www.gbpclk.com Open in urlscan Pro
31.204.152.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqljrk&p6=8AFD0EC9-2A52-...
Effective URL:
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Submission: On June 20 via manual (June 20th 2018, 9:08:34 pm UTC) from US

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 17 domains to perform 62 HTTP transactions. The main IP is 31.204.152.169, located in Boesingheliede, Netherlands and belongs to I3DNET, NL. The main domain is www.gbpclk.com.

This is the only time www.gbpclk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2400:cb00:204... 2400:cb00:2048:1::6818:7618	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	94.24.114.10 94.24.114.10	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1 1	94.24.114.8 94.24.114.8	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1 1	34.197.12.237 34.197.12.237	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.1.167.69 52.1.167.69	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	54.84.22.112 54.84.22.112	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	2400:cb00:204... 2400:cb00:2048:1::6818:7d1f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
44	31.204.152.169 31.204.152.169	49544 (I3DNET) (I3DNET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	139.162.206.25 139.162.206.25	63949 (LINODE-AP...) (LINODE-AP Linode)
1	45.60.80.8 45.60.80.8	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
62	12

1 2400:cb00:2048:1::6818:7618 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

srv6.feedallapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.24.114.10 (Spain) 1 redirects

ASN15699 (AS_ADAM Adam Datacenter, ES)

xjh37.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.24.114.8 (Spain) 1 redirects

ASN15699 (AS_ADAM Adam Datacenter, ES)

smart.xjh37.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.12.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-12-237.compute-1.amazonaws.com

sjs.perfonspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.167.69 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-167-69.compute-1.amazonaws.com

sax.peakonspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.22.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-22-112.compute-1.amazonaws.com

goto.peak-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6818:7d1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

popmyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 31.204.152.169 (Boesingheliede, Netherlands)

ASN49544 (I3DNET, NL)
PTR: ns1.colo-host.com

www.gbpclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.206.25 (London, United Kingdom) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1369-25.members.linode.com

partner.becomeaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.80.8 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)

www.arescasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	gbpclk.com www.gbpclk.com	2 MB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	facebook.com staticxx.facebook.com
2	youtube.com www.youtube.com	925 B
2	gstatic.com fonts.gstatic.com	46 KB
2	google-analytics.com www.google-analytics.com	14 KB
2	popmyads.com 1 redirects popmyads.com	3 KB
2	xjh37.com 2 redirects xjh37.com smart.xjh37.com	1016 B
1	facebook.net connect.facebook.net	61 KB
1	ytimg.com s.ytimg.com	8 KB
1	arescasino.com www.arescasino.com
1	becomeaffiliates.com 1 redirects partner.becomeaffiliates.com	592 B
1	peak-serving.com 1 redirects goto.peak-serving.com	777 B
1	peakonspot.com sax.peakonspot.com	7 KB
1	perfonspot.com 1 redirects sjs.perfonspot.com	463 B
1	feedallapps.com srv6.feedallapps.com	2 KB
0	amung.us Failed whos.amung.us Failed
62	17

	Domain	Requested by
44	www.gbpclk.com	popmyads.com www.gbpclk.com
2	staticxx.facebook.com	connect.facebook.net
2	www.youtube.com	www.gbpclk.com s.ytimg.com
2	fonts.gstatic.com	www.gbpclk.com
2	fonts.googleapis.com	www.gbpclk.com
2	www.google-analytics.com	popmyads.com
2	popmyads.com	1 redirects sax.peakonspot.com
1	connect.facebook.net
1	s.ytimg.com	www.youtube.com
1	www.arescasino.com	www.gbpclk.com
1	partner.becomeaffiliates.com	1 redirects
1	ajax.googleapis.com	www.gbpclk.com
1	goto.peak-serving.com	1 redirects
1	sax.peakonspot.com	srv6.feedallapps.com
1	sjs.perfonspot.com	1 redirects
1	smart.xjh37.com	1 redirects
1	xjh37.com	1 redirects
1	srv6.feedallapps.com
0	whos.amung.us Failed	popmyads.com
62	19

This site contains no links.

Subject Issuer	Validity	Valid
sni101728.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-06-20` - `2018-12-27`	6 months	crt.sh
*.arescasino.com AlphaSSL CA - SHA256 - G2	`2017-07-30` - `2020-07-30`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2018-06-07` - `2018-08-16`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Frame ID: 23C115EA7320613017156E29E8102E01
Requests: 59 HTTP requests in this frame

Frame: https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0
Frame ID: 807E59FFC58DC005AAF9C7874DCD843C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?controls=0&disablekb=0&loop=0&autoplay=0&wmode=opaque&showinfo=0&rel=0&modestbranding=1&iv_load_policy=3&cc_load_policy=0&fs=0&html5=0&enablejsapi=1&origin=http%3A%2F%2Fwww.gbpclk.com&widgetid=1
Frame ID: 046E90FEAF30032AA09B737389117E7B
Requests: 1 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/qMnGlIs-JNW.js?version=42
Frame ID: CBA13C2E161C3E6F68DF4D37AD33C045
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/qMnGlIs-JNW.js?version=42
Frame ID: CDEB22AD10BF7C683299384F2FC0CB27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqlj... Page URL
https://xjh37.com/deliver_cpa.php?id_offer_cpa=87020f48e06ba3865d8686a5d50fd0ac&wid=3KNW5yEtGz... HTTP 302
http://smart.xjh37.com/visit.php?t=589b414a60e529cc0e8b4fa6&keyword=P6P16R5295289025710773372&affil... HTTP 302
http://sjs.perfonspot.com/pops/dlink.php?pid=3495&format=POPUP&subid=3KNW5yEtGzzT5tIOFD_3640&cid=sm01-... HTTP 302
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294... Page URL
http://goto.peak-serving.com/?&id=15295289038330264559481294&tid=3495&sr=ep&filter=1&ftype=js&trs=1529528... HTTP 302
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t Page URL
https://popmyads.com/go HTTP 302
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

62
Requests

6 %
HTTPS

50 %
IPv6

17
Domains

19
Subdomains

12
IPs

5
Countries

2448 kB
Transfer

3162 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqljrk&p6=8AFD0EC9-2A52-4ABB-8C4F-4DB733A311A5 Page URL
https://xjh37.com/deliver_cpa.php?id_offer_cpa=87020f48e06ba3865d8686a5d50fd0ac&wid=3KNW5yEtGzzT5tIOFD&keyword=P6P16R5295289025710773372&affiliateid=3640&deviceId HTTP 302
http://smart.xjh37.com/visit.php?t=589b414a60e529cc0e8b4fa6&keyword=P6P16R5295289025710773372&affiliateid=3640&wid=3KNW5yEtGzzT5tIOFD HTTP 302
http://sjs.perfonspot.com/pops/dlink.php?pid=3495&format=POPUP&subid=3KNW5yEtGzzT5tIOFD_3640&cid=sm01-5b2ac24628bed257078b58cb HTTP 302
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495 Page URL
http://goto.peak-serving.com/?&id=15295289038330264559481294&tid=3495&sr=ep&filter=1&ftype=js&trs=15295289033123005&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t Page URL
https://popmyads.com/go HTTP 302
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://xjh37.com/deliver_cpa.php?id_offer_cpa=87020f48e06ba3865d8686a5d50fd0ac&wid=3KNW5yEtGzzT5tIOFD&keyword=P6P16R5295289025710773372&affiliateid=3640&deviceId HTTP 302
http://smart.xjh37.com/visit.php?t=589b414a60e529cc0e8b4fa6&keyword=P6P16R5295289025710773372&affiliateid=3640&wid=3KNW5yEtGzzT5tIOFD HTTP 302
http://sjs.perfonspot.com/pops/dlink.php?pid=3495&format=POPUP&subid=3KNW5yEtGzzT5tIOFD_3640&cid=sm01-5b2ac24628bed257078b58cb HTTP 302
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495

Request Chain 2

http://goto.peak-serving.com/?&id=15295289038330264559481294&tid=3495&sr=ep&filter=1&ftype=js&trs=15295289033123005&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t

Request Chain 20

https://partner.becomeaffiliates.com/scripts/gx76ewfyecx?a_aid=57988cf2d2278&a_bid=79a6a05f&chan=ARDE-pc38-42654-nmlnd HTTP 301
https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0

Request Chain 44

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
srv6.feedallapps.com/srv/click/ 263 B
2 KB 349ms
343ms Document
text/html 2400:cb00:2048:1::6818:7618
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqljrk&p6=8AFD0EC9-2A52-4ABB-8C4F-4DB733A311A5
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6818:7618 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.10-1ubuntu3.25
Resource Hash: 43bbc0a292b340594371aa0bb857bafbfae41938d83f092bb10b5fb8b3984967

Request headers

Host: srv6.feedallapps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8b4e169b45d120ca53991953ca10c5341529528902; expires=Thu, 20-Jun-19 21:08:22 GMT; path=/; domain=.feedallapps.com; HttpOnly a=0; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com cid=0; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com ver=0; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com etfp=0; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com etap=0; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com product_id=67619880; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com publisher_id=3640; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com placement_id=40512749; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com advertiser_id=3040; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.feedallapps.com pid=40512749; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com nid=0; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com keyword=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.feedallapps.com ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.feedallapps.com exit_datetime=2018-06-20+21%3A08%3A22; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com click_id=P6P16R5295289025710773372; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/ click_id=P6P16R5295289025710773372; expires=Mon, 17-Dec-2018 21:08:22 GMT; path=/; domain=.feedallapps.com uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.feedallapps.com
X-Powered-By: PHP/5.3.10-1ubuntu3.25
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Server: cloudflare
CF-RAY: 42e135d742f8639d-FRA
Content-Encoding: gzip

GET
H/1.1

200
OK

filter.php Show response
sax.peakonspot.com/pops/
Redirect Chain

https://xjh37.com/deliver_cpa.php?id_offer_cpa=87020f48e06ba3865d8686a5d50fd0ac&wid=3KNW5yEtGzzT5tIOFD&keyword=P6P16R5295289025710773372&affiliateid=3640&deviceId
http://smart.xjh37.com/visit.php?t=589b414a60e529cc0e8b4fa6&keyword=P6P16R5295289025710773372&affiliateid=3640&wid=3KNW5yEtGzzT5tIOFD
http://sjs.perfonspot.com/pops/dlink.php?pid=3495&format=POPUP&subid=3KNW5yEtGzzT5tIOFD_3640&cid=sm01-5b2ac24628bed257078b58cb
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495

7 KB
7 KB

206ms
109ms

Document
text/html

52.1.167.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495
Requested by: Host: srv6.feedallapps.com
URL: http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqljrk&p6=8AFD0EC9-2A52-4ABB-8C4F-4DB733A311A5
Protocol: HTTP/1.1
Server: 52.1.167.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-167-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fd71de3e240892e4c24fd9bc6015bf5bcf08f7fd700f07ed993d19306663855e

Request headers

Host: sax.peakonspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqljrk&p6=8AFD0EC9-2A52-4ABB-8C4F-4DB733A311A5
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01
Referer: http://srv6.feedallapps.com/srv/click/?pid=40512749&p1=4fff0b40-67e0-37f1-864d-16ecf0a0cade&p2=pGEjqdqljrk&p6=8AFD0EC9-2A52-4ABB-8C4F-4DB733A311A5

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Jun 2018 21:08:23 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Server: nginx
Content-Length: 6833
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Jun 2018 21:08:23 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495
Server: nginx
Set-Cookie: uuid=15295289033306818348355591; expires=Fri, 20-Jul-2018 21:08:23 GMT; Max-Age=2592000
Content-Length: 0
Connection: keep-alive

GET
H2

200

aHR0cDovL3BlYWthZHguY29t Show response
popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/
Redirect Chain

http://goto.peak-serving.com/?&id=15295289038330264559481294&tid=3495&sr=ep&filter=1&ftype=js&trs=15295289033123005&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t

6 KB
3 KB

65ms
37ms

Document
text/html

2400:cb00:2048:1::6818:7d1f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
Requested by: Host: sax.peakonspot.com
URL: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:7d1f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.1.18
Resource Hash: 4ea17c154e728e1d7a844e6383017c380be0ef873a93391e3f1874c3196fe419

Request headers

:method: GET
:authority: popmyads.com
:scheme: https
:path: /serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01
Referer: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15295289038330264559481294&tid=3495

Response headers

status: 200
date: Wed, 20 Jun 2018 21:08:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d261ac11775ff76d047a4b03eef36d2511529528904; expires=Thu, 20-Jun-19 21:08:24 GMT; path=/; domain=.popmyads.com; HttpOnly
x-powered-by: PHP/7.1.18
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42e135e58f3a9750-FRA
content-encoding: gzip

Redirect headers

Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Jun 2018 21:08:24 GMT
Location: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
Server: nginx
Set-Cookie: ctxfeed_media-serving=%7B%22ctxpop_uuid%22%3A%2295167204304598281529528904%22%7D; expires=Wed, 31-Dec-2098 23:00:00 GMT; Max-Age=2541376296 ep_2566870080df9561ce1e102d802b152e=20180620%7C1637%7CEI1855b2ac24875c8767453990%7C; expires=Fri, 20-Jul-2018 21:08:24 GMT; Max-Age=2592000; path=/; domain=.peak-serving.com eprt_067a9243f06e23b09a948e996055c2e8=20180620%7C1637%7CEI1855b2ac24875c8767453990%7C; expires=Fri, 20-Jul-2018 21:08:24 GMT; Max-Age=2592000; path=/; domain=.peak-serving.com
Content-Length: 0
Connection: keep-alive

GET popmyads.png
whos.amung.us/swidget/ 0
0

GET
S 200 analytics.js
www.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: popmyads.com
URL: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t

Protocol

SPDY

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 737
date: Wed, 20 Jun 2018 20:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Wed, 20 Jun 2018 22:56:07 GMT

GET
H/1.1

200
OK

Primary Request nmindex.php Show response
www.gbpclk.com/ares/de/
Redirect Chain

https://popmyads.com/go
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

7 KB
3 KB

45ms
32ms

Document
text/html

31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Requested by: Host: popmyads.com
URL: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin / PHP/5.6.30
Resource Hash: b28ebb597e05c0b1fa2486a781d23455ee35a2ac3a64256d6d17176857bb1c95

Request headers

Host: www.gbpclk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Origin: https://popmyads.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01

Response headers

Server: nginx admin
Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Content-Encoding: gzip

Redirect headers

status: 302
date: Wed, 20 Jun 2018 21:08:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.18
set-cookie: CheckMe=5; expires=Wed, 20-Jun-2018 21:08:29 GMT; Max-Age=5; path=/
location: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42e135e5ef7c9750-FRA

GET
S 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=462818643&t=pageview&_s=1&dl=https%3A%2F%2Fpopmyads.com%2Fserve%2F48382%2F42654%2Fszqpmqqoapdpgpq%2FaHR0cDovL3BlYWthZHguY29t&dr=http%3A%2F%2Fsax.peakonspot.com%2Fpops%2Ffilter.php%3Frd%3Dgoto.peak-serving.com%26sr%3Dep%26id%3D15295289038330264559481294%26tid%3D3495&ul=en-us&de=UTF-8&dt=PopMyAds%20Redirecting...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=2068826778&gjid=215214492&cid=349947241.1529528905&tid=UA-43135408-1&_gid=23764808.1529528905&_r=1&z=822178029

Protocol

SPDY

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jun 2018 21:08:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 css
fonts.googleapis.com/ 1003 B
365 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Protocol

SPDY

Server

2a00:1450:4001:812::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b8f59e008e78b58c23277c9356538b5bd845ab4a25f1105608f9c1c746565dd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 20 Jun 2018 21:08:24 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 20 Jun 2018 21:08:24 GMT

GET
S 200 css
fonts.googleapis.com/ 2 KB
424 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:400,500,600,700,800,900

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Protocol

SPDY

Server

2a00:1450:4001:812::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

401b7f6ac0fae44b7d2b86a1fb9dc0b5d926d0a578b8c09f8c2aaa36805e20a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 20 Jun 2018 21:08:24 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 20 Jun 2018 21:08:24 GMT

GET
H/1.1 200
OK bootstrap3.min.css
www.gbpclk.com/ares/de/css/ 132 KB
20 KB 21ms
19ms Stylesheet
text/css 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/css/bootstrap3.min.css
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d2eb4c367ddf99ef45b361de9ade34025c88be6867369a3a5be39d2285386b72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:17 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK style3.css
www.gbpclk.com/ares/de/css/ 5 KB
2 KB 28ms
13ms Stylesheet
text/css 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/css/style3.css
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ba0b00ad38afe09753d055031ad728bb49d611a1bf752b21c3fe0fc2c4b1bbe7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:16 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK font-awesome3.min.css
www.gbpclk.com/ares/de/css/ 26 KB
6 KB 29ms
14ms Stylesheet
text/css 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/css/font-awesome3.min.css
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:16 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK stop.png
www.gbpclk.com/ares/de/images/ 16 KB
16 KB 26ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/stop.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:14:41 GMT
Server: nginx admin
ETag: "5a609dc1-3fd5"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16341
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK FWDEVPlayer.js Show response
www.gbpclk.com/ares/de/java/ 304 KB
72 KB 22ms
21ms Script
application/javascript 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: c1c0f4d119b75affcbb60f2cc8eb84d36db7b461944fce6f7073a8419f2942a9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 12:41:21 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK merkur_logo.png
www.gbpclk.com/ares/de/images/ 24 KB
24 KB 26ms
12ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/merkur_logo.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: bbee9276b0f4a985baa34e7180910d2b932c7b93a8e6b56d79baed0a704e16fa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:22 GMT
Server: nginx admin
ETag: "5a609aa2-5f10"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24336
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK novo_line.png
www.gbpclk.com/ares/de/images/ 38 KB
38 KB 42ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/novo_line.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 427995aa63f3543dc6ff3bb09d9e6557e1c00ea82390d4d7fe1deb3cf62ceefa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:44 GMT
Server: nginx admin
ETag: "5a609ab8-9646"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38470
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK button-3.gif
www.gbpclk.com/ares/de/images/ 37 KB
37 KB 13ms
12ms Image
image/gif 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/button-3.gif
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 5aad00c856ea2600445c720a44894b4542462df2c63e3e29615384675b89954e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:09 GMT
Server: nginx admin
ETag: "5a609a95-92f4"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37620
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK jquery3.min.js Show response
www.gbpclk.com/ares/de/js/ 94 KB
33 KB 21ms
20ms Script
application/javascript 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:03:00 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK bootstrap3.min.js Show response
www.gbpclk.com/ares/de/js/ 36 KB
10 KB 28ms
27ms Script
application/javascript 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/js/bootstrap3.min.js
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:59 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 21:23:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 431083
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29478
X-XSS-Protection: 1; mode=block
Expires: Sat, 15 Jun 2019 21:23:41 GMT

GET
H/1.1 200
OK bg-polygon.jpg
www.gbpclk.com/ares/de/images/ 34 KB
34 KB 18ms
12ms Image
image/jpeg 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/bg-polygon.jpg
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: b3f1c1b8e4ec35738e99866bae325103a652d65cae971aa15f79fc6a91e0cdae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/css/style3.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/css/style3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:08 GMT
Server: nginx admin
ETag: "5a609a94-8811"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34833
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H2

200

book_of_ra_deluxe
www.arescasino.com/de/lp1/ Frame 807E
Redirect Chain

https://partner.becomeaffiliates.com/scripts/gx76ewfyecx?a_aid=57988cf2d2278&a_bid=79a6a05f&chan=ARDE-pc38-42654-nmlnd
https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0

0
0

102ms
77ms

Document
text/html

45.60.80.8
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.80.8 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: nginx/1.12.2 / PHP/5.6.33
Resource Hash

Request headers

:method: GET
:authority: www.arescasino.com
:scheme: https
:path: /de/lp1/book_of_ra_deluxe?autofocus=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

status: 200
server: nginx/1.12.2
date: Wed, 20 Jun 2018 21:08:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.33
set-cookie: PHPSESSID=rdrcoehrcukvntm206jkt40mn7; path=/ source=http%3A%2F%2Fwww.gbpclk.com%2Fares%2Fde%2Fnmindex.php%3Fsite%3Dpc38-42654-nmlnd; expires=Sat, 21-Jul-2018 21:08:25 GMT; Max-Age=2678400; path=/; domain=www.arescasino.com first_page=%2Fde%2Flp1%2Fbook_of_ra_deluxe%3Fautofocus%3D0; expires=Sat, 21-Jul-2018 21:08:25 GMT; Max-Age=2678400; path=/; domain=www.arescasino.com site_visitor_id=1529528905_148.251.45.254; expires=Wed, 17-Apr-3135 03:22:00 GMT; Max-Age=35243446415; path=/; domain=www.arescasino.com visid_incap_1680467=07CR3duPS1KlbhagRW8rgEjCKlsAAAAAQUIPAAAAAAD02GI5f+guWpy3cgMh8NJX; expires=Thu, 20 Jun 2019 07:09:37 GMT; path=/; Domain=.arescasino.com incap_ses_184_1680467=bj7aOcogRH8vRJ01C7SNAkjCKlsAAAAALXjY2ijolhXZNxqtx5J8jw==; path=/; Domain=.arescasino.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-iinfo: 5-19656739-19656740 NNNN CT(7 18 0) RT(1529528904246 0) q(0 0 0 3) r(1 1) U2
x-cdn: Incapsula
content-encoding: gzip

Redirect headers

status: 301
server: nginx
date: Wed, 20 Jun 2018 21:08:24 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0
x-srv: 1
x-varnish: 653987995
age: 0
vary: Accept-Encoding
via: 1.1 varnish (2.lb-app.pap.linode-uk)
set-cookie: PAPVisitorId=yAtCr6QPDp6UaBZpfnAnZychhftTr4ax;Max-Age=31556926;Path=/;Domain=.postaffiliatepro.com; PAPVisitorId=yAtCr6QPDp6UaBZpfnAnZychhftTr4ax;Max-Age=31556926;Path=/;Domain=.becomeaffiliates.com; PAPAffiliateId=57988cf2d2278;Max-Age=300;Path=/;Domain=.postaffiliatepro.com; PAPAffiliateId=57988cf2d2278;Max-Age=300;Path=/;Domain=.becomeaffiliates.com;
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

GET
H/1.1 200
OK bg_still.jpg
www.gbpclk.com/ares/de/images/ 260 KB
261 KB 13ms
13ms Image
image/jpeg 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/bg_still.jpg
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d50486ab83f9db2f93baf88ed7a8859d39a5a626d38482d493d24b23ca7cd953

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/css/style3.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/css/style3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:08 GMT
Server: nginx admin
ETag: "5a609a94-4112a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 266538
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
H/1.1 200
OK move_new.gif
www.gbpclk.com/ares/de/images/ 2 MB
2 MB 13ms
13ms Image
image/gif 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/move_new.gif
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 89511215043b5ffc4d3f473b794bef19611ef89700369f6215ae13049fc70390

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/css/style3.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/css/style3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:21 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:43 GMT
Server: nginx admin
ETag: "5a609ab7-19ec8a"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1698954
Expires: Fri, 20 Jul 2018 21:08:21 GMT

GET
S 200 BngMUXZYTXPIvIBgJJSb6ufN5qA.ttf
fonts.gstatic.com/s/robotoslab/v7/ 35 KB
22 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufN5qA.ttf

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js

Protocol

SPDY

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0747d3bb1a47671210add22ff8f49d6130bf39ad8559153b6beee2166fdbb67b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700
Origin: http://www.gbpclk.com

Response headers

date: Fri, 15 Jun 2018 20:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433478
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 22243
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 18:31:32 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2019 20:43:46 GMT

GET
S 200 jizAREVItHgc8qDIbSTKq4XkRi2c_CI0q14.ttf
fonts.gstatic.com/s/librefranklin/v2/ 45 KB
25 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v2/jizAREVItHgc8qDIbSTKq4XkRi2c_CI0q14.ttf

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js

Protocol

SPDY

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9eb04a9d690af9b4bb3390415e04cdcc59bd6bd7bdff3cc7f2c7fa11c07515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin:400,500,600,700,800,900
Origin: http://www.gbpclk.com

Response headers

date: Fri, 15 Jun 2018 19:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438791
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25042
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2017 23:09:48 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2019 19:15:13 GMT

GET
S 200 iframe_api Show response
www.youtube.com/ 859 B
925 B 19ms
19ms Script
application/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js

Protocol

SPDY

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

261ddf46769ba9d3f5606846f01b0cde578f5af5dfb398f248b56aece72a14de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 20 Jun 2018 21:08:25 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 859
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
S 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflnjBBxk/ 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflnjBBxk/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

SPDY

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 18 Jun 2018 10:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210088
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 7696
x-xss-protection: 1; mode=block
last-modified: Sat, 16 Jun 2018 22:34:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 26 Jun 2018 10:46:57 GMT

GET
H/1.1 200
OK preloader.jpg
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 29 KB
29 KB 13ms
13ms Image
image/jpeg 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/preloader.jpg
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: dda5b2f8971eaff5deb0072616a34a24cc97885746bb7606cb600d19658c205c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:00 GMT
Server: nginx admin
ETag: "5a609528-74bc"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29884
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK play.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 202 B
510 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/play.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 67ca63c8be159aa4ecc820de5748ceba05b97a2e01a328717c908fe9b4993d2a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:59 GMT
Server: nginx admin
ETag: "5a609527-ca"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK pause.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 145 B
453 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/pause.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 47667528f123620b151bf5cf53712b0233ee2a5ed43c204111a277bc5764ad08

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:58 GMT
Server: nginx admin
ETag: "5a609526-91"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK scrubber-left-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 122 B
430 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-left-background.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 1637ee7cfc859dd9d196ad52bc69a35b1c2be7d20cbfdd39d848517f4f59207b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:01 GMT
Server: nginx admin
ETag: "5a609529-7a"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK scrubber-right-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 936 B
1 KB 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-right-background.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 609777e632957b09ecab444b27cb9c0147bb2a595c590052f67b0efa3b879b42

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:02 GMT
Server: nginx admin
ETag: "5a60952a-3a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 936
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK scrubber-left-drag.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 1007 B
1 KB 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-left-drag.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 63d47dc974124968407c17c5927d26cab7f8e9132142f2704c560ab8b96684b1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:01 GMT
Server: nginx admin
ETag: "5a609529-3ef"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1007
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK scrubber-line.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 936 B
1 KB 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-line.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d36b2377e4cd1f6025d4de48a6f10b36014b5eb21b1e89f3f2d9cbb431f1f9f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:01 GMT
Server: nginx admin
ETag: "5a609529-3a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 936
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK volume.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 194 B
502 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/volume.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 73e7773f3bcafd36c27ca0aefdc0fbf3d27b96145ed2b6402fe05830435b7ce3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:05 GMT
Server: nginx admin
ETag: "5a60952d-c2"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 194
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK progress-left.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 1004 B
1 KB 14ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/progress-left.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: bdee751f011820245126e1da6118410a9ff58682f29f4048046e0d3b1f72731d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:00 GMT
Server: nginx admin
ETag: "5a609528-3ec"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK large-play.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 697 B
1006 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/large-play.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: a70b5c6c2372e2b888d111c2467fc367513f497609dd3b532eb566bee4fc1678

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:57 GMT
Server: nginx admin
ETag: "5a609525-2b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 697
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK full-screen.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 179 B
487 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/full-screen.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 1f84d5c3e16996d4fa6473ac8da6f7e1594bbae927fcc10c75065959e75b55d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:56 GMT
Server: nginx admin
ETag: "5a609524-b3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK youtube-quality.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/youtube-quality.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 4ee3eb917a307cdaf3cb6dfd6b15a4812777f7da931daa7c2118b5a5c1799b8e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:06 GMT
Server: nginx admin
ETag: "5a60952e-c35"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3125
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK facebook.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 169 B
477 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/facebook.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 76e7ffec23fcf4eef52aaab700d367bb84706a607456cffb136e81122bdcc69f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:55 GMT
Server: nginx admin
ETag: "5a609523-a9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 169
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK normal-screen.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 173 B
481 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/normal-screen.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 26ee431afc690ecec9120b549617ad9db64c0d9a923c76cc96098b24bf3034e6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:58 GMT
Server: nginx admin
ETag: "5a609526-ad"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 173
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK embed.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 312 B
621 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/embed.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ebe56e9f75247ac63384a1937db19a49dabc8f8688be005f19c1530fab1617fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:54 GMT
Server: nginx admin
ETag: "5a609522-138"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK embed-close-button.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/embed-close-button.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: a46a790dae4cb94f2da50e2a92f0c3f762a065fbe939bf84c6cac7f00bc7f581

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:53 GMT
Server: nginx admin
ETag: "5a609521-b5b"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2907
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK skip-icon.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 993 B
1 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/skip-icon.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: b00a9e0a5f6664333f022895ac9a658eae5a3c5d49595579704b4a36827b6fc0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:04 GMT
Server: nginx admin
ETag: "5a60952c-3e1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 993
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
S

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

205 KB
61 KB

7ms
7ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1534675e942fa96787fb5893c1c9250608ac1f4918e527f3f4630922c94d1c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 20 Jun 2018 21:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: D8MWGV3pa8dFSUvnY0lOgw==
status: 200
content-length: 62561
x-xss-protection: 0
x-fb-debug: Kdp5VTwSikGXjIkKmQyPRTHh7V0lWdNqUjWAAw3mDMMVzpyWeAyOu0gzIbTcwk9lyzBWXY/ORDzxgceg66e1gA==
x-fb-content-md5: c6e22809a1935ba8ca0a87ee6b601ee1
x-frame-options: DENY
etag: "af170bed0ae1db91dda3e536e941d5ba"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Jun 2018 21:18:14 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.youtube.com/embed/ Frame 046E 0
0 58ms
58ms Document
text/html 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/?controls=0&disablekb=0&loop=0&autoplay=0&wmode=opaque&showinfo=0&rel=0&modestbranding=1&iv_load_policy=3&cc_load_policy=0&fs=0&html5=0&enablejsapi=1&origin=http%3A%2F%2Fwww.gbpclk.com&widgetid=1

Requested by

Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflnjBBxk/www-widgetapi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/?controls=0&disablekb=0&loop=0&autoplay=0&wmode=opaque&showinfo=0&rel=0&modestbranding=1&iv_load_policy=3&cc_load_policy=0&fs=0&html5=0&enablejsapi=1&origin=http%3A%2F%2Fwww.gbpclk.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

status: 200
content-encoding: gzip
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires: Tue, 27 Apr 1971 19:44:06 EST
cache-control: no-cache
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
date: Wed, 20 Jun 2018 21:08:25 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=Gj38n1zjJcg; path=/; domain=.youtube.com; expires=Mon, 17-Dec-2018 21:08:25 GMT; httponly VISITOR_INFO1_LIVE=Gj38n1zjJcg; path=/; domain=.youtube.com; expires=Mon, 17-Dec-2018 21:08:25 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Tue, 19-Feb-2019 09:01:25 GMT YSC=ZPSGd5UXQas; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Wed, 20-Jun-2018 21:38:25 GMT
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"

GET
H/1.1 200
OK qMnGlIs-JNW.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame CBA1 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://staticxx.facebook.com/connect/xd_arbiter/r/qMnGlIs-JNW.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

HTTP/1.1

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: staticxx.facebook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

Expires: Thu, 20 Jun 2019 18:22:57 GMT
Cache-Control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-XSS-Protection: 0
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: afd3813qD3YXv0tUlRsF8prZ9cz9odmQVTtdKlrztXrs4qLqBLiKC/tqtu5FAdq2ILBr4XcIthGRttbVgm9vag==
Date: Wed, 20 Jun 2018 21:08:25 GMT
Connection: keep-alive
Content-Length: 13645

GET
H2 200 qMnGlIs-JNW.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame CDEB 0
0 6ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/qMnGlIs-JNW.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/qMnGlIs-JNW.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 23C115EA7320613017156E29E8102E01
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

status: 200
expires: Thu, 20 Jun 2019 18:22:57 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-xss-protection: 0
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: afd3813qD3YXv0tUlRsF8prZ9cz9odmQVTtdKlrztXrs4qLqBLiKC/tqtu5FAdq2ILBr4XcIthGRttbVgm9vag==
content-length: 13645
date: Wed, 20 Jun 2018 21:08:25 GMT

GET
H/1.1 200
OK ads-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 938 B
1 KB 13ms
12ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/ads-background.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ec7ac9662e1a8fd8ff8038976850c893ca74dafcd79ee7479a5f39f879011228

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:51 GMT
Server: nginx admin
ETag: "5a60951f-3aa"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 938
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK controller-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/controller-background.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 1478fc52446859ee3633be7b8194715274924668bce8ba640250eb4e7573f4a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:52 GMT
Server: nginx admin
ETag: "5a609520-af3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2803
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK progress-middle.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/progress-middle.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 029ee4f37264d7802c4074b32a70a66eb520f8e5f2080e2a132042cba7cedc0d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:00 GMT
Server: nginx admin
ETag: "5a609528-b02"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2818
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK pause-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 146 B
454 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/pause-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d18c6dce56aa93bbac8f563a4397265311b7352301972bc5dc8b4f53f5ef6769

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:58 GMT
Server: nginx admin
ETag: "5a609526-92"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK play-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 176 B
484 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/play-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 76975a2fb10ed18e966b7ee552871649fe3d3fae977473a6c66e1364a1533cdc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:59 GMT
Server: nginx admin
ETag: "5a609527-b0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK scrubber-middle-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 135 B
443 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-middle-background.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: b1c289697d4a3362100a62ad9cd884b82c9212cae5654e24b627c6f48d14607b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:02 GMT
Server: nginx admin
ETag: "5a60952a-87"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK scrubber-middle-drag.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 137 B
445 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-middle-drag.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 38684cb3db5a7d3b7bcfde3faf80a9d5963ebf6cc181e14f7a312905bff51408

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:02 GMT
Server: nginx admin
ETag: "5a60952a-89"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK volume-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 182 B
490 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/volume-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 51b0692a1d875e904fc05ecec453000e48a99b6f5ddd7c54c0006a19318e6f0c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:04 GMT
Server: nginx admin
ETag: "5a60952c-b6"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK volume-disabled.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 141 B
449 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/volume-disabled.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 0519c3fc62a108e3d45cb5e3780ec4e543b7f18bf2a1161a2f6cfcd5f0313c4a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:04 GMT
Server: nginx admin
ETag: "5a60952c-8d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK normal-screen-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 168 B
476 B 16ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/normal-screen-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ec567c888b921f68e0bec22011a9b233fb1dd012fdf0d6fdbca056d70d20f72e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:57 GMT
Server: nginx admin
ETag: "5a609525-a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK full-screen-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 177 B
485 B 17ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/full-screen-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 6891bc1ac30cfda7878f53d9b87b95247a731a7f2264f23c9da927cf185e8673

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:56 GMT
Server: nginx admin
ETag: "5a609524-b1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK large-play-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 276 B
585 B 16ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/large-play-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ddefeec3f412b8c61c295963baa96250f413fa2ed142e8bff14fbc8aa9faba70

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:56 GMT
Server: nginx admin
ETag: "5a609524-114"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 276
Expires: Fri, 20 Jul 2018 21:08:22 GMT

GET
H/1.1 200
OK skip-icon-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 979 B
1 KB 16ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/skip-icon-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 7e2e64449065456d9ecbabae34efb834cec5b45b308bd263147deca33738d1a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 20 Jun 2018 21:08:22 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:03 GMT
Server: nginx admin
ETag: "5a60952b-3d3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979
Expires: Fri, 20 Jul 2018 21:08:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: whos.amung.us
URL: https://whos.amung.us/swidget/popmyads.png

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.arescasino.com/	1970-01-19 01:37:44	Name: PAPVisitorId Value: yAtCr6QPDp6UaBZpfnAnZychhftTr4ax
www.arescasino.com/	1970-01-18 16:52:08	Name: ___utmvc Value: 2ZS+3kkYROQfv05zFhdrJNsiBzVx41/L4/kspXWIjIVPT3fVK6TRtaKr5ejbZnE9Yxk6xR4s1Hk+RmUfc8GB1y5JQ9Qr1FUI1p3HjV24z0h7Kxkk0guzDTwWY7UZpS/6W7BUduJeWTvLTAp0bkWpeWYgNWgRn+DfP130tFTEGizWZEj+rmbC9gImObYh+jDF+WjEPKYTegexDczOKujWgZVwXQbTkWOnE0m9ge91FpvCMQrU2FWhe53J0hp7VGq4N5GXpwfcpXxpF1fzgQGsFTJg5K/py7na8414fMH78jToquxPuV9aTHAiKBpu6LbGzcaJVu2ep60i/d6/2RxzckXXR05F2lt/46mx30zMUa+aTLTOvUMUHcNz74r9ZMdjAKc4R/7TRcC89uKnFxI5SaeoTFYlrsjjsXkBJLSwNrmxAKVcj3JJCzgYu/DQ8krTbMKFUhynJsIp0QhrNWRPyjSmQGcTJCmkzka+PUge6YvsEcbfOJHUlDJuhOyV9MTV89kccZDlsGUxDrsvLYJogkISYW35cht9fLAFdsYbM4Q9FVgeKyvnWFHjmH2NcsPFsjnEBaktlVaAtDLy3qNcEdfU5fFALJBEIlgDvmx0ldbdYwpTveI5tugDQ/xtbUrVMTb/EqROOPZ3KdcN5+pDy5oq9ZVghgNmVj1eugwR5wegyA/M1VRbIC8AXi+dPrKayuVWfeplir+M8/vSDqa2yA9VXAvgx1ZXZKlO8TKS/qLWs4vciXdZobOgjKK3iE58loYghtdlW5WjnSP7GhymPAo2U6bY/Rm6Vi+ZDom7+qFLcIPFOGvwZpEHi4iSR7lvn6r1SQLYf4Mu5Ske7jd0sN9wPt4MztpcEZEhJU/hEotgcJpbqgf2jZ2hruZKHqQDq+o5aDvlBslYFWdsiYefIW3BPHjmY+Kqm8Khn5hb9pHfQPARvTReHAW+gqD3rwAGkzAdt6R0I0mFEiLp1+VIu0DpTh798rhhz1HBnVctV7OLsplxsbPtYF5VsEBPdrO87ZxdRWtREvmKVWkuql3RWMXPvIGAGBkDt4TA75ewh/e6aRm2njw3OYFRVG1ZsFmsod3nSFIYpQ4MdyUgEkKhYb9jB2FCSGOhiM32W25FBwLHMqjIZVqwxjFWWmnWjbhqwbMV0jf4SOreRfRz94ScqtFpp7f4o3C4kjNs4nOlKXu9IXrIpkN7RZVnnHbPUm/5cyn/3pnRTJ057BzSBFIga+56LGRpZ2VzdD05MDkxMSxzPTY5ODA4NThhNzJhNDlhNmQ5YmE5Njg3MzkzOTY3NDdiYTE4MmE4N2RhMDY2YjE5NzkzODc4MTg4N2M4OTZlNzNhYWExNjc2NDkxYTA2ZTZl
.arescasino.com/	1969-12-31 23:59:59	Name: incap_ses_184_1680467 Value: bj7aOcogRH8vRJ01C7SNAkjCKlsAAAAALXjY2ijolhXZNxqtx5J8jw==
.www.arescasino.com/	1971-03-02 14:42:55	Name: site_visitor_id Value: 1529528905_148.251.45.254
.www.arescasino.com/	1970-01-18 17:36:47	Name: first_page Value: %2Fde%2Flp1%2Fbook_of_ra_deluxe%3Fautofocus%3D0
.www.arescasino.com/	1970-01-18 17:36:47	Name: source Value: http%3A%2F%2Fwww.gbpclk.com%2Fares%2Fde%2Fnmindex.php%3Fsite%3Dpc38-42654-nmlnd
.arescasino.com/	1970-01-19 01:36:54	Name: visid_incap_1680467 Value: 07CR3duPS1KlbhagRW8rgEjCKlsAAAAAQUIPAAAAAAD02GI5f+guWpy3cgMh8NJX
www.arescasino.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: rdrcoehrcukvntm206jkt40mn7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
goto.peak-serving.com
partner.becomeaffiliates.com
popmyads.com
s.ytimg.com
sax.peakonspot.com
sjs.perfonspot.com
smart.xjh37.com
srv6.feedallapps.com
staticxx.facebook.com
whos.amung.us
www.arescasino.com
www.gbpclk.com
www.google-analytics.com
www.youtube.com
xjh37.com
whos.amung.us
139.162.206.25
2400:cb00:2048:1::6818:7618
2400:cb00:2048:1::6818:7d1f
2a00:1450:4001:812::200a
2a00:1450:4001:814::200e
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2003
2a00:1450:4001:820::200e
2a03:2880:f02d:12:face:b00c:0:3
31.204.152.169
34.197.12.237
45.60.80.8
52.1.167.69
54.84.22.112
94.24.114.10
94.24.114.8
0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd
029ee4f37264d7802c4074b32a70a66eb520f8e5f2080e2a132042cba7cedc0d
0519c3fc62a108e3d45cb5e3780ec4e543b7f18bf2a1161a2f6cfcd5f0313c4a
0747d3bb1a47671210add22ff8f49d6130bf39ad8559153b6beee2166fdbb67b
1478fc52446859ee3633be7b8194715274924668bce8ba640250eb4e7573f4a4
1534675e942fa96787fb5893c1c9250608ac1f4918e527f3f4630922c94d1c21
1637ee7cfc859dd9d196ad52bc69a35b1c2be7d20cbfdd39d848517f4f59207b
1d9eb04a9d690af9b4bb3390415e04cdcc59bd6bd7bdff3cc7f2c7fa11c07515
1f84d5c3e16996d4fa6473ac8da6f7e1594bbae927fcc10c75065959e75b55d8
261ddf46769ba9d3f5606846f01b0cde578f5af5dfb398f248b56aece72a14de
26ee431afc690ecec9120b549617ad9db64c0d9a923c76cc96098b24bf3034e6
38684cb3db5a7d3b7bcfde3faf80a9d5963ebf6cc181e14f7a312905bff51408
401b7f6ac0fae44b7d2b86a1fb9dc0b5d926d0a578b8c09f8c2aaa36805e20a8
427995aa63f3543dc6ff3bb09d9e6557e1c00ea82390d4d7fe1deb3cf62ceefa
43bbc0a292b340594371aa0bb857bafbfae41938d83f092bb10b5fb8b3984967
47667528f123620b151bf5cf53712b0233ee2a5ed43c204111a277bc5764ad08
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
4ea17c154e728e1d7a844e6383017c380be0ef873a93391e3f1874c3196fe419
4ee3eb917a307cdaf3cb6dfd6b15a4812777f7da931daa7c2118b5a5c1799b8e
51b0692a1d875e904fc05ecec453000e48a99b6f5ddd7c54c0006a19318e6f0c
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5aad00c856ea2600445c720a44894b4542462df2c63e3e29615384675b89954e
609777e632957b09ecab444b27cb9c0147bb2a595c590052f67b0efa3b879b42
63d47dc974124968407c17c5927d26cab7f8e9132142f2704c560ab8b96684b1
67ca63c8be159aa4ecc820de5748ceba05b97a2e01a328717c908fe9b4993d2a
6891bc1ac30cfda7878f53d9b87b95247a731a7f2264f23c9da927cf185e8673
73e7773f3bcafd36c27ca0aefdc0fbf3d27b96145ed2b6402fe05830435b7ce3
76975a2fb10ed18e966b7ee552871649fe3d3fae977473a6c66e1364a1533cdc
76e7ffec23fcf4eef52aaab700d367bb84706a607456cffb136e81122bdcc69f
7e2e64449065456d9ecbabae34efb834cec5b45b308bd263147deca33738d1a4
89511215043b5ffc4d3f473b794bef19611ef89700369f6215ae13049fc70390
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a46a790dae4cb94f2da50e2a92f0c3f762a065fbe939bf84c6cac7f00bc7f581
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
a70b5c6c2372e2b888d111c2467fc367513f497609dd3b532eb566bee4fc1678
b00a9e0a5f6664333f022895ac9a658eae5a3c5d49595579704b4a36827b6fc0
b1c289697d4a3362100a62ad9cd884b82c9212cae5654e24b627c6f48d14607b
b28ebb597e05c0b1fa2486a781d23455ee35a2ac3a64256d6d17176857bb1c95
b3f1c1b8e4ec35738e99866bae325103a652d65cae971aa15f79fc6a91e0cdae
b8f59e008e78b58c23277c9356538b5bd845ab4a25f1105608f9c1c746565dd1
ba0b00ad38afe09753d055031ad728bb49d611a1bf752b21c3fe0fc2c4b1bbe7
bbee9276b0f4a985baa34e7180910d2b932c7b93a8e6b56d79baed0a704e16fa
bdee751f011820245126e1da6118410a9ff58682f29f4048046e0d3b1f72731d
c1c0f4d119b75affcbb60f2cc8eb84d36db7b461944fce6f7073a8419f2942a9
d18c6dce56aa93bbac8f563a4397265311b7352301972bc5dc8b4f53f5ef6769
d2eb4c367ddf99ef45b361de9ade34025c88be6867369a3a5be39d2285386b72
d36b2377e4cd1f6025d4de48a6f10b36014b5eb21b1e89f3f2d9cbb431f1f9f9
d50486ab83f9db2f93baf88ed7a8859d39a5a626d38482d493d24b23ca7cd953
dda5b2f8971eaff5deb0072616a34a24cc97885746bb7606cb600d19658c205c
ddefeec3f412b8c61c295963baa96250f413fa2ed142e8bff14fbc8aa9faba70
ebe56e9f75247ac63384a1937db19a49dabc8f8688be005f19c1530fab1617fd
ec567c888b921f68e0bec22011a9b233fb1dd012fdf0d6fdbca056d70d20f72e
ec7ac9662e1a8fd8ff8038976850c893ca74dafcd79ee7479a5f39f879011228
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
fd71de3e240892e4c24fd9bc6015bf5bcf08f7fd700f07ed993d19306663855e

www.gbpclk.com Open in urlscan Pro 31.204.152.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

6 %HTTPS

50 %IPv6

17 Domains

19 Subdomains

12 IPs

5 Countries

2448 kBTransfer

3162 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gbpclk.com Open in urlscan Pro
31.204.152.169 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

6 %
HTTPS

50 %
IPv6

17
Domains

19
Subdomains

12
IPs

5
Countries

2448 kB
Transfer

3162 kB
Size

8
Cookies

62 HTTP transactions
1 data transactions