www.btcmine.cc Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://windowsl.ink/
Effective URL:
https://www.btcmine.cc/
Submission Tags: @phishunt_io
Submission: On January 20 via api (January 20th 2024, 4:37:59 am UTC) from DE — Scanned from DE

Summary HTTP 126 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 34 domains to perform 126 HTTP transactions. The main IP is 2a00:1450:4001:806::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.btcmine.cc.
TLS certificate: Issued by GTS CA 1D4 on December 28th 2023. Valid for: 3 months.

This is the only time www.btcmine.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.33.207.7 52.33.207.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
24	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	173.233.137.36 173.233.137.36	7979 (SERVERS-COM) (SERVERS-COM)
7	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
10	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
17	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	162.0.208.108 162.0.208.108	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9273:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1 3	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
5	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
17	172.64.174.16 172.64.174.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.20.112.104 217.20.112.104	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1 2	2606:4700:303... 2606:4700:3035::ac43:98ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
126	29

1 52.33.207.7 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-207-7.us-west-2.compute.amazonaws.com

windowsl.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.btcmine.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

fonts.maateen.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

udbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vdbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

zmonei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alwingulla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)

pl21913451.toprevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl21912719.toprevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

www.topcreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.toprevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

qoca.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.66.200.127 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.qoca.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ylx-aff.advertica-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.42 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

o-oo.ooo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.0.208.108 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-2974.zerads.com

ad2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hash512.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9273:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

amgtui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

veepteero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9274:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ptxhzp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.245 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

keewoach.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.174.16 (United States)

ASN13335 (CLOUDFLARENET, US)

myhotfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.112.104 (Petershagen, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

track.routes.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:98ab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

understandingerrors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	udbaa.com udbaa.com — Cisco Umbrella Rank: 689961	29 KB
17	myhotfeed.com myhotfeed.com	66 KB
15	qoca.site qoca.site — Cisco Umbrella Rank: 538453 cdn.qoca.site — Cisco Umbrella Rank: 920094	417 KB
11	advertica-cdn2.com ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 626844	130 KB
6	topcreativeformat.com www.topcreativeformat.com — Cisco Umbrella Rank: 61510
5	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11663	3 KB
5	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 33863 acceptable.a-ads.com — Cisco Umbrella Rank: 238214 static.a-ads.com — Cisco Umbrella Rank: 46799	738 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	91 KB
4	gstatic.com fonts.gstatic.com	146 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
3	keewoach.net 1 redirects keewoach.net — Cisco Umbrella Rank: 512126	16 KB
3	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	16 KB
3	toprevenuegate.com pl21913451.toprevenuegate.com pl21912719.toprevenuegate.com www.toprevenuegate.com — Cisco Umbrella Rank: 146349	817 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	10 KB
2	understandingerrors.com 1 redirects understandingerrors.com — Cisco Umbrella Rank: 412473	9 KB
2	ad2bitcoin.com ad2bitcoin.com	2 KB
2	vdbaa.com vdbaa.com	4 KB
2	maateen.me fonts.maateen.me — Cisco Umbrella Rank: 397721	145 KB
1	routes.name track.routes.name — Cisco Umbrella Rank: 858093	2 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 49226	465 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	hash512.com hash512.com	489 B
1	ptxhzp.com ptxhzp.com — Cisco Umbrella Rank: 111513
1	cryptocoinsad.com cryptocoinsad.com — Cisco Umbrella Rank: 403229	139 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	veepteero.com veepteero.com — Cisco Umbrella Rank: 189506	525 B
1	advertica-cdn.com ylx-aff.advertica-cdn.com	39 KB
1	amgtui.com amgtui.com — Cisco Umbrella Rank: 463343	144 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	33 KB
1	o-oo.ooo o-oo.ooo	32 KB
1	alwingulla.com alwingulla.com — Cisco Umbrella Rank: 197088	23 KB
1	zmonei.com zmonei.com — Cisco Umbrella Rank: 781885	7 KB
1	btcmine.cc www.btcmine.cc	22 KB
1	windowsl.ink 1 redirects windowsl.ink	113 B
126	34

	Domain	Requested by
22	udbaa.com	www.btcmine.cc udbaa.com code.jquery.com
17	myhotfeed.com	ad2bitcoin.com myhotfeed.com
11	ylx-i.advertica-cdn2.com	udbaa.com www.btcmine.cc
10	qoca.site	udbaa.com qoca.site
6	www.topcreativeformat.com	www.btcmine.cc
5	my.rtmark.net	keewoach.net myhotfeed.com
5	cdn.qoca.site	qoca.site
5	cdn.jsdelivr.net	www.btcmine.cc understandingerrors.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	ad.a-ads.com qoca.site acceptable.a-ads.com
3	keewoach.net	1 redirects www.google.com keewoach.net
3	blogger.googleusercontent.com	www.btcmine.cc
2	cdnjs.cloudflare.com	understandingerrors.com
2	understandingerrors.com	1 redirects
2	static.a-ads.com	acceptable.a-ads.com ad.a-ads.com
2	ad2bitcoin.com	www.btcmine.cc ad2bitcoin.com
2	ad.a-ads.com	www.btcmine.cc ad2bitcoin.com
2	vdbaa.com	www.btcmine.cc
2	fonts.maateen.me	client fonts.maateen.me
1	track.routes.name	myhotfeed.com
1	acceptable.a-ads.com	hash512.com
1	datatechone.com	keewoach.net
1	www.toprevenuegate.com	ad2bitcoin.com
1	www.google.com	ad2bitcoin.com
1	hash512.com	ad2bitcoin.com
1	ptxhzp.com	zmonei.com
1	cryptocoinsad.com	ad2bitcoin.com
1	pagead2.googlesyndication.com	zmonei.com
1	veepteero.com	alwingulla.com
1	ylx-aff.advertica-cdn.com	udbaa.com
1	amgtui.com	zmonei.com
1	code.jquery.com	udbaa.com
1	o-oo.ooo	vdbaa.com
1	alwingulla.com	www.btcmine.cc
1	pl21912719.toprevenuegate.com	www.btcmine.cc
1	pl21913451.toprevenuegate.com	www.btcmine.cc
1	zmonei.com	www.btcmine.cc
1	www.btcmine.cc
1	windowsl.ink	1 redirects
126	39

This site contains links to these domains. Also see Links.

Domain
yllix.com
www.blogger.com
www.ajkerit.com

Subject Issuer	Validity	Valid
www.btcmine.cc GTS CA 1D4	`2023-12-28` - `2024-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
fonts.maateen.me R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh
banners.udbaa.com R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
zmonei.com E1	`2023-11-25` - `2024-02-23`	3 months	crt.sh
banners.vdbaa.com R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
toprevenuegate.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
alwingulla.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
topcreativeformat.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
qoca.site R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.qoca.site R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
o-oo.ooo R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.ad2bitcoin.com R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
amgtui.com R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
ylx-aff.advertica-cdn.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
veepteero.com R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cryptocoinsad.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
ptxhzp.com R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
hash512.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
keewoach.net R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
myhotfeed.com GTS CA 1P5	`2023-12-18` - `2024-03-17`	3 months	crt.sh
track.routes.name ZeroSSL RSA Domain Secure Site CA	`2024-01-05` - `2024-04-04`	3 months	crt.sh
understandingerrors.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.btcmine.cc/
Frame ID: 579525644E801E6CCB6BEA519EB3D217
Requests: 35 HTTP requests in this frame

Frame: https://udbaa.com/bnr_xload.php?section=Yllix&pub=745624&format=300x250&ga=g&xt=170572547316863&xtt=1698164&dateStr=01/20/2024%2005:37:53
Frame ID: 504C9A947120B9AEFD081C93FE48F357
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2289944?size=468x60
Frame ID: 5DF26F71D9F03D741D1BF0752138908C
Requests: 4 HTTP requests in this frame

Frame: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=468x60&ga=g&xt=170572547336619&xtt=2410689&dateStr=01/20/2024%2005:37:53
Frame ID: 04D09D4AEC21D0E3F3C57808BDA3DABD
Requests: 1 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Frame ID: D669BEE61C48DDE2D28966F9BB69E4C5
Requests: 5 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Frame ID: 534C5BC3D303A6B813A12635ED44C378
Requests: 5 HTTP requests in this frame

Frame: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=160x600&ga=g&xt=170572547324212&xtt=6007190&dateStr=01/20/2024%2005:37:54
Frame ID: 92C2C661ADFCCF5252FBF736BBC10D7B
Requests: 1 HTTP requests in this frame

Frame: https://qoca.site/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCpkGGppiijCikAAGjCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_26093&adApiR=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=2105621566940&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0%3D
Frame ID: ACDF7E56F53D4A326076316F6406BEF0
Requests: 1 HTTP requests in this frame

Frame: https://qoca.site/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCjZGkZkCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_35180&adApiR=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=468&height=60&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=512713929442&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0%3D
Frame ID: 78633D54DA8A41376BB20CF242AF9A8F
Requests: 2 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Frame ID: 8010A3411795659124AE14C4C715F6EC
Requests: 5 HTTP requests in this frame

Frame: https://qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCGjrijACxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_21885&adApiR=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=160&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=1237041437749&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0%3D
Frame ID: 4181D41503E669C47EF1784332E6CE78
Requests: 1 HTTP requests in this frame

Frame: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547311877&xtt=5054387&dateStr=01/20/2024%2005:37:54
Frame ID: EF907C5260BCC07E5781E0D1EF966077
Requests: 1 HTTP requests in this frame

Frame: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547449309&xtt=2551829&dateStr=01/20/2024%2005:37:54
Frame ID: 52301F2BB04ED2A0600C28749ACBE7E4
Requests: 2 HTTP requests in this frame

Frame: https://ad2bitcoin.com/ad.php?ref=mraustinlee24&width=728
Frame ID: 8777065AC62F986754E88F0A5ED92096
Requests: 3 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Frame ID: 8242D41846CDD02BD1AF96E04B220964
Requests: 5 HTTP requests in this frame

Frame: https://udbaa.com/banner_show.php?section=General&pub=745624&format=120x600&ga=g&slider=20b939bf8962b246548c65e13bce9a74&dateStr=01/20/2024%2005:37:54
Frame ID: 8BF1DB746C43CE7D16202EBB7E135055
Requests: 1 HTTP requests in this frame

Frame: https://qoca.site/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCpkripZCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_42071&adApiR=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&adApiR=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=495648183883&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0%3D
Frame ID: BFB719E71B1B74FF05788788B6808651
Requests: 3 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Frame ID: 976E032E7900442FB952AFD0E2D7369E
Requests: 5 HTTP requests in this frame

Frame: https://qoca.site/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCpkripZCACZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_47611&adApiR=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=1400780518649&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0%3D
Frame ID: AFC3B9359DF1C087156B9665ACCD9ED1
Requests: 7 HTTP requests in this frame

Frame: https://ad2bitcoin.com/adqlt.php?ref=mraustinlee24&keycode=2946
Frame ID: BCB3B304CF2D0DDE7785A15D68D42C86
Requests: 1 HTTP requests in this frame

Frame: https://hash512.com/templates/ads.php
Frame ID: 9722D7104B316F9B334F1843F4AE459E
Requests: 1 HTTP requests in this frame

Frame: https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Understanding+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: 6522E85F0A6BC2403DE49B7C7393FB47
Requests: 37 HTTP requests in this frame

Frame: https://www.toprevenuegate.com/cnufxgd8ak?key=f2d7dd55d5b7d6958c972bb95314adbb
Frame ID: 7294E81CA74C5C99EEE216595EF493D9
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1705833?size=728x90
Frame ID: A576A31F55EB53CF17097A95C9AB4C6A
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/1110727?size=728x90
Frame ID: DB762DCFECD6C21AA514E3F974787E0B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BtcMine | Ajkerit

Page URL History Show full URLs

https://windowsl.ink/ HTTP 307
https://www.btcmine.cc/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

126
Requests

100 %
HTTPS

48 %
IPv6

34
Domains

39
Subdomains

29
IPs

5
Countries

2122 kB
Transfer

3118 kB
Size

24
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://yllix.com/advertisers/745624
Title: Advertise Here!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/7577575197300623146

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/8749809232602411994

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/6053254411203116769

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/8387999635373382556

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/5661211244735407599

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/5759991826310134212

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/5875925689223256129

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/8143728363761663351

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/2047125746527875637

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/3487351062040708046

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/1505515373676927944

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/3466222132100970571

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/4868022041043667380

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/6100255184528150489

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/1230273017083089279

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/3962678899988424355

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/6149541001367587396

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/3998896912915313581

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/694982758059659707

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/1711453213424044910

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/8114152743903155872

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/4207233262713691258

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/4063316071180987274

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/3465519171415550293

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/6887280150957666851

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog/post/edit/1706435479390915329/4001490948381960567

Search URL Search Domain Scan URL

URL: https://www.ajkerit.com/
Title: Ajkerit.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://windowsl.ink/ HTTP 307
https://www.btcmine.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://keewoach.net/?z=6940605&syncedCookie=true&rhd=false HTTP 302
https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Request Chain 128

https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Understanding+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Understanding+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

126 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.btcmine.cc/
Redirect Chain

https://windowsl.ink/
https://www.btcmine.cc/

134 KB
22 KB

248ms
146ms

Document
text/html

2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.btcmine.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8603f7d5c60366bcfbc2c2c49ca596cdd2110689b282e961c6dd46116b8e1dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 21952
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:52 GMT
etag: W/"fa9ce0513fa7d371b2609434eb27d7578e4e31e0732ab323ae14eea10d00ccc5"
expires: Sat, 20 Jan 2024 04:37:52 GMT
last-modified: Tue, 09 Jan 2024 01:09:35 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

content-length: 168
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 04:37:52 GMT
location: https://www.btcmine.cc/
server: openresty
x-frame-options: sameorigin

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 77ms
31ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: www.btcmine.cc
URL: https://www.btcmine.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 518195
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220101-FRA, cache-lga21961-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsrma3amCvsyQZUW%2FNLmos%2FjhmqdBqr%2Fuxb5%2FMyFLLlknXEzoIh6G7cvjhcwP9asMNEkvO0UYQyxqpHwF%2BTOK7Q%2FM9XaTgpo7phbAGW4YsNHGYcNbtvFRd%2Feo3pK3iR3IHEZso3FsZovMaPQwgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84849fee7e1a1d88-FRA

GET
H2 200 font.css
fonts.maateen.me/kalpurush/ 326 B
552 B 91ms
22ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.maateen.me/kalpurush/font.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: f442024b24f7febc8f5e6325adf89be99974c3e6d3415ef9211be9091e93f9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id: f09affd386c6f3c14b300b9cd32b3f9fdc7564e2
date: Sat, 20 Jan 2024 04:37:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 245
x-cache: HIT
x-proxy-cache: MISS
content-length: 171
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Fri, 20 Mar 2020 13:11:57 GMT
server: GitHub.com
x-github-request-id: A2F8:173322:394D7F:3A3419:65948E8F
x-timer: S1705725473.057724,VS0,VE1
etag: W/"5e74c11d-146"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 02 Jan 2024 22:40:39 GMT

GET
H2 200 bnr.php Show response
udbaa.com/ 736 B
989 B 137ms
36ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr.php?section=Yllix&pub=745624&format=300x250&ga=g
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 5b6b7d8b6ebdad378608005a3520fccf7b7a489150c8af20afe4111a4dd7d2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H2 200 bnr.php Show response
udbaa.com/ 735 B
988 B 135ms
35ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=468x60&ga=g
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 933ce512f4560036fe87ac3269e8026cd3fb9972656ab67d0aa3d1d658f660c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H2 200 bnr.php Show response
udbaa.com/ 738 B
991 B 133ms
35ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=160x600&ga=g
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: cdf9ef4750796120b899c986c026d6de1bf31aaa8d0cadf76d9f4a3dbf9cc73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H2 200 waWQiOjExMzk0MjcsInNpZCI6MTMxMjQ0Miwid2lkIjo1MjYwNTksInNyYyI6Mn0=eyJ.js Show response
zmonei.com/na/ 21 KB
7 KB 851ms
491ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zmonei.com/na/waWQiOjExMzk0MjcsInNpZCI6MTMxMjQ0Miwid2lkIjo1MjYwNTksInNyYyI6Mn0=eyJ.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ed692ccf6513d650f77f5ea82a4ae89cb09976eaf59b83076eda57495a2344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 19 Jan 2024 23:22:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: 699fcb48ffd3f60674ee8357fb689265
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li14BzcUIQsAwysyID6TIj39OJAFcnmYRnYyaIzxoUd%2B8RreFmYBqsxd5emBUi16KCtQaOUB9%2FdVJ3cyTx1iHv8qOCIvBBTihkgag0%2FFUy8uY32Q0OAsT1pRWZL2B8Ko7V7hjSd5ECEX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.btcmine.cc
cache-control: max-age=14400
cf-ray: 84849ff0ed535269-LAX
alt-svc: h3=":443"; ma=86400

GET
H2 200 pun.php Show response
vdbaa.com/ 2 KB
2 KB 123ms
33ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vdbaa.com/pun.php?section=General&pt=6&pub=745624&ga=g
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 7a9b431c50b62c2c2ed4ab03d02680ac7bd7d3c45c3aac89314ec6c2b3681065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H2 200 pup.php Show response
vdbaa.com/ 2 KB
2 KB 124ms
34ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vdbaa.com/pup.php?section=General&pt=2&pub=745624&ga=g&fN=2&fT=10&fTT=1
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: cf3cd646de49d4aacfba5a6e4ecee83119e3c8a5c4f2837e4f36f8c4a472ce0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H2 200 slider.php Show response
udbaa.com/ 2 KB
3 KB 137ms
38ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/slider.php?section=General&pub=745624&ga=g&side=random
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 45f2c64e6afe0b8c16448e99a177d13e723c6a83cddcc91a25ebad70cae5225d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H/1.1 403
Forbidden 1c0e8181b9d8a74355e8ab000c632245.js
pl21913451.toprevenuegate.com/1c/0e/81/ 0
0 922ms
111ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl21913451.toprevenuegate.com/1c/0e/81/1c0e8181b9d8a74355e8ab000c632245.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:37:53 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 58fa3db6e65be877097babcae46e9a41.js
pl21912719.toprevenuegate.com/58/fa/3d/ 0
0 1192ms
115ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl21912719.toprevenuegate.com/58/fa/3d/58fa3db6e65be877097babcae46e9a41.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 04:37:54 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 bnr.php Show response
udbaa.com/ 738 B
992 B 59ms
34ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=120x600&ga=g
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 09cb3e10d4e06525c4304dba4d17dd07779cbad1ee50b7f31a823c0b633a84d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:53 GMT

GET
H2 200 tag.min.js Show response
alwingulla.com/88/ 71 KB
23 KB 95ms
31ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alwingulla.com/88/tag.min.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5da0c12eb4e479014b4c03569bc573f380ab5538f0c76862d3d4316d3e5702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10596
alt-svc: h3=":443"; ma=86400
x-trace-id: b0a6b1ff7338d81435cebf776e91837a
pragma: no-cache
last-modified: Fri, 19 Jan 2024 16:56:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCAJ9IncycpAIHV9e4H5YUB7LsWtVzhLEnReCPPjKk2J6nPy%2BfqkDvIMA66%2BQzY3%2BoXK%2BIGniDf4nbkhnku5%2BOx8xcEwhaMalmONn8D%2B%2BywZd95boRd8xVxvWG5n9wclWwJhWc%2BECH8PHo9Yxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 84849fef6c80380e-FRA
expires: Sun, 21 Jan 2024 01:41:17 GMT

GET
H2 200 main.js Show response
cdn.jsdelivr.net/gh/jettheme/js@0.5.5/ 12 KB
6 KB 32ms
32ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/jettheme/js@0.5.5/main.js

Requested by

Host: www.btcmine.cc
URL: https://www.btcmine.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b103190c505e7ce35a8f196437db358e5d45c0071c0f65231c0e6211316826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4316333
x-jsd-version: 0.5.5
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230022-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"3122-6kmtk52Xy6HP/Wr2Rx1SXQewc0A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh%2FnvGTf0CDJev7FTZF9MPHptVZ%2BommB9ZYfOAyYsNSApxKCBBfHs4CZStXmLZNdcoHBSjN4cgRj3%2Bw9QyJ2QTMEveY9q6mPlLK9BLnEly5rfR9qObSVPncAzB7lhSMpGVQFp6KusruuRrl9N4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84849feeae3a1d88-FRA

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/01ad4e2e52d8918ca90e07bb094df841/ 0
0 827ms
111ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/01ad4e2e52d8918ca90e07bb094df841/invoke.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.btcmine.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 04:37:53 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 Kalpurush.woff
fonts.maateen.me/kalpurush/ 144 KB
145 KB 71ms
24ms Font
font/woff 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.maateen.me/kalpurush/Kalpurush.woff
Requested by: Host: fonts.maateen.me
URL: https://fonts.maateen.me/kalpurush/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3c062091c513bc5c1bcbb151c970c90730770883282a83aec6249659125a847f

Request headers

Referer: https://fonts.maateen.me/kalpurush/font.css
Origin: https://www.btcmine.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id: 178e2882bd32177408f904864964b46b4fde39ed
date: Sat, 20 Jan 2024 04:37:53 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 571
x-cache: HIT
x-proxy-cache: MISS
content-length: 147672
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Fri, 20 Mar 2020 13:11:57 GMT
server: GitHub.com
x-github-request-id: DAD8:18ADD0:21B8F5D:224022B:659DFEC5
x-timer: S1705725473.131062,VS0,VE1
etag: "5e74c11d-240d8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 10 Jan 2024 02:29:49 GMT

GET
H2 200 AVvXsEipG2Nd_pGj8ZUGmupMPBXCFN1wNKRWyCPRDLVGmVM4ZjOb8twG4WXEY1rEm11Amqlnvsq7IqISkjty2DKInbqu-BMuHdh4mcCy0Dbb3Wyxem5MonMY2z6COK3df95pti52XZTJ6Wwnvb02bmq-OpIZRtuqPXxXdAfLpMqjH9w1F_C17x4zfL_CNAd3=s199
blogger.googleusercontent.com/img/a/ 4 KB
4 KB 650ms
599ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEipG2Nd_pGj8ZUGmupMPBXCFN1wNKRWyCPRDLVGmVM4ZjOb8twG4WXEY1rEm11Amqlnvsq7IqISkjty2DKInbqu-BMuHdh4mcCy0Dbb3Wyxem5MonMY2z6COK3df95pti52XZTJ6Wwnvb02bmq-OpIZRtuqPXxXdAfLpMqjH9w1F_C17x4zfL_CNAd3=s199

Requested by

Host: www.btcmine.cc
URL: https://www.btcmine.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f145ffeab4b52107b370a2c802a9d26c1a8ab27ae4bdceac5eb173bb13824ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:53 GMT
x-content-type-options: nosniff
server: fife
etag: "ve"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="btcmine.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4325
x-xss-protection: 0
expires: Sun, 21 Jan 2024 04:37:53 GMT

GET
H2 200 bnr_xload.php Show response
udbaa.com/ Frame 504C 1 KB
2 KB 120ms
119ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr_xload.php?section=Yllix&pub=745624&format=300x250&ga=g&xt=170572547316863&xtt=1698164&dateStr=01/20/2024%2005:37:53
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr.php?section=Yllix&pub=745624&format=300x250&ga=g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 7891fbf37a500b1046882594d0664b0378a36a982864dacdb98bec85d3b9049d

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 2289944 Show response
ad.a-ads.com/ Frame 5DF2 13 KB
5 KB 120ms
46ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2289944?size=468x60

Requested by

Host: www.btcmine.cc
URL: https://www.btcmine.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

0d3bbb6ea4498ede1fe93623a6f54a396aa87312c425cec0a61dc607a3527b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www.btcmine.cc/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 bnr_xload.php Show response
udbaa.com/ Frame 04D0 1 KB
2 KB 117ms
117ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=468x60&ga=g&xt=170572547336619&xtt=2410689&dateStr=01/20/2024%2005:37:53
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=468x60&ga=g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 13f7624d170130a3938c0efefd0b5c25f57ad238dd81207411faff372ce8ca43

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:53 GMT
last-modified: Sat, 20 Jan 2024 04:37:53 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/ 0
0 113ms
113ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.btcmine.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 04:37:53 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/ 0
0 107ms
107ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.btcmine.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 04:37:54 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 43 B
43 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 show.php Show response
udbaa.com/ Frame D669 2 KB
2 KB 43ms
42ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=468x60&ga=g&xt=170572547336619&xtt=2410689&dateStr=01/20/2024%2005:37:53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: c9abc972f257ab711f3539c975101c04ab1b0c7367161d5d2aa84d6eaf42e056

Request headers

Referer: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=468x60&ga=g&xt=170572547336619&xtt=2410689&dateStr=01/20/2024%2005:37:53
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 show.php Show response
udbaa.com/ Frame 534C 2 KB
2 KB 43ms
42ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr_xload.php?section=Yllix&pub=745624&format=300x250&ga=g&xt=170572547316863&xtt=1698164&dateStr=01/20/2024%2005:37:53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 74cc3e0e194d6ecdb93d321f8a6fbc879fc2cb384c1f1eb9b3788e38ec324a36

Request headers

Referer: https://udbaa.com/bnr_xload.php?section=Yllix&pub=745624&format=300x250&ga=g&xt=170572547316863&xtt=1698164&dateStr=01/20/2024%2005:37:53
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 css2
fonts.googleapis.com/ Frame 5DF2 5 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/2289944?size=468x60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 02:56:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 04:37:54 GMT

GET
H2 200 / Show response
qoca.site/b180228ef7/bd74f6fd55/ Frame D669 1 KB
956 B 129ms
35ms Script
application/javascript 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCjZGkZkCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_35180&adApiR=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=468&height=60&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Requested by

Host: udbaa.com
URL: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

de0bd970192136fa77fe6392694a0a2a9c58d4d5c6b130c12e3f9bcac5687247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_5l0n01.png
ylx-i.advertica-cdn2.com/aff/ Frame D669 13 KB
13 KB 175ms
66ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_5l0n01.png?1480419355
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: b24c7b4cf1071852c9c17938be9ca02f4e52d0be9f18839aa8e9a6f11183e195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:35:55 GMT
server: nginx
etag: W/"583d681b-333f"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame D669 2 KB
1 KB 143ms
33ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 /
udbaa.com/trk/ Frame D669 43 B
268 B 42ms
42ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?e1586af3ece67e77a7f0da6e363c9620
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u34481705725474=true&ad=673873&f=468x60&a=827929&cri=0&s=MjVlYzE5NThlZjU1NjEzZTQ4ZDg3MGE4MWQxOWI2MjU=&u=745624&si=615743197&di=49172896&ci=16&h=e1586af3ece67e77a7f0da6e363c9620&cc=DE&https=1&useAf=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
qoca.site/148bcf03fc/bb6bac9292/ Frame 534C 1 KB
962 B 126ms
34ms Script
application/javascript 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCpkGGppiijCikAAGjCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_26093&adApiR=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Requested by

Host: udbaa.com
URL: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

f7d78cc146c25ba89f0e058016d964c6368b62e300f7aef0cdf26982d158542f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame 534C 26 KB
26 KB 176ms
67ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 534C 2 KB
1 KB 175ms
66ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 /
udbaa.com/trk/ Frame 534C 43 B
268 B 38ms
37ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?869af9e0ddb3350e22abd65b0c663535
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u62951705725474=true&ad=673873&f=300x250&a=395578&cri=0&s=YTMxYzg2ZGJkZWRlMTY0ZGQ1ZTVjZTU0ZmUyM2M4OTk=&u=745624&si=497744338&di=49172896&ci=16&h=869af9e0ddb3350e22abd65b0c663535&cc=DE&https=1&useAf=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ Frame 5DF2 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 5DF2 46 KB
46 KB 75ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:14:16 GMT
x-content-type-options: nosniff
age: 267818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:14:16 GMT

GET
H2 200 bnr_xload.php Show response
udbaa.com/ Frame 92C2 1 KB
2 KB 103ms
103ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=160x600&ga=g&xt=170572547324212&xtt=6007190&dateStr=01/20/2024%2005:37:54
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=160x600&ga=g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: fe0cbfc7414bd2e47982e4fc481a0fdb446451d8d2b06d75fe2eaf9991b95aef

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/5834e64643bec9265230af957762afb8/ 0
0 114ms
114ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/5834e64643bec9265230af957762afb8/invoke.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.btcmine.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 04:37:54 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
qoca.site/148bcf03fc/bb6bac9292/ Frame ACDF 20 KB
3 KB 47ms
46ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qoca.site
URL: https://qoca.site/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XAdCpkGGppiijCikAAGjCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_26093&adApiR=loaded_string_34951f4683867b7f032ad298b3a356d6341aa_2938282_1705725473.9826_24496&time=01%2F20%2F2024%2005%3A37%3A53&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

05ce961492505b0da51a8d7365e4c8a07fc1645073df8af0f7dcd6ef1aac5048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 / Show response
qoca.site/b180228ef7/bd74f6fd55/ Frame 7863 741 B
971 B 50ms
50ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qoca.site
URL: https://qoca.site/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCjZGkZkCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_35180&adApiR=loaded_string_38572f4683867b7f032ad298b3a356d6341aa_2937592_1705725473.9813_25600&time=01%2F20%2F2024%2005%3A37%3A53&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=468&height=60&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

51f1fa995899a85ccb730dd6df66499dae26244f82047435ec67e61c6a90d521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 show.php Show response
udbaa.com/ Frame 8010 2 KB
2 KB 42ms
42ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=160x600&ga=g&xt=170572547324212&xtt=6007190&dateStr=01/20/2024%2005:37:54
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: dc70a8088325934986aebc34b659a7348f7786211fab0cdd8364bce997cf3fcd

Request headers

Referer: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=160x600&ga=g&xt=170572547324212&xtt=6007190&dateStr=01/20/2024%2005:37:54
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/ 0
0 112ms
112ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.btcmine.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 04:37:54 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 5359_36242DW114-EN-468x60.jpeg
cdn.qoca.site/generic/ Frame 7863 19 KB
18 KB 377ms
69ms Image
image/jpeg 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/generic/5359_36242DW114-EN-468x60.jpeg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.127.skhosting.eu

Software

nginx /

Resource Hash

46d80c91b72151f05e18b308721f95961d58ec46d2354aadbc9474542dc46ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 14:27:49 GMT
server: nginx
etag: W/"5fe9eb65-4c33"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 / Show response
qoca.site/87d1c6c507/4f9c843bb0/ Frame 8010 1 KB
961 B 34ms
34ms Script
application/javascript 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCGjrijACxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_21885&adApiR=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=160&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Requested by

Host: udbaa.com
URL: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

782f5a55b47b6f7b464b505af91be76aa51fc76225d94785b9a9a9ad8f54cf33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_le6kgi.png
ylx-i.advertica-cdn2.com/aff/ Frame 8010 34 KB
34 KB 35ms
35ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_le6kgi.png?1480419362
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:02 GMT
server: nginx
etag: W/"583d6822-8610"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 8010 2 KB
1 KB 36ms
36ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 /
udbaa.com/trk/ Frame 8010 43 B
268 B 42ms
41ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?a080c81837ded09def5a16d3dce7273b
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u74411705725474=true&ad=673873&f=160x600&a=781385&cri=0&s=OTdjY2ExMzk3YTBjZWI5NzQyZGU2ZDRkNDkzZWE1ZjY=&u=745624&si=615743197&di=49172896&ci=16&h=a080c81837ded09def5a16d3dce7273b&cc=DE&https=1&useAf=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
qoca.site/87d1c6c507/4f9c843bb0/ Frame 4181 20 KB
3 KB 45ms
44ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qoca.site
URL: https://qoca.site/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCGjrijACxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_21885&adApiR=loaded_string_98047f4683867b7f032ad298b3a356d6341aa_2938102_1705725474.1998_21251&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=160&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

d48095e793c8f144238bc970f838193db203904b547974b4c285b7af86f3becc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 yxpup.js Show response
o-oo.ooo/js/ 88 KB
32 KB 289ms
77ms Script
application/javascript 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://o-oo.ooo/js/yxpup.js

Requested by

Host: vdbaa.com
URL: https://vdbaa.com/pun.php?section=General&pt=6&pub=745624&ga=g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.42 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

affilist.com

Software

nginx /

Resource Hash

f1c4b717064c8e32130d1da73fb7441637fcf05cadcc10e87aa25bab07c9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
last-modified: Wed, 19 Jul 2023 14:30:40 GMT
server: nginx
etag: W/"64b7f390-15e87"
content-type: application/javascript

GET
H2 200 jquery-1.7.2.min.js Show response
code.jquery.com/ 93 KB
33 KB 235ms
22ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: udbaa.com
URL: https://udbaa.com/slider.php?section=General&pub=745624&ga=g&side=random
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6297217
x-cache: HIT, HIT
content-length: 33626
x-served-by: cache-lga21955-LGA, cache-fra-etou8220049-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705725475.577900,VS0,VE0
etag: W/"28feccc0-17278"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9, 26363

GET
H2 200 bnr_xload.php Show response
udbaa.com/ Frame EF90 1 KB
2 KB 110ms
110ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547311877&xtt=5054387&dateStr=01/20/2024%2005:37:54
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=120x600&ga=g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 50566186d7454f1f0701271fff6b21b5bdf8b87387b154d3a51de95fff346133

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 bnr.php Show response
udbaa.com/ 738 B
991 B 34ms
33ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=120x600&ga=g
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: f6537dcc8cf9e464f1bccf96d21785c73ecc4ee2a9551e4ebeb0ab1135d14207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 20 Jan 2024 04:37:54 GMT

GET
H2 200 bnr_xload.php Show response
udbaa.com/ Frame 5230 1 KB
1 KB 98ms
95ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547449309&xtt=2551829&dateStr=01/20/2024%2005:37:54
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr.php?section=General&pub=745624&format=120x600&ga=g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 6ead440dcda6839e4023f71b5552c1ba953d1303391c3e2f6cfd60a4e3ada420

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 200
OK ad.php Show response
ad2bitcoin.com/ Frame 8777 2 KB
2 KB 496ms
162ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2bitcoin.com/ad.php?ref=mraustinlee24&width=728
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: ed0f5dc000b5d2c192600f1c103e1b30619ca0b557b4c6fb3ca8b46542d0a35d

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Jan 2024 04:37:54 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/ 0
0 115ms
114ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://www.btcmine.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 04:37:54 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 ntload Show response
amgtui.com/ 0
144 B 386ms
120ms Fetch
application/javascript 2a02:b4a:1:7::9273:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amgtui.com/ntload?a=1&e=aeyJwaWQiOjExMzk0MjcsInNpZCI6MTMxMjQ0Miwid2lkIjo1MjYwNTksImQiOiJidGNtaW5lLmNjIiwibGkiOjh9&tz=1&if=0&u=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8%3D&ntli=4
Requested by: Host: zmonei.com
URL: https://zmonei.com/na/waWQiOjExMzk0MjcsInNpZCI6MTMxMjQ0Miwid2lkIjo1MjYwNTksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.btcmine.cc
date: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 pub_twg04t.png
ylx-aff.advertica-cdn.com/ Frame 5230 39 KB
39 KB 136ms
33ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ylx-aff.advertica-cdn.com/pub_twg04t.png

Requested by

Host: udbaa.com
URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547449309&xtt=2551829&dateStr=01/20/2024%2005:37:54

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.127.skhosting.eu

Software

nginx /

Resource Hash

e9ee26f9baea9447a9c51fcbf7f2be0273db323208e8e6c5df8f5a27d50e63bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-9d91"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 show.php Show response
udbaa.com/ Frame 8242 2 KB
2 KB 41ms
41ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Requested by: Host: udbaa.com
URL: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547311877&xtt=5054387&dateStr=01/20/2024%2005:37:54
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 612c8e41a2308be3e7ce2f09dcad505d095c626bebd600934f9f75573700f9f6

Request headers

Referer: https://udbaa.com/bnr_xload.php?section=General&pub=745624&format=120x600&ga=g&xt=170572547311877&xtt=5054387&dateStr=01/20/2024%2005:37:54
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 400 30727 Show response
veepteero.com/88/ 7 B
525 B 112ms
28ms Fetch
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://veepteero.com/88/30727
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0cfe66f7157cd18ce7f1af3a781df9adf6297d0da727f3f041daf624a3d338a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.btcmine.cc
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 7
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 banner_show.php Show response
udbaa.com/ Frame 8BF1 1 KB
2 KB 106ms
106ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/banner_show.php?section=General&pub=745624&format=120x600&ga=g&slider=20b939bf8962b246548c65e13bce9a74&dateStr=01/20/2024%2005:37:54
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 4ce8dd5b91b6443789fc3bb99f235a9f057d98814b746d4b08e43a38cde61772

Request headers

Referer: https://www.btcmine.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 but_close.png
ylx-i.advertica-cdn2.com/ 664 B
921 B 33ms
33ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/but_close.png?1360094895
Requested by: Host: www.btcmine.cc
URL: https://www.btcmine.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 05 Feb 2013 20:08:15 GMT
server: nginx
etag: W/"511166af-298"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 / Show response
qoca.site/1ccf616e0b/c3706a2c96/ Frame 8242 1 KB
994 B 35ms
34ms Script
application/javascript 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCpkripZCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_42071&adApiR=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&adApiR=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Requested by

Host: udbaa.com
URL: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

7ab8fa67c69777c296ac405f4b6d22f333f4227bf3b690e60cfa69fd271e6d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_93xzfo.png
ylx-i.advertica-cdn2.com/aff/ Frame 8242 25 KB
25 KB 36ms
35ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_93xzfo.png?1480419357
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:35:57 GMT
server: nginx
etag: W/"583d681d-6389"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 8242 2 KB
1 KB 37ms
36ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 /
udbaa.com/trk/ Frame 8242 43 B
268 B 42ms
41ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?733bf45457fadad8f8d17acbad27fd1a
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u44921705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=733bf45457fadad8f8d17acbad27fd1a&cc=DE&https=1&useAf=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
qoca.site/1ccf616e0b/c3706a2c96/ Frame BFB7 112 KB
72 KB 80ms
80ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qoca.site
URL: https://qoca.site/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCpkripZCxCZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_42071&adApiR=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&capSettings=dWRiYWEuY29tfDEwMDAwfDI0fDc2MjQ3&adApiR=loaded_string_68949f4683867b7f032ad298b3a356d6341aa_2999876_1705725474.6312_25591&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

cb9070f23461b254f15e0ed5b52d6617a4e1d22be1a82688baf4b63b1dc32eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 show.php Show response
udbaa.com/ Frame 976E 2 KB
2 KB 41ms
41ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Requested by: Host: udbaa.com
URL: https://udbaa.com/banner_show.php?section=General&pub=745624&format=120x600&ga=g&slider=20b939bf8962b246548c65e13bce9a74&dateStr=01/20/2024%2005:37:54
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 7c9459dabe310bd16408db0b631ce3fa7d5d593fa35d1720123a641c00b3595f

Request headers

Referer: https://udbaa.com/banner_show.php?section=General&pub=745624&format=120x600&ga=g&slider=20b939bf8962b246548c65e13bce9a74&dateStr=01/20/2024%2005:37:54
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
qoca.site/1ccf616e0b/c3706a2c96/ Frame 976E 1 KB
999 B 34ms
34ms Script
application/javascript 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCpkripZCACZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_47611&adApiR=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Requested by

Host: udbaa.com
URL: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

d28ccddd41d8bb75be732ae71e81dacbb4b9246c2f25b2aaf8e2d775c2738e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_93xzfo.png
ylx-i.advertica-cdn2.com/aff/ Frame 976E 25 KB
25 KB 35ms
35ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_93xzfo.png?1480419357
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:35:57 GMT
server: nginx
etag: W/"583d681d-6389"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 976E 2 KB
1 KB 36ms
36ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 /
udbaa.com/trk/ Frame 976E 43 B
268 B 41ms
41ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?5f244a9b905f6c407592a2275a912ff3
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u1541705725474=true&ad=673873&f=120x600&a=491342&cri=0&s=NzE4NDY4NzczYTc2YTkwYWZlNmRmMzZmMGU1ZjE5NTY=&u=745624&si=615743197&di=49172896&ci=16&h=5f244a9b905f6c407592a2275a912ff3&cc=DE&slider=20b939bf8962b246548c65e13bce9a74&https=1&useAf=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&ar=aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:54 GMT
last-modified: Sat, 20 Jan 2024 04:37:54 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ Frame BFB7 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BFB7 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
qoca.site/1ccf616e0b/c3706a2c96/ Frame AFC3 15 KB
3 KB 47ms
47ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qoca.site
URL: https://qoca.site/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrAGpirkGCpkripZCACZrGNrrpNZrjNZrCrCZZZCCrixCrZxCrCrGCxCiZxZjjpdGCCrxi_47611&adApiR=loaded_string_9568f4683867b7f032ad298b3a356d6341aa_2937508_1705725474.7735_38546&time=01%2F20%2F2024%2005%3A37%3A54&refferer=1686497446_aHR0cHM6Ly93d3cuYnRjbWluZS5jYy8=&width=120&height=600&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

022675e3351c0082ac4218a44d700bc84599bd1ba804573eb6a814a51ec92bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 04:37:54 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 css
fonts.googleapis.com/ Frame AFC3 1 KB
520 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Catamaran:800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d4b994118ed701aa65deb4c28f6abd2d0fb884628a84e1f5d617775ab056e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 04:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 04:01:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 04:37:54 GMT

GET
H2 200 fire.jpg
cdn.qoca.site/genericImages/breaking-news/ Frame AFC3 95 KB
96 KB 38ms
38ms Image
image/jpeg 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/genericImages/breaking-news/fire.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.127.skhosting.eu

Software

nginx /

Resource Hash

3ede3834b5ab7b96eb553d15389b0a2d6dca3f2c2f8b6c7a80c313f0c125a949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 09:26:37 GMT
server: nginx
etag: W/"5d9da7cd-17dc1"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 rocket.jpg
cdn.qoca.site/genericImages/breaking-news/ Frame AFC3 88 KB
89 KB 106ms
106ms Image
image/jpeg 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/genericImages/breaking-news/rocket.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.127.skhosting.eu

Software

nginx /

Resource Hash

25a604f84ee36fc3ca14abbc9fd2d0f7fd77d25304be93e7d8ab853fad2b8d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 09:26:15 GMT
server: nginx
etag: W/"5d9da7b7-160b5"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 tornado.jpg
cdn.qoca.site/genericImages/breaking-news/ Frame AFC3 41 KB
40 KB 106ms
106ms Image
image/jpeg 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/genericImages/breaking-news/tornado.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.127.skhosting.eu

Software

nginx /

Resource Hash

e3f8c209cb36df0ec275c3e0a5181494b023893e96fd25c668646fde8cf10003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 09:25:36 GMT
server: nginx
etag: W/"5d9da790-a397"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 tsunami.jpg
cdn.qoca.site/genericImages/breaking-news/ Frame AFC3 88 KB
88 KB 107ms
106ms Image
image/jpeg 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/genericImages/breaking-news/tsunami.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.127.skhosting.eu

Software

nginx /

Resource Hash

a906a456989df7202a54606e33079557cc9cf65a61941150073b337ff6f3b035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 09:25:19 GMT
server: nginx
etag: W/"5d9da77f-15e0e"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Mon, 19 Feb 2024 04:37:54 GMT

GET
H2 200 o-0bIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPPja5a7duw.woff2
fonts.gstatic.com/s/catamaran/v19/ Frame AFC3 9 KB
9 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/catamaran/v19/o-0bIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPPja5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Catamaran:800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab2d13f5093bc24ad63c594ec52a29696a03596728e7f7e853e397310ecccd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qoca.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:13:22 GMT
x-content-type-options: nosniff
age: 267872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:28:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:13:22 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 128ms
76ms Fetch
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zmonei.com
URL: https://zmonei.com/na/waWQiOjExMzk0MjcsInNpZCI6MTMxMjQ0Miwid2lkIjo1MjYwNTksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51079
x-xss-protection: 0
server: cafe
etag: 7632226205434471165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 20 Jan 2024 04:37:55 GMT

GET
H2 200 26834.png
cryptocoinsad.com/banner/ads_banner/ Frame 8777 139 KB
139 KB 96ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26834.png
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=mraustinlee24&width=728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3c2228c96253957b887ecf5e5300d625f04068d11dd31442d98052b3fb23cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:55 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 23:14:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1679
etag: "64f5136b-22adf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sTp29A1uwSEXRfWkPF6ZC2Cn9aMP3KVfmsZ1l%2BBecqzC%2B4V6%2Fyr%2BNdR8WKoE6fTv3C1IKn12cvXljG0UCrrMGADK8YopJCbLtzcwROcNzCKbsPgISSQebhDuPp%2FjPznsfoqJEZG7bp9DNmNNMKg0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 84849ffb9f079000-FRA
alt-svc: h3=":443"; ma=86400
content-length: 142047

GET
H/1.1 200
OK adqlt.php Show response
ad2bitcoin.com/ Frame BCB3 892 B
582 B 176ms
176ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2bitcoin.com/adqlt.php?ref=mraustinlee24&keycode=2946
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=mraustinlee24&width=728
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 957d2102e3f3fe93f009112b67a0e5ca47bfdfd090d0a03d5b6e14a308281514

Request headers

Referer: https://ad2bitcoin.com/ad.php?ref=mraustinlee24&width=728
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 336
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Jan 2024 04:37:55 GMT
Keep-Alive: timeout=5, max=49
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
DATA 200
OK truncated
/ Frame 8777 754 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c4964adac0e09cf0af35a2c9599e7d46af59dac499fd45643e38773818a7e97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abs
ptxhzp.com/ 0
0 340ms
113ms Fetch 2a02:b4a:1:7::9274:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ptxhzp.com/abs?f=10&wid=526059&di=zmonei.com&dl=amgtui.com&d=www.btcmine.cc&lok=1&abf=0
Requested by: Host: zmonei.com
URL: https://zmonei.com/na/waWQiOjExMzk0MjcsInNpZCI6MTMxMjQ0Miwid2lkIjo1MjYwNTksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 04:37:55 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H/1.1 200
OK ads.php Show response
hash512.com/templates/ Frame 9722 321 B
489 B 979ms
160ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hash512.com/templates/ads.php
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=mraustinlee24&keycode=2946
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 551546f184fb2b9d24a7bcc7b33dacc79a404b84c051b196901f5060ffab02a3

Request headers

Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 243
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Jan 2024 04:37:56 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 url Show response
www.google.com/ Frame 6522 346 B
1 KB 101ms
47ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?q=https%3A%2F%2Fkeewoach.net%2F4%2F6940605&sa=D&sntz=1&usg=AOvVaw3tJuZQlBHXtPQJZBtsaCFS

Requested by

Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=mraustinlee24&keycode=2946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

849d81916df48cbb340fe5cfe339dc95fd1b8b8f4d93a616c9cabd7889ced09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 346
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:55 GMT
expires: Sat, 20 Jan 2024 04:37:55 GMT
location: https://keewoach.net/4/6940605
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H/1.1 200
OK cnufxgd8ak Show response
www.toprevenuegate.com/ Frame 7294 115 B
817 B 335ms
108ms Document
text/html 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toprevenuegate.com/cnufxgd8ak?key=f2d7dd55d5b7d6958c972bb95314adbb

Requested by

Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=mraustinlee24&keycode=2946

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 115
Content-Type: text/html
Date: Sat, 20 Jan 2024 04:37:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.21.6
Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: f205fdab191d1dd0a0b779f07d9bee28

GET
H2 200 6940605 Show response
keewoach.net/4/ Frame 6522 32 KB
14 KB 132ms
57ms Document
text/html 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://keewoach.net/4/6940605
Requested by: Host: www.google.com
URL: https://www.google.com/url?q=https%3A%2F%2Fkeewoach.net%2F4%2F6940605&sa=D&sntz=1&usg=AOvVaw3tJuZQlBHXtPQJZBtsaCFS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1cbb9f67bd72d6a2c4aca6a9bc22fad7a06dba749d58302906b265c8db43aaec

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 20 Jan 2024 04:37:55 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 0e151720f9e9d688dfd3b7cebe1f7efd

POST
H2 200 sftouch
keewoach.net/ Frame 6522 2 B
609 B 28ms
28ms Ping
text/plain 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://keewoach.net/sftouch?userId=d937604d7e334e8e93cfa618f534c56d&z=6940605&p_rid=7385d487-c6de-401b-82d0-00fbc9879822&p_src=sf

Requested by

Host: keewoach.net
URL: https://keewoach.net/4/6940605

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keewoach.net/4/6940605
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: af0c64a8bf5ac1379870988bc7065b16
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://keewoach.net
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 6522 43 B
492 B 104ms
31ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=d937604d7e334e8e93cfa618f534c56d&z=6940605&p_rid=7385d487-c6de-401b-82d0-00fbc9879822&p_src=sf

Requested by

Host: keewoach.net
URL: https://keewoach.net/4/6940605

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keewoach.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add Show response
datatechone.com/log/ Frame 6522 2 B
465 B 137ms
38ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2b0d8e34-d4ab-42a4-921d-6a6d7a65036b
Requested by: Host: keewoach.net
URL: https://keewoach.net/4/6940605
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://keewoach.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Jan 2024 04:37:55 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://keewoach.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
myhotfeed.com/ Frame 6522
Redirect Chain

https://keewoach.net/?z=6940605&syncedCookie=true&rhd=false
https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

40 KB
14 KB

196ms
110ms

Document
text/html

172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by: Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=mraustinlee24&keycode=2946
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 07570bc11489647769a7906c9db97be13e5ac00f3e2780377733efd28d5d0d74

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://keewoach.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84849fff6ac56ec0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2unaxTmI0nFLGZwji1ZqgDGIbxJFK9o1Gq3keS9TbQWYtpDbugtRxjm3qCnxBnLGFidFDHYxZTdml6PvVSeEkpFIJU1wUDJExMKemCCxcgxKxDDIbuZ6FOg7UFa0LBf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://keewoach.net
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sat, 20 Jan 2024 04:37:55 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://myhotfeed.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 9b8ddaa3f3209cd5ccc1d0de5cd2d17d

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 6522 65 B
542 B 28ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=568835a4697b59fd78088df515f372b4

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3e29cd6ab71d60c3d5b233105cbc60c53c3e47e2f43ca64df7252eb64be6de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myhotfeed.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
myhotfeed.com/pfe/current/ Frame 6522 26 KB
10 KB 66ms
66ms Script
application/javascript 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bb863239e7deafca0188b7a37efed56fec31a9f71d33cf253793c1e2738a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 08:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a8e670-69d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PEXUL6iaoVsdW7TcqCkTopDrRptIsVk1QAY8RSjXMzbnV7MgF33IX8rCnKQHZu7cnh8t72ZNsWkhUSdsvE8gD2F3wBjnYNXu1hB6JG8dui0ICNgEz5jeIkUfC14JI4i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 8484a000cb436ec0-CDG
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 6522 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
myhotfeed.com/19/4662728/ Frame 6522 3 KB
3 KB 51ms
51ms XHR
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/19/4662728/?abt_opts=1&var=6940605&var3=772431231878181516&ymid=&rhd=1

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85898a29a5c659249ac5e3d647320ffae42cdf9074ca3d0f3c9f9c51bf00016b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 799b8137790eca6384b98f924bf93f22
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgBe0dMM9sGpseL6MW5MyR6saJdSJGtsvRH08g7M3iWpnxXXZyKgIZKOe0mW6h%2B8UmH%2BgI3aic%2FMjyf3qA4145OuZQvcEhoMXElRDIZGf2dz%2B8vhDY0NspHwEaCenoi6"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8484a000db466ec0-CDG
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
myhotfeed.com/ Frame 6522 2 B
388 B 71ms
70ms XHR
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bavdu7jk2BGYubCoJRxaw%2BW9R%2BHK%2FfkwSKekXFNY7wEm6EaVbE1uAYIgQN3NY0doKDLWqYAbvoIBP0qGQBdvtykC0yUHQKBe5RdglWOIZfWlrVXCwwVmeN6DzIq%2Flh%2By"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8484a000db486ec0-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
myhotfeed.com/ Frame 6522 3 KB
3 KB 101ms
101ms Fetch
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/rhd?rb=At7yC_mT1Ge0b5R0Jbptng8NMQc1yYeMeXF_oviRgXm2PgIlTHHgIq3gfaqYW0fs4C5bGzlMF4uGZeBAchb2oGuvJkaPIAB4bOJqVSCbHTPd8QGEhDCks2xkN_Fj5ihq8TFQU2lzSJCOEqftyUjsoDCwKeygMULs4JdPPUYuJDvdkjKy_kL3PwzTvgb_ABwGVQcE7RsfApAiONqDJkwQ9N-98ww-Cu2Dnw2nBfj3DtOBrp1wg_Znzx8ptEqIrB2c1nNxpxcUgg0H6jDssVbv1R-OAt1BQiEcTcKh7liRvmNbkSLFj60c4ZhN__curFrsBOsb0OU0fp5JhyZMHdr8HNgqQFLb9PoFgrSJiPHjwS5MxniLEEDtIeP7UNeVVv87mVtnRV3xJgrbzkAkKKo28umHNS57DxtFAvZ53ziZwY7WjU4BkBv4JQUXlH2z08eb3olzaD4GC6n1hLUBX0XKQ_BEn67Au6SxoFvxb1rXyN2fb--3tg2_Yoq3TgvI7pLn2RFwq_MuDtxy8OsQthNkW943m_Y9dYK7&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1200&wih=1200&wiw=1200&wfc=8&pl=https%3A%2F%2Fmyhotfeed.com%2F%3Fs%3D772431231878181516%26ssk%3Dd1e14fbec7cf2e4b4bdcd0521a812a57%26svar%3D1705725475%26z%3D6940605%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=6940605&var3=772431231878181516&ymid=&rhd=1&m=link

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb4d97938ded77785357087e6cdd7393f055de4822641388c9945feb6b6471a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: ffd23eb7089bb014792a0eab25cbc5c3
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tpzz9ybbqiuMoMgS3jSOQsOnsySTv%2FTYpE00TP%2BHelVYYCYv%2B0WXo0I0lo1prlYe7ftA7US3QVObMq47b4eyCL7b1m3lO4ZPq2CC26KnxAzMzGGbSY1hnDHJizeW1G7T"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8484a0012af75d74-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
myhotfeed.com/sw-check-permissions/ Frame 6522 0
936 B 114ms
114ms Other
application/javascript 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/sw-check-permissions/4662709?var=6940605&ymid=772431231878181516&uhd=1&zoneId=4662709
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tjddMCq5rU%2FkjhCNUrytV2jtg0fXMoX090mpSWJphJKKFMPNLrIbL0s8yqULPhPzy2XkOKR93NFvyzknAHTD0O1Am4zLTn2BxzyTrgcfUWEltCLlcd0m1PIqxpdcdSM"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 8484a0013aff5d74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
myhotfeed.com/ Frame 6522 0
476 B 99ms
99ms Ping
text/plain 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=myhotfeed.com&var=6940605&ymid=772431231878181516&var_3=&var_4=&dsig=&tg=1&sw=3.1.474&action=prerequest

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: ca136e6e52bbc7ac3ac0348a6f1b3e15
date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOSioGoHZwebMyEW7Z1jRHIeso8%2BVLSaqYJNUt20jI9aALurS7tuknIkpIpZN29S1qluGq0FaWEFvLaGQDa3TuxUC7rrQ4K15i57cBWNb7rn6WUaVdECnZfqfDQBz77v"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://myhotfeed.com
access-control-allow-credentials: true
cf-ray: 8484a0013b005d74-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 6522 65 B
542 B 30ms
30ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=772431231878181516&var=6940605

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3e29cd6ab71d60c3d5b233105cbc60c53c3e47e2f43ca64df7252eb64be6de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myhotfeed.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
myhotfeed.com/ Frame 6522 797 B
1011 B 72ms
72ms Fetch
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=myhotfeed.com&var=6940605&ymid=772431231878181516&var_3=&var_4=&dsig=&tg=1&sw=3.1.474&action=settings

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd96d5c39339816200495888d3280593e7a1e5a5fcc613ddd7d4acf466e60882

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: cd6da71a6724d4da986c9b7ad45d1af1
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPhqfNccsUU%2Br8CDpLs83l6tQASWmwsQzJHb5jhcvd7AM6c3YL%2BfJm7sRCD%2FvzhlcCtY945ZYtGFR1SkY%2F9NwxN0h2pJIyDNbVj41u7TARZrRb1TLwCjlgxNh59f0E60"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8484a0014b045d74-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H3 200 / Show response
myhotfeed.com/ Frame 6522 40 KB
13 KB 106ms
105ms Document
text/html 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 4798e081f26927876c5f6201fc0179d550fefd44b68a3545a2bac369b83880f2

Request headers

Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8484a0017b1e5d74-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 04:37:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUH%2Fb0ibDfSENP1RWQvPpt%2FRdJ7LsNBYr%2FGxw1u%2BQlGy8Cm0FgHFzD8EzIb4JEJSRXlCATumlKFg4FxEbltgr1jBaC3fz69PpaCBU4Qfw3VbRfkw2yN7GXzW6GleypfC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 6522 65 B
542 B 29ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=66826e3c77fd4391a3ff905072395090

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3e29cd6ab71d60c3d5b233105cbc60c53c3e47e2f43ca64df7252eb64be6de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myhotfeed.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 micro.tag.min.js Show response
myhotfeed.com/pfe/current/ Frame 6522 26 KB
11 KB 49ms
49ms Script
application/javascript 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bb863239e7deafca0188b7a37efed56fec31a9f71d33cf253793c1e2738a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 08:50:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a8e670-69d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTNBBfAMrzHi2G5XENr%2BMNCitEBwVWji1FciHYY4Pygm7dHup9EuykGk7QAOsSQNYzHJ4aj6O6wawRUegG7S%2FVeiy2qB5ErcDjJONA2Ku%2FdP7wHfmKCJLslGCPn%2F9N0H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 8484a0022b6e5d74-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 6522 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
myhotfeed.com/19/4662728/ Frame 6522 3 KB
3 KB 40ms
40ms XHR
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/19/4662728/?abt_opts=1&var=6940605&var3=772431231878181516&ymid=&rhd=1

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9ed0c78128fe8c6100bcfeaeffb4b249a01783aa5cc4c15adecb89df70b4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: a12fc2a1170743a79140a559ea07f888
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i83t1mkISnonxoVoSYQ%2F9ELEY6C3WNqHYP28zjLc3v3%2FHr9Z4QMZidXCS33R23Hosg9Lf2%2FbEUu9Ot1yRVeTXWc1v7gakd4tEn0NehmM6Cxx%2FhG5Mo1A3ypE6SRBaRF"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8484a0023b705d74-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
myhotfeed.com/ Frame 6522 2 B
524 B 52ms
52ms XHR
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKbPF7%2B8Pf%2FYCvrB3naGCMNssfCq3Iif5Wznu3yGtQxBzPW5%2Fw%2B3upwe%2Bqj6b4wWGjwRKlwbNC42YIuGOHabuFvWOrWtes4Q2v0WrR3qTOPIiHFCCh9gkF3dI9sfi2m4"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8484a0024b765d74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 1705833 Show response
acceptable.a-ads.com/ Frame A576 22 KB
6 KB 65ms
50ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1705833?size=728x90

Requested by

Host: hash512.com
URL: https://hash512.com/templates/ads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

0da1fbc028b7367ecbc92d3db07cd45618fa366c0e038a1f0ef65176dd6b2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hash512.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 20 Jan 2024 04:37:56 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://hash512.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 rhd Show response
myhotfeed.com/ Frame 6522 3 KB
3 KB 54ms
53ms Fetch
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/rhd?rb=ueoSc3lVN6aF8fST6oP5iFHGdUoTRUddn2L-NekJD7Vi41VoikbWrtQq4PD3nkMhEHelenU1BQg72Uy_bwcaf3mAoHw3BLBBUy_oGzup-uzVwdwLspDu-LNMcaE3BtWxnRRWBN3fjNzRjt5krGDzoRwa98iwDzEA3-OeTBtct08WzF5M05whdLohN1xjfg0JYS-mLRBpfk4A0-ILDrmo2iYyIXWS9RvjH26xkuiHB3EJ8YuxdYGmWBtzSQiOb0xgaHR9y9MbunelFPAW0iZSGVS9lJ94HLPdzm8fHOhV9RUdCcT_HxcRVO07jOpNMki9CUYeqbwljdtKkDA4oCl4QmRnpkhBw9tNVJj3lrNeXgPgM_xhCYqA5D7uvFzARyql_AEhUE87HaX8ElF6XeR9NlwbCtKi1g6kYqkmCE53h4UrMAH5oqdrkifd7L6SpVPORQ8A6OwSLTFuRYzld5DDRya9VVKnucoDPp8mdGBlyjvq2dzQkQysk4q1XkJnLhK1go68ToFmAHu6x_MUaGIDGEvOpDfbmNbWq5xMdw%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1200&wih=1200&wiw=1200&wfc=8&pl=https%3A%2F%2Fmyhotfeed.com%2F%3Fs%3D772431231878181516%26ssk%3Dd1e14fbec7cf2e4b4bdcd0521a812a57%26svar%3D1705725475%26z%3D6940605%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fmyhotfeed.com%2F%3Fs%3D772431231878181516%26ssk%3Dd1e14fbec7cf2e4b4bdcd0521a812a57%26svar%3D1705725475%26z%3D6940605%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=6940605&var3=772431231878181516&ymid=&rhd=1&m=link

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d12461c55d29e557abf995cd225c77fd294a1651bd2e4f5f6ff8595cd8a3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 0c1930bd4691b2b40c9540f79ff37502
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPeIUK1hgGm5Auxv5ITOEI%2BJzhBT%2B2exYBkle139XLvf8hzbN2%2F5tbG6c3uqQRZGgjh1Rfx254NVlzmmZo7rEEQog8B2VWHzxnuBCDTbEpdGKwfbAieUE2m18so1dATN"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8484a0027b895d74-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
myhotfeed.com/sw-check-permissions/ Frame 6522 0
943 B 48ms
48ms Other
application/javascript 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myhotfeed.com/sw-check-permissions/4662709?var=6940605&ymid=772431231878181516&uhd=1&zoneId=4662709
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ3BifN25gbO1dpCHIWz7jkzUcxkeER2obD8qAyczQcwYEb2lfVWe%2FFbq2BtAoCDEvAUaj8lYT3lgF2yxef%2F3t7J0d8wnmyqsYFYWlXFM9NwkYT%2Fc%2B%2BftBp%2F%2BsCtDpF0"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 8484a0029b965d74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
myhotfeed.com/ Frame 6522 0
487 B 37ms
36ms Ping
text/plain 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=myhotfeed.com&var=6940605&ymid=772431231878181516&var_3=&var_4=&dsig=&tg=1&sw=3.1.474&action=prerequest

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: 63d34fac304da65049a70e4d43da3e37
date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynTL8yBkpktI%2FI6lsYC42MH77S4eWGEDukXXB2laB%2B%2FZsnDoJEhfhy8c%2BveifJhM%2BY1iPBUXjozj7A%2B00NEEBo1t3UwnP8NiXJLXkSaOSZEV%2BQmlIIfUrP61IldlLMQ8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://myhotfeed.com
access-control-allow-credentials: true
cf-ray: 8484a0029b975d74-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 6522 65 B
542 B 29ms
29ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=772431231878181516&var=6940605

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3e29cd6ab71d60c3d5b233105cbc60c53c3e47e2f43ca64df7252eb64be6de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myhotfeed.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 zone Show response
myhotfeed.com/ Frame 6522 797 B
979 B 41ms
41ms Fetch
application/json 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=myhotfeed.com&var=6940605&ymid=772431231878181516&var_3=&var_4=&dsig=&tg=1&sw=3.1.474&action=settings

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/pfe/current/micro.tag.min.js?z=4662709&ymid=772431231878181516&var=6940605&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd96d5c39339816200495888d3280593e7a1e5a5fcc613ddd7d4acf466e60882

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 92471f69b0c3d0547445e94fb28c2eca
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzFPzMBz8Xb9Q6ETr%2F5Iq2AKD%2BLvCHvK3JKL%2FoWpdW5MLZq%2F8Yfy0uTsCgKAYvPrPHXjDH8KX0SFuNtbMEDVBdwVkvYI9jGnITPU4WP4A2lg4pzAwuU4yKUHNrtFzroC"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8484a0029b985d74-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H3 200 css2
fonts.googleapis.com/ Frame A576 5 KB
647 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1705833?size=728x90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 02:54:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 04:37:56 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/491510/ Frame A576 46 KB
46 KB 67ms
52ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/491510/728x90?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1705833?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: f2e4dd19e2f957965cd8c2f17dd63dac40b42cf6887f632abb60d23fa48b085b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
x-amz-version-id: rrjgUgM6L3IDEZlyZj8_oxy3NWvBzj5W
last-modified: Tue, 28 Nov 2023 17:16:38 GMT
server: nginx
x-amz-request-id: RAXWQ6G5DY1G71BH
etag: "bb330ec50ad20b426021763b2255c86b"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 46771
x-amz-id-2: uG61yUYgG8T8nU0A/m2R1lKLKgGR0ns33tIZjkVZngZHJo/yFWXCXC1FNBYdE+smVogAImKnOnI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame A576 46 KB
46 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acceptable.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:14:16 GMT
x-content-type-options: nosniff
age: 267820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:14:16 GMT

GET
H2 200 binencez-630x380.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZTx437FikTvWzkH-gD37X3XRek00K_oE-iqNzA-w0JExvsAid-JTaEnZsg6epS7W1vg6gkQFHKnnVlpACpL-0He4hHkbPV7iJMMfs9Z6aOYc6CqArHtcOiEPMcSG51DG4zuqD2WUp-lBtLS9L... 6 KB
6 KB 663ms
662ms Image
image/webp 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZTx437FikTvWzkH-gD37X3XRek00K_oE-iqNzA-w0JExvsAid-JTaEnZsg6epS7W1vg6gkQFHKnnVlpACpL-0He4hHkbPV7iJMMfs9Z6aOYc6CqArHtcOiEPMcSG51DG4zuqD2WUp-lBtLS9L-Pry1ZDrfRRWNq4ykUyq36wNX1v0RYaCA0s2hY9F/w418-h235-c-rw/binencez-630x380.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a7ee37badbb840c4362a292f66b41eafaf3bf5a8dc0e309c1078bfd440a0198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
x-content-type-options: nosniff
server: fife
etag: "v8"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="binencez-630x380.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5864
x-xss-protection: 0
expires: Sun, 21 Jan 2024 04:37:56 GMT

GET
H2 200 binencez-630x380.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLtemYGvuHRW5xETo1ygiKQrM2jR_hWK-zMxfrjGyrmlxRA50iXoTbpFwOIbOEMiC848Kjzx6NuNYCs4SwSjIBqTPT4fKtaouSmCO01KFA2qzBydykuAsDw7MvhHV02za-9eb_5WpKJcQ4yH7I... 6 KB
6 KB 661ms
661ms Image
image/webp 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLtemYGvuHRW5xETo1ygiKQrM2jR_hWK-zMxfrjGyrmlxRA50iXoTbpFwOIbOEMiC848Kjzx6NuNYCs4SwSjIBqTPT4fKtaouSmCO01KFA2qzBydykuAsDw7MvhHV02za-9eb_5WpKJcQ4yH7Imxm8b8KrmJPIQAYgfVeKP0ae8uJ_zXc2wlBJJzuf/w418-h235-c-rw/binencez-630x380.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a7ee37badbb840c4362a292f66b41eafaf3bf5a8dc0e309c1078bfd440a0198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.btcmine.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
x-content-type-options: nosniff
server: fife
etag: "va"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="binencez-630x380.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5864
x-xss-protection: 0
expires: Sun, 21 Jan 2024 04:37:56 GMT

GET
H2 200 1110727 Show response
ad.a-ads.com/ Frame DB76 13 KB
5 KB 46ms
46ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1110727?size=728x90

Requested by

Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=mraustinlee24&width=728

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

0f6f0ef31eedb74e084f9f69e1d114ed8bb286466399dcfa9b9996f84369d5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 20 Jan 2024 04:37:56 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ad2bitcoin.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame DB76 5 KB
647 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/1110727?size=728x90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 04:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 02:56:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 04:37:56 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame DB76 674 KB
676 KB 27ms
27ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1110727?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: STJF1PFFAKN6XM4K
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: hNZCuemu2HLJdTAnnblOX1AJ5NaHJXHtLzQVN17boMT6QT5+M0bPynwDqU81nejhC6hpjB7OQyg=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame DB76 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame DB76 46 KB
46 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:14:16 GMT
x-content-type-options: nosniff
age: 267820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:14:16 GMT

GET
H/1.1 200
OK 6517545af1a71e0001de416a Show response
track.routes.name/ Frame 6522 949 B
2 KB 153ms
44ms Document
text/html 217.20.112.104
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=keyweb%20ag&sub9=desktop&ref_id=772431233631396026&cost=0.000279&oaid=d937604d7e334e8e93cfa618f534c56d
Requested by: Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 217.20.112.104 Petershagen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 585c477d4935dee959265784089058ab7662e828b074c76f7e656d10fad9d53d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 949
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Jan 2024 04:37:56 GMT
Server: nginx/1.20.2

POST
H3 200 cat.php
myhotfeed.com/ Frame 6522 0
751 B 36ms
36ms Ping
text/plain 172.64.174.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://myhotfeed.com/cat.php?userId=66826e3c77fd4391a3ff905072395090&zoneid=4662728&rb=ueoSc3lVN6aF8fST6oP5iFHGdUoTRUddn2L-NekJD7Vi41VoikbWrtQq4PD3nkMhEHelenU1BQg72Uy_bwcaf3mAoHw3BLBBUy_oGzup-uzVwdwLspDu-LNMcaE3BtWxnRRWBN3fjNzRjt5krGDzoRwa98iwDzEA3-OeTBtct08WzF5M05whdLohN1xjfg0JYS-mLRBpfk4A0-ILDrmo2iYyIXWS9RvjH26xkuiHB3EJ8YuxdYGmWBtzSQiOb0xgaHR9y9MbunelFPAW0iZSGVS9lJ94HLPdzm8fHOhV9RUdCcT_HxcRVO07jOpNMki9CUYeqbwljdtKkDA4oCl4QmRnpkhBw9tNVJj3lrNeXgPgM_xhCYqA5D7uvFzARyql_AEhUE87HaX8ElF6XeR9NlwbCtKi1g6kYqkmCE53h4UrMAH5oqdrkifd7L6SpVPORQ8A6OwSLTFuRYzld5DDRya9VVKnucoDPp8mdGBlyjvq2dzQkQysk4q1XkJnLhK1go68ToFmAHu6x_MUaGIDGEvOpDfbmNbWq5xMdw==&var=6940605&var3=772431231878181516&ymid=&rhd=1

Requested by

Host: myhotfeed.com
URL: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.174.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://myhotfeed.com/?s=772431231878181516&ssk=d1e14fbec7cf2e4b4bdcd0521a812a57&svar=1705725475&z=6940605&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 04:37:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: dbbeaa72934dba051a58cbe6eb68150e
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJS1MdSjAPZeH1NGfIXnLR7yIq5BAqT%2FzDUsQY03Ldae%2Bs%2FWnxcf1SRnSTH8zp3GBBbWE5U4OzNmYrhpmdaiLtwqHpOxrAKWRcoJ1Z72%2FGCLChmpvPuf4ix%2BrVQPyjwI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://myhotfeed.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 8484a005fd105d74-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

/ Show response
understandingerrors.com/landing/ Frame 6522
Redirect Chain

https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Und...
https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Understanding+Er...

17 KB
8 KB

58ms
58ms

Document
text/html

2606:4700:3035::ac43:98ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Understanding+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:98ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 999138dcc8c9b4677633e476e6efd7e639a1f70708bc1a88de9cc4f2f0ae06c5

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=keyweb%20ag&sub9=desktop&ref_id=772431233631396026&cost=0.000279&oaid=d937604d7e334e8e93cfa618f534c56d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8484a0086c07661c-AMS
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sat, 20 Jan 2024 04:37:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RWP7C70ROGboBAa86JXGw6ovLhiHgvReZUUmr8X4mh7iITEvJFALru7Q%2Bp2nE6phR5y3XmKzyX6aw8KbZS8DRQFK%2FgYfvYkl%2FTPKG5iGTURYdVI27pFPYiV%2BzZ1KVIZ3l1a69KwU08DovRRCcmgcyxSRH1ahg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8484a0080bbd661c-AMS
content-length: 0
date: Sat, 20 Jan 2024 04:37:57 GMT
location: https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Understanding+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QRyH3tTL4qHUGNRE3SNvVrKoRbeL1wwxZk%2F3LuY5AyXroWlTKDDyVbDBawcTsKLpdrENI85xcULDZcGJmnZam49SJWAuKdGl%2B%2B%2F2Tz67jRcO1%2FIVhYQ51pzzJgtHcMKeBT76TDcfHeLSyiKT9EW%2B2rVcxjW0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame 6522 152 KB
24 KB 62ms
39ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: understandingerrors.com
URL: https://understandingerrors.com/landing/?a=domain-ab&utm_source=3&utm_campaign=65ab4e24dcdac50001d0d2a7&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Understanding+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://understandingerrors.com/
Origin: https://understandingerrors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6902565
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbmjdNaJxDofXXEZPGsNE4VCKe2NvmjpzShlp40t3GL1Q%2Bzr4ohew2C30ONkgT8CdrmPabtZqLj0kGnLPZqtosFuhHbIL3X63rard%2BN2sg1hGhYXTDAv7z4vy5kXIYZdYSjvldh%2BmFCrLqi%2BT4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484a008e8ef5d79-FRA

GET
H3 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame 6522 79 KB
11 KB 32ms
31ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://understandingerrors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10016
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220090-FRA, cache-lga21920-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIr8KYVYv%2F%2FVGoTMHsfWwMCK8nhJ%2B3oR4uTz243n0tIqRiF5aNUj4VGVxdy494TD2buC8r26%2F2D44fQRioOcMYzlUlQAB3LwLZOOgZCZ6xUmHhtYUHoTlyZsMREY3mVGjuXvG87dzikZrTBgcRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484a008ccff2bbb-FRA

GET
H3 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame 6522 77 KB
23 KB 84ms
61ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://understandingerrors.com/
Origin: https://understandingerrors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6043399
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230030-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhrlkqG7%2FHUpcpiX1qXmw5%2FKbsJnnQXIcSUpcJSU2lAhdW3WZFrAFcHQbzUXRZRo%2BeeiKrWIgMTOgRs0vQZwa4RUkZgkfWfDzFbklwyCpZOJaPZ%2FwaSQJPwvi3no3KV8WZaNntnIz%2F4XWQIurY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484a008e8f05d79-FRA

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ Frame 6522 14 KB
6 KB 78ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://understandingerrors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4308873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKbL%2FZxh%2BVZWoWt2n%2FrQRQJvk82JhnhgPP8a4ez6PPAsx80raMRy0SMnwISthAilclt9xtmTlEklkG3cWHxjSjkN92kkl5nrWsvDtDmOXeu%2BlqjUa1EL8wre6gZBpbuOOT6antpCs9jMIwZIEh51Qwx8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8484a0091d6c6ae2-FRA
expires: Thu, 09 Jan 2025 04:37:57 GMT

GET
DATA 200
OK truncated
/ Frame 6522 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6522 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ Frame 6522 3 KB
4 KB 55ms
29ms Image
image/png 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://understandingerrors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 04:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4496068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ1QbGKPrdkPHAsQdT3GP36KTu6vDsS5nROnHz6GerAvHnt3JQUdJ4F1ErQfseNZcYdh9kc6qLuPdTLqbKWndTwr57TDzcWcAocwYLWQi8l7BJqk80WXOYTL4totT6agwBOakoS%2BXAo2kELiaZkT5F%2Bu"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8484a009b8349042-FRA
expires: Thu, 09 Jan 2025 04:37:57 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qoca.site/148bcf03fc/bb6bac9292	1970-01-20 17:48:46	Name: total_impressions Value: 1
qoca.site/b180228ef7/bd74f6fd55	1970-01-20 17:48:46	Name: total_impressions Value: 1
qoca.site/87d1c6c507/4f9c843bb0	1970-01-20 17:48:46	Name: total_impressions Value: 2
qoca.site/1ccf616e0b/c3706a2c96	1970-01-20 17:48:46	Name: total_impressions Value: 4
.udbaa.com/	1970-01-20 17:48:46	Name: used_ad2937592 Value: 1
.udbaa.com/	1970-01-20 17:48:46	Name: used_ad2938282 Value: 1
.udbaa.com/	1970-01-20 17:48:46	Name: used_ad2938102 Value: 1
qoca.site/	1970-01-20 17:48:46	Name: used_ad2938282 Value: 1
qoca.site/	1970-01-20 17:48:46	Name: used_ad2937592 Value: 1
qoca.site/	1970-01-20 17:48:46	Name: used_ad2938102 Value: 1
.udbaa.com/	1970-01-20 17:48:46	Name: used_ad2999876 Value: 1
.udbaa.com/	1970-01-20 17:48:46	Name: used_ad2937508 Value: 1
.udbaa.com/	1970-01-20 17:48:46	Name: total_impressions Value: 4
.udbaa.com/	1970-01-20 18:31:57	Name: cpa_673873 Value: 120x600_615743197_5
qoca.site/	1970-01-20 17:48:46	Name: used_ad2999876 Value: 1
qoca.site/	1970-01-20 17:48:46	Name: used_ad2937508 Value: 1
keewoach.net/	1970-01-21 02:34:21	Name: OAID Value: d937604d7e334e8e93cfa618f534c56d
keewoach.net/	1970-01-21 02:34:21	Name: oaidts Value: 1705725475
my.rtmark.net/	1970-01-21 02:34:21	Name: ID Value: d937604d7e334e8e93cfa618f534c56d
keewoach.net/	1970-01-20 17:58:50	Name: syncedCookie Value: true
myhotfeed.com/	1970-01-21 02:34:21	Name: OAID Value: 66826e3c77fd4391a3ff905072395090
myhotfeed.com/	1970-01-21 02:34:21	Name: oaidts Value: 1705725475
.track.routes.name/	1970-01-20 17:50:11	Name: redcmps Value: W3siaWQiOiI2NTE3NTQ1YWYxYTcxZTAwMDFkZTQxNmEiLCJ0IjoiMjAyNC0wMS0yMFQwNDozNzo1Ni45MjQ2NzU3MTZaIn1d
.track.routes.name/	1970-01-21 02:34:21	Name: redhash Value: NjVhYjRlMjRkY2RhYzUwMDAxZDBkMmE3fDB8NjUxNzU0NWFmMWE3MWUwMDAxZGU0MTZhfHw4ZDA2NDM4OS0xZTBlLTRkZmEtODEzMy0yZmI3M2NlZTNiYTd8MTcwNTcyNTQ3Ng==

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.btcmine.cc/(Line 1137) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/01ad4e2e52d8918ca90e07bb094df841/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.btcmine.cc/(Line 1137) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/01ad4e2e52d8918ca90e07bb094df841/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.topcreativeformat.com/01ad4e2e52d8918ca90e07bb094df841/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://www.btcmine.cc/(Line 1157) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.btcmine.cc/(Line 1157) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pl21913451.toprevenuegate.com/1c/0e/81/1c0e8181b9d8a74355e8ab000c632245.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://www.btcmine.cc/(Line 2294) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.btcmine.cc/(Line 2294) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://www.btcmine.cc/(Line 2311) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/5834e64643bec9265230af957762afb8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.btcmine.cc/(Line 2311) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/5834e64643bec9265230af957762afb8/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pl21912719.toprevenuegate.com/58/fa/3d/58fa3db6e65be877097babcae46e9a41.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.topcreativeformat.com/5834e64643bec9265230af957762afb8/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://www.btcmine.cc/(Line 2331) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.btcmine.cc/(Line 2331) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://www.btcmine.cc/(Line 2409) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.btcmine.cc/(Line 2409) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.topcreativeformat.com/dcbc064e107e45340f41d2ab7acd0697/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://veepteero.com/88/30727 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acceptable.a-ads.com
ad.a-ads.com
ad2bitcoin.com
alwingulla.com
amgtui.com
blogger.googleusercontent.com
cdn.jsdelivr.net
cdn.qoca.site
cdnjs.cloudflare.com
code.jquery.com
cryptocoinsad.com
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
fonts.maateen.me
hash512.com
keewoach.net
my.rtmark.net
myhotfeed.com
o-oo.ooo
pagead2.googlesyndication.com
pl21912719.toprevenuegate.com
pl21913451.toprevenuegate.com
ptxhzp.com
qoca.site
static.a-ads.com
track.routes.name
udbaa.com
understandingerrors.com
vdbaa.com
veepteero.com
windowsl.ink
www.btcmine.cc
www.google.com
www.topcreativeformat.com
www.toprevenuegate.com
ylx-aff.advertica-cdn.com
ylx-i.advertica-cdn2.com
zmonei.com
139.45.195.8
139.45.197.242
139.45.197.245
162.0.208.108
172.64.174.16
173.233.137.36
173.233.137.52
185.66.200.127
185.66.200.220
185.66.201.42
185.66.201.43
213.239.209.209
217.20.112.104
2606:4700:3035::ac43:98ab
2606:4700::6810:5614
2606:4700::6811:180e
2606:50c0:8003::153
2a00:1450:4001:806::2013
2a00:1450:4001:809::2002
2a00:1450:4001:811::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a02:b4a:1:7::9273:1
2a02:b4a:1:7::9274:1
2a04:4e42:200::649
2a06:98c1:3120::3
37.48.68.71
52.33.207.7
00ed692ccf6513d650f77f5ea82a4ae89cb09976eaf59b83076eda57495a2344
022675e3351c0082ac4218a44d700bc84599bd1ba804573eb6a814a51ec92bf2
05ce961492505b0da51a8d7365e4c8a07fc1645073df8af0f7dcd6ef1aac5048
07570bc11489647769a7906c9db97be13e5ac00f3e2780377733efd28d5d0d74
09cb3e10d4e06525c4304dba4d17dd07779cbad1ee50b7f31a823c0b633a84d0
0a9ed0c78128fe8c6100bcfeaeffb4b249a01783aa5cc4c15adecb89df70b4de
0cfe66f7157cd18ce7f1af3a781df9adf6297d0da727f3f041daf624a3d338a5
0d3bbb6ea4498ede1fe93623a6f54a396aa87312c425cec0a61dc607a3527b00
0da1fbc028b7367ecbc92d3db07cd45618fa366c0e038a1f0ef65176dd6b2ddb
0f6f0ef31eedb74e084f9f69e1d114ed8bb286466399dcfa9b9996f84369d5be
0fb4d97938ded77785357087e6cdd7393f055de4822641388c9945feb6b6471a
13f7624d170130a3938c0efefd0b5c25f57ad238dd81207411faff372ce8ca43
1cbb9f67bd72d6a2c4aca6a9bc22fad7a06dba749d58302906b265c8db43aaec
1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e
25a604f84ee36fc3ca14abbc9fd2d0f7fd77d25304be93e7d8ab853fad2b8d8f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a7ee37badbb840c4362a292f66b41eafaf3bf5a8dc0e309c1078bfd440a0198
2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857
2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479
3c062091c513bc5c1bcbb151c970c90730770883282a83aec6249659125a847f
3e29cd6ab71d60c3d5b233105cbc60c53c3e47e2f43ca64df7252eb64be6de2f
3ede3834b5ab7b96eb553d15389b0a2d6dca3f2c2f8b6c7a80c313f0c125a949
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45f2c64e6afe0b8c16448e99a177d13e723c6a83cddcc91a25ebad70cae5225d
46d80c91b72151f05e18b308721f95961d58ec46d2354aadbc9474542dc46ffe
4798e081f26927876c5f6201fc0179d550fefd44b68a3545a2bac369b83880f2
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab
4ce8dd5b91b6443789fc3bb99f235a9f057d98814b746d4b08e43a38cde61772
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50566186d7454f1f0701271fff6b21b5bdf8b87387b154d3a51de95fff346133
516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb
51f1fa995899a85ccb730dd6df66499dae26244f82047435ec67e61c6a90d521
551546f184fb2b9d24a7bcc7b33dacc79a404b84c051b196901f5060ffab02a3
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
585c477d4935dee959265784089058ab7662e828b074c76f7e656d10fad9d53d
5b6b7d8b6ebdad378608005a3520fccf7b7a489150c8af20afe4111a4dd7d2f3
612c8e41a2308be3e7ce2f09dcad505d095c626bebd600934f9f75573700f9f6
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6d4b994118ed701aa65deb4c28f6abd2d0fb884628a84e1f5d617775ab056e47
6ead440dcda6839e4023f71b5552c1ba953d1303391c3e2f6cfd60a4e3ada420
73bb863239e7deafca0188b7a37efed56fec31a9f71d33cf253793c1e2738a34
74cc3e0e194d6ecdb93d321f8a6fbc879fc2cb384c1f1eb9b3788e38ec324a36
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
782f5a55b47b6f7b464b505af91be76aa51fc76225d94785b9a9a9ad8f54cf33
7891fbf37a500b1046882594d0664b0378a36a982864dacdb98bec85d3b9049d
79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
7a9b431c50b62c2c2ed4ab03d02680ac7bd7d3c45c3aac89314ec6c2b3681065
7ab8fa67c69777c296ac405f4b6d22f333f4227bf3b690e60cfa69fd271e6d05
7c9459dabe310bd16408db0b631ce3fa7d5d593fa35d1720123a641c00b3595f
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7f3c2228c96253957b887ecf5e5300d625f04068d11dd31442d98052b3fb23cb
7f5da0c12eb4e479014b4c03569bc573f380ab5538f0c76862d3d4316d3e5702
849d81916df48cbb340fe5cfe339dc95fd1b8b8f4d93a616c9cabd7889ced09a
85898a29a5c659249ac5e3d647320ffae42cdf9074ca3d0f3c9f9c51bf00016b
8603f7d5c60366bcfbc2c2c49ca596cdd2110689b282e961c6dd46116b8e1dc0
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
933ce512f4560036fe87ac3269e8026cd3fb9972656ab67d0aa3d1d658f660c6
94b103190c505e7ce35a8f196437db358e5d45c0071c0f65231c0e6211316826
957d2102e3f3fe93f009112b67a0e5ca47bfdfd090d0a03d5b6e14a308281514
999138dcc8c9b4677633e476e6efd7e639a1f70708bc1a88de9cc4f2f0ae06c5
9c4964adac0e09cf0af35a2c9599e7d46af59dac499fd45643e38773818a7e97
a906a456989df7202a54606e33079557cc9cf65a61941150073b337ff6f3b035
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24c7b4cf1071852c9c17938be9ca02f4e52d0be9f18839aa8e9a6f11183e195
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bd96d5c39339816200495888d3280593e7a1e5a5fcc613ddd7d4acf466e60882
c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76
c9abc972f257ab711f3539c975101c04ab1b0c7367161d5d2aa84d6eaf42e056
cb9070f23461b254f15e0ed5b52d6617a4e1d22be1a82688baf4b63b1dc32eb3
cdf9ef4750796120b899c986c026d6de1bf31aaa8d0cadf76d9f4a3dbf9cc73f
cf3cd646de49d4aacfba5a6e4ecee83119e3c8a5c4f2837e4f36f8c4a472ce0a
d28ccddd41d8bb75be732ae71e81dacbb4b9246c2f25b2aaf8e2d775c2738e9a
d48095e793c8f144238bc970f838193db203904b547974b4c285b7af86f3becc
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
dc70a8088325934986aebc34b659a7348f7786211fab0cdd8364bce997cf3fcd
de0bd970192136fa77fe6392694a0a2a9c58d4d5c6b130c12e3f9bcac5687247
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
e2d12461c55d29e557abf995cd225c77fd294a1651bd2e4f5f6ff8595cd8a3d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8c209cb36df0ec275c3e0a5181494b023893e96fd25c668646fde8cf10003
e9ee26f9baea9447a9c51fcbf7f2be0273db323208e8e6c5df8f5a27d50e63bf
eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046
ed0f5dc000b5d2c192600f1c103e1b30619ca0b557b4c6fb3ca8b46542d0a35d
f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b
f145ffeab4b52107b370a2c802a9d26c1a8ab27ae4bdceac5eb173bb13824ac5
f1c4b717064c8e32130d1da73fb7441637fcf05cadcc10e87aa25bab07c9c7bf
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
f2e4dd19e2f957965cd8c2f17dd63dac40b42cf6887f632abb60d23fa48b085b
f442024b24f7febc8f5e6325adf89be99974c3e6d3415ef9211be9091e93f9e0
f6537dcc8cf9e464f1bccf96d21785c73ecc4ee2a9551e4ebeb0ab1135d14207
f7d78cc146c25ba89f0e058016d964c6368b62e300f7aef0cdf26982d158542f
fab2d13f5093bc24ad63c594ec52a29696a03596728e7f7e853e397310ecccd3
fe0cbfc7414bd2e47982e4fc481a0fdb446451d8d2b06d75fe2eaf9991b95aef

www.btcmine.cc Open in urlscan Pro 2a00:1450:4001:806::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

48 %IPv6

34 Domains

39 Subdomains

29 IPs

5 Countries

2122 kBTransfer

3118 kBSize

24 Cookies

28 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.btcmine.cc Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

48 %
IPv6

34
Domains

39
Subdomains

29
IPs

5
Countries

2122 kB
Transfer

3118 kB
Size

24
Cookies

126 HTTP transactions
11 data transactions