dlh.media-bucket.com approved-offer.xyz
dlh.media-bucket.com
2 www.google-analytics.com approved-offer.xyz
www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com dlh.media-bucket.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 router.delta-holder.net 1 redirects
1 router.pon-prairie.com 1 redirects
1 approved-offer.xyz dollarupload.com
1 dollarupload.com
1 clkdu.com
19 12

This site contains links to these domains. Also see Links.

Domain
register.delta-holder.net
delta-holder.net
Subject Issuer Validity Valid
approved-offer.xyz
GTS CA 1P5		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-30 -
2024-04-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Frame ID: F365544413F6898F5A49BC11CD37930E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Delta-holder

Page URL History Show full URLs

  1. http://clkdu.com/redirect.php?c=127973&p=170097&sid= Page URL
  2. http://dollarupload.com/go.php?id=127973&h=DUCL75b1093da526a2c1bcd4f5d01&p=170097 Page URL
  3. https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL75b1093da526a2c1b... Page URL
  4. https://router.pon-prairie.com/click/k5/bbrX5VXyDAIkB4N2b?sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=... HTTP 303
    https://router.delta-holder.net/?lp=yqhld&v=craftsman&sidng=eWxD8K1Dr5znJ2vZExvP4zQ1TN&aid=bbrX5VXyDAIkB4N2b... HTTP 302
    https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

89 %
HTTPS

80 %
IPv6

12
Domains

12
Subdomains

8
IPs

4
Countries

430 kB
Transfer

984 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clkdu.com/redirect.php?c=127973&p=170097&sid= Page URL
  2. http://dollarupload.com/go.php?id=127973&h=DUCL75b1093da526a2c1bcd4f5d01&p=170097 Page URL
  3. https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL75b1093da526a2c1bcd4f5d01&tsid=170097 Page URL
  4. https://router.pon-prairie.com/click/k5/bbrX5VXyDAIkB4N2b?sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=30720veCNBrC2_26Z_tTYy_1QmAGe_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0 HTTP 303
    https://router.delta-holder.net/?lp=yqhld&v=craftsman&sidng=eWxD8K1Dr5znJ2vZExvP4zQ1TN&aid=bbrX5VXyDAIkB4N2b&PCTX=30720veCNBrC2_26Z_tTYy_1QmAGe_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0&var3=126Z-tTYy--170097&var4=agn_333&sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=30720veCNBrC2_26Z_tTYy_1QmAGe_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0 HTTP 302
    https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.php
clkdu.com/ 		166 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
http://clkdu.com/redirect.php?c=127973&p=170097&sid=
Protocol
HTTP/1.1
Server
170.249.206.34 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.dollarupload.com
Software
Apache /
Resource Hash
5612359a97655be9ca7a471e5bf53622f45602d0352bfa8992a71e5e2aac5dfe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jul 2023 20:55:21 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=3, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
go.php
dollarupload.com/ 		503 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dollarupload.com/go.php?id=127973&h=DUCL75b1093da526a2c1bcd4f5d01&p=170097
Protocol
HTTP/1.1
Server
170.249.206.34 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.dollarupload.com
Software
Apache /
Resource Hash

Request headers

Referer
http://clkdu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jul 2023 20:55:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=3, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi
approved-offer.xyz/redirect/action/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL75b1093da526a2c1bcd4f5d01&tsid=170097
Requested by
Host: dollarupload.com
URL: http://dollarupload.com/go.php?id=127973&h=DUCL75b1093da526a2c1bcd4f5d01&p=170097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1128ecc58270b17b7688dbc4c852c292b352997be5defc3fb155720c3402901c

Request headers

Referer
http://dollarupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7e9e1acf69134dcc-FRA
charset
UTF-8
content-encoding
UTF-8
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 20:55:22 GMT
googlebot
noindex, nofollow, nocache, noarchive
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVZq5giaIdD%2Fr6%2B7Q%2Bruu5akr80e94F3OWEGuegfXxehVd%2FlhV2Auy6RTv1k38qCGHstwgr1pSatuI4A9CffqZZciQzCy%2BBggUUr7aN1rncIrdHy3tLQJsi%2Bn5i0j%2B4xzajXjL4%2BFmCuFeiPj7fEY5U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-robots-tag
noindex, nofollow, nocache, noarchive
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: approved-offer.xyz
URL: https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL75b1093da526a2c1bcd4f5d01&tsid=170097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://approved-offer.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Jul 2023 19:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6646
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 20 Jul 2023 21:04:37 GMT
Primary Request /
dlh.media-bucket.com/yqhld/de/
Redirect Chain
  • https://router.pon-prairie.com/click/k5/bbrX5VXyDAIkB4N2b?sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=30720veCNBrC2_26Z_tTYy_1QmAGe_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0
  • https://router.delta-holder.net/?lp=yqhld&v=craftsman&sidng=eWxD8K1Dr5znJ2vZExvP4zQ1TN&aid=bbrX5VXyDAIkB4N2b&PCTX=30720veCNBrC2_26Z_tTYy_1QmAGe_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0&var3=126Z-tTYy--1700...
  • https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM...
32 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Requested by
Host: approved-offer.xyz
URL: https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL75b1093da526a2c1bcd4f5d01&tsid=170097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1fe71b18cbc39ffed2459387e744a78ad93c8ed4011ee31ce1d65259626b61d

Request headers

Referer
https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL75b1093da526a2c1bcd4f5d01&tsid=170097
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e9e1ad4ce6f9250-FRA
content-encoding
br
content-type
text/html
date
Thu, 20 Jul 2023 20:55:23 GMT
last-modified
Fri, 07 Jul 2023 10:07:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v34o50Ofno8J7rJF%2Bi1X%2F7HUYLNuG2GMrkKfZT7TkD6l7zIHWlIxBsfkqm%2BLpuzF9Rl7exqtwBujjQDLMsQ%2BkJ%2FYvIVsQ3s8jUR4zQIqQwoQ6jWJUlO7%2BYmuFyvSDHzy5etRXy5vCeU%2F4EL9hN%2FDvJ%2FVNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e9e1ad319832bbe-FRA
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 20:55:23 GMT
location
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dc%2BG4zMLmPk%2F9DrkKUZ4kwztFr0gNupNx5XOKF7yat4yTia%2FSbbk%2BTLKxx2OcvUuYlK7xL9IzPishwRAGJmezED%2BPj6PEH0ZO3u%2FLATCT2ckJFtah39NoeVka6Py5JY2UGPnvIGcCWj5zFQYqDAWpTfQ8bo4UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1571653273&t=pageview&_s=1&dl=https%3A%2F%2Fapproved-offer.xyz%2Fredirect%2Faction%2F1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi%3Fuc%3DDUCL75b1093da526a2c1bcd4f5d01%26tsid%3D170097&dr=http%3A%2F%2Fdollarupload.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=482291646&gjid=60709765&cid=196542927.1689886523&tid=UA-1672790-14&_gid=448334876.1689886523&_r=1&_slc=1&z=380101389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://approved-offer.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 20:55:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://approved-offer.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1672790-14&cid=196542927.1689886523&jid=482291646&gjid=60709765&_gid=448334876.1689886523&_u=IEBAAEAAAAAAACAAI~&z=562951805
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://approved-offer.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Jul 2023 20:55:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://approved-offer.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1672790-14&cid=196542927.1689886523&jid=482291646&_u=IEBAAEAAAAAAACAAI~&z=2073592754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://approved-offer.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 20:55:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1672790-14&cid=196542927.1689886523&jid=482291646&_u=IEBAAEAAAAAAACAAI~&z=2073592754
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://approved-offer.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 20:55:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7556c220859e509cf18297cacd5f9348ea5a55b13392e59be1086064f7f0f7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jul 2023 20:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:49:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jul 2023 20:55:23 GMT
styles.5456667dfd289745b3a8.css
dlh.media-bucket.com/yqhld/assets/ 		113 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9693a72c7ecf50e77d388e58ed0bdc2564c8c55ec63e4aea305394f8be1f484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
427
etag
W/"64a7e37f-1c56c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZmeyGJxExuefVm3ZXYGPwZDax2QKI2fXuOhbk3zgGQ06El3Fh9N9PTlsOzGYALrVBsqD2kpWFYHfSYQgCEkH9WwG5s0Hy%2F%2FZC7DRr03WOdvZTcSzPGWi1tY9WQPXWt7oLEtZ4Eb%2FF3qjb8l8186B2bxrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7e9e1ad5af4e9250-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 20:48:16 GMT
secure-icons_4f7ffaaa7838a19bb78d.png
dlh.media-bucket.com/yqhld/assets/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/secure-icons_4f7ffaaa7838a19bb78d.png
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09113453a21759134d49bec7e4af7afa558448170d069bfb2dd63eb0b62885db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
327123
alt-svc
h3=":443"; ma=86400
content-length
15749
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
server
cloudflare
etag
"64a7e37f-3d85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2B%2F9iT%2B0TsMdVdWeJKOBfXkDm%2BeUULbEwZycFHkmftTHUWE4deyte%2Fk7LQYx1CJ%2F%2B2Qv8WMPK1rwJbEu1rGzWBC8SFH3qf%2BmixjykwR1XaHgcV5V4JEie95OS4UI2D58RE9DA1874UsvKSiAsk6TtjU6IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e1ad60fb303d8-FRA
expires
Wed, 16 Aug 2023 02:03:20 GMT
runtime.9552cc599bbd464fba55.js
dlh.media-bucket.com/yqhld/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/runtime.9552cc599bbd464fba55.js
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1162768d7067b4581c82f40bb924b854404e10d8447ff11e06e6184d34db47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a7e37f-4e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exQdzQyQDysbIiKJwISqw9LvAvTNZJo8pDswx75rIURLGaRiY5Pd3XWlvHKGUqD5Rc%2FaXUfopZcPv45H0V48IY6DUoi1qyCKETj%2FUob3rXrVbedkPF9Zw6VrxcyLN0Q84QJjC4satEdfNdCds5diBAlQsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e9e1ad6986f03d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 20:55:24 GMT
app.73dfc75127a9997b2d10.js
dlh.media-bucket.com/yqhld/assets/ 		557 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/app.73dfc75127a9997b2d10.js
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6381aa8fdd19b05173447a9c2948850e4880edd6dcbe03d186c45bb77243d582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a7e37f-8b2a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3qZd6zF0DxBUfNEAiF1%2BCmcAP6nM%2BnLwo5sItAKr1nHzIcsN9TIaXPexS9%2Fox2WTLBNoywDVBC8t%2BkNY2JWWDvTIhEAJYzJyDR3Vm4Eq3zmr%2BB4iZ9wPn35mmxLD6bQkx4AhypQlwTg8lisu6pef0cA2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e9e1ad6989303d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 20:55:24 GMT
styles.b8be24617ed3fcd1501f.js
dlh.media-bucket.com/yqhld/assets/ 		130 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/styles.b8be24617ed3fcd1501f.js
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13247de0f4efc85f02a7ee3dfe91db4acf4c010e43452d4596aba7ec5b5fc4ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&v=craftsman&var4=agn_333&sn=False&hobj=eyJoc2lkIjogIjVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2QiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
327123
etag
W/"64a7e37f-82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E0LqtRE68NyOKDu1l1h450%2FJqD7xlumSJANIr1QNDjFVrXLBOjyv0AySCEfj5XSxwKMqMYvHej%2B4H8dyDwXGDjx5pQ%2F7Y8PdsG3qyUYVDmXmKtJQS9JlXtjF6i68Zcc5BziJS%2F4AtHOMpEEr7bTrxGlJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e9e1ad6a8a503d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 16 Aug 2023 02:03:20 GMT
de_04405748985f1a6a0db6.svg
dlh.media-bucket.com/yqhld/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/de_04405748985f1a6a0db6.svg
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef470669371c6a8e32a2731716896770f136365ce8310f06cb1559aeead2072c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a7e37f-513"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfSpJnKRl9C6%2BlOt39CIZkiB9DCkE6%2BVFc9MggLId7qcxm48iMQw4EC6ePBVR3k%2BvD7fbrqwcAjAr4pH1SprD5j2Ows1PdKOxDbNK%2BMZeOepHgkvKYOtnQTUfB57rLfZy89tMwz4uM8agbpDEHkTerQRnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7e9e1ad90bf503d8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 20:55:24 GMT
flame_56f9213f59504caa0da1.png
dlh.media-bucket.com/yqhld/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/flame_56f9213f59504caa0da1.png
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4dcb5714a9f4816cb9bd8b31816a0e3abf8bd183f53295d9d04b088ef659430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
327123
alt-svc
h3=":443"; ma=86400
content-length
1184
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
server
cloudflare
etag
"64a7e37f-4a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mf3xwQQycDDF%2BRjJ8RiuGuX2S8vRlGOYHvE2j9n4C%2BnyD63x%2F%2FdnJ0kqZiW%2BhmEInlUYsvDrc3jiuAlJCs6LsuHpyRH7q7RtT6iwKLa1SJ4ML05BUrY%2B4MXsiAde6WEkqfNDFuuyR8m5WaMKw6q7WbB7PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e1ad90bfc03d8-FRA
expires
Wed, 16 Aug 2023 02:03:21 GMT
craftsman-desktop_c5e0061c7dadc63c94fa.png
dlh.media-bucket.com/yqhld/assets/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/craftsman-desktop_c5e0061c7dadc63c94fa.png
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c366d002fb2e0f79493507eefd0bff649dd17bc92cf283dcb0f172cd92d3ac64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:55:24 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64a7e37f-2519c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRq2A2I1Re76DfyAAzugrQdrjoUagxRuLuaDnI0K5aJHI3P7CfxgG7Cb0F5tHzsHWl4j7s8zFmbe5dWxzsdNM2UtEAjUaMCnO10ja21cNAlkk0Ug%2B3%2FEElTtvWhUy5ZQ3UK%2BvehoetfqA%2FV4MI6Z6ff8pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e1ad90bfd03d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
151964
expires
Sat, 19 Aug 2023 20:55:24 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dlh.media-bucket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options
nosniff
age
506020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:21:44 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| languageOptions object| products object| webpackChunkusertive function| jQuery function| $ object| Landify boolean| __MOCKS__

9 Cookies

Domain/Path Name / Value
approved-offer.xyz/redirect/action Name: msv-26Z-Nza-0-1i-0-0
Value: %7B%22ip%22%3A%222a0104a0133800920000000000000005%22%2C%22created%22%3A1689886522%7D
approved-offer.xyz/conversion Name: click-2b9-6cbe9e
Value: 30720veCNBrC2_26Z_tTYy_1QmAGe_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0
clkdu.com/ Name: PHPSESSID
Value: 1fiielgd1oj8ol68aobglllkn5
dollarupload.com/ Name: PHPSESSID
Value: b135akvsdvsoo84ehfqtggacj6
.approved-offer.xyz/ Name: _ga
Value: GA1.2.196542927.1689886523
.approved-offer.xyz/ Name: _gid
Value: GA1.2.448334876.1689886523
.approved-offer.xyz/ Name: _gat
Value: 1
router.delta-holder.net/ Name: air3_site_cookie
Value: d14c84f759ec86ab433490504beb062a376da915gAWVRAAAAAAAAACMQDVkOWI5NDViZmUxYjRmZTM1NGM1M2FiY2I2YzQwZmUzMDk4ODZjOWEyODA3NzVmNjZjY2I5ZTljYjQxZTQzM2SULg==
dlh.media-bucket.com/ Name: session_id
Value: 6cad01d8aa58416dbb775c90b30299d5