urlscan.io logo urlscan.io
SecurityTrails logo

dlh.media-bucket.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clkdu.com/redirect.php?c=127973&p=170097&sid=
Effective URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhY...
Submission: On July 20 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dlh.media-bucket.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2023. Valid for: a year.
This is the only time dlh.media-bucket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    170.249.206.34 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.dollarupload.com
clkdu.com
dollarupload.com
11    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
approved-offer.xyz
dlh.media-bucket.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.251.100.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-100-56.eu-west-1.compute.amazonaws.com
router.pon-prairie.com
1    2606:4700:3032::ac43:ceb7 (United States)

ASN13335 (CLOUDFLARENET, US)
router.delta-holder.net
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 media-bucket.com
dlh.media-bucket.com
301 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 56
21 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5665
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 116
352 B
1 delta-holder.net
router.delta-holder.net
1 KB
1 pon-prairie.com
router.pon-prairie.com
884 B
1 approved-offer.xyz
approved-offer.xyz
2 KB
1 dollarupload.com
dollarupload.com
906 B
1 clkdu.com
clkdu.com
568 B
20 12
Domain Requested by
10 dlh.media-bucket.com approved-offer.xyz
dlh.media-bucket.com
2 www.google-analytics.com approved-offer.xyz
www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com dlh.media-bucket.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 router.delta-holder.net 1 redirects
1 router.pon-prairie.com 1 redirects
1 approved-offer.xyz dollarupload.com
1 dollarupload.com
1 clkdu.com
20 12

This site contains links to these domains. Also see Links.

Domain
register.delta-holder.net
delta-holder.net
Subject Issuer Validity Valid
approved-offer.xyz
GTS CA 1P5		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-30 -
2024-04-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Frame ID: 656AC9AF038302C06F317C79B09F0D90
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Delta-holder

Page URL History Show full URLs

  1. http://clkdu.com/redirect.php?c=127973&p=170097&sid= Page URL
  2. http://dollarupload.com/go.php?id=127973&h=DUCL170067cd16dd89724a7ad152d&p=170097 Page URL
  3. https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL170067cd16dd89724... Page URL
  4. https://router.pon-prairie.com/click/k5/bbrX5VXyDAIkB4N2b?sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=... HTTP 303
    https://router.delta-holder.net/?lp=yqhld&sidng=bWxQJMJXQBWnvVEkB0JRB1RjfK&aid=bbrX5VXyDAIkB4N2b&PCTX=30720v... HTTP 302
    https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

90 %
HTTPS

80 %
IPv6

12
Domains

12
Subdomains

8
IPs

4
Countries

376 kB
Transfer

930 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clkdu.com/redirect.php?c=127973&p=170097&sid= Page URL
  2. http://dollarupload.com/go.php?id=127973&h=DUCL170067cd16dd89724a7ad152d&p=170097 Page URL
  3. https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL170067cd16dd89724a7ad152d&tsid=170097 Page URL
  4. https://router.pon-prairie.com/click/k5/bbrX5VXyDAIkB4N2b?sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=30720veCNBruI_26Z_tTYy_1QmAWG_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0 HTTP 303
    https://router.delta-holder.net/?lp=yqhld&sidng=bWxQJMJXQBWnvVEkB0JRB1RjfK&aid=bbrX5VXyDAIkB4N2b&PCTX=30720veCNBruI_26Z_tTYy_1QmAWG_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0&var3=126Z-tTYy--170097&var4=agn_333&sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=30720veCNBruI_26Z_tTYy_1QmAWG_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0 HTTP 302
    https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.php
clkdu.com/ 		166 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
http://clkdu.com/redirect.php?c=127973&p=170097&sid=
Protocol
HTTP/1.1
Server
170.249.206.34 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.dollarupload.com
Software
Apache /
Resource Hash
7c5af797162aa3f8ce2c32a32c5fa4b9a4438d414891476b56fe908daed95be3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jul 2023 21:12:21 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=3, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
go.php
dollarupload.com/ 		503 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dollarupload.com/go.php?id=127973&h=DUCL170067cd16dd89724a7ad152d&p=170097
Protocol
HTTP/1.1
Server
170.249.206.34 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.dollarupload.com
Software
Apache /
Resource Hash

Request headers

Referer
http://clkdu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jul 2023 21:12:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=3, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi
approved-offer.xyz/redirect/action/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL170067cd16dd89724a7ad152d&tsid=170097
Requested by
Host: dollarupload.com
URL: http://dollarupload.com/go.php?id=127973&h=DUCL170067cd16dd89724a7ad152d&p=170097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://dollarupload.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7e9e33b41a1718e7-FRA
charset
UTF-8
content-encoding
UTF-8
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 21:12:22 GMT
googlebot
noindex, nofollow, nocache, noarchive
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RstFLPMwSuT8E2SCyjEh9lqxEK9zD5vkECjvEYzs6QEX7R2mBy7y1GuOSSUU0sfmNgXH4prAiXU%2BEeaODJWyGn6roU1UhlX1pcqwHWNcI9RHbNLCpEP8CodzqD%2Bf3cmCNGnSo4iE4Dfeq6zSgrJ6Tkw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-robots-tag
noindex, nofollow, nocache, noarchive
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: approved-offer.xyz
URL: https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL170067cd16dd89724a7ad152d&tsid=170097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://approved-offer.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Jul 2023 21:04:37 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
465
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 20 Jul 2023 23:04:37 GMT
Primary Request /
dlh.media-bucket.com/yqhld/de/
Redirect Chain
  • https://router.pon-prairie.com/click/k5/bbrX5VXyDAIkB4N2b?sn=0&vp=0&sa=0&sub_id=126Z-tTYy--170097&click_id=30720veCNBruI_26Z_tTYy_1QmAWG_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0
  • https://router.delta-holder.net/?lp=yqhld&sidng=bWxQJMJXQBWnvVEkB0JRB1RjfK&aid=bbrX5VXyDAIkB4N2b&PCTX=30720veCNBruI_26Z_tTYy_1QmAWG_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0&var3=126Z-tTYy--170097&var4=agn_...
  • https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb...
32 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Requested by
Host: approved-offer.xyz
URL: https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL170067cd16dd89724a7ad152d&tsid=170097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1fe71b18cbc39ffed2459387e744a78ad93c8ed4011ee31ce1d65259626b61d

Request headers

Referer
https://approved-offer.xyz/redirect/action/1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi?uc=DUCL170067cd16dd89724a7ad152d&tsid=170097
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e9e33b93b76381b-FRA
content-encoding
br
content-type
text/html
date
Thu, 20 Jul 2023 21:12:23 GMT
last-modified
Fri, 07 Jul 2023 10:07:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdg1rYudinT89bCmAf%2FKlPD4EQ8LzvlFaX4Y0iO63mX6Qiz9vvs%2FPT%2F6PzpkYHtB%2FrNitQ4ILOdQJzdKSu81Ly5zsr19lZvRF6LhRxNn9y6TBueTQPxq8elNGeeUrbakfETNfbK1mAwFLjYN8mN%2FYQ4uVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e9e33b78e4f9156-FRA
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 21:12:23 GMT
location
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAyPrAtp%2FB0aNxEcdDH4UF9vxC5ju%2B%2Bw7eEsrYpfuej8QyifOGhpqVW5NeTth4atfQYzqv9XWjrPeiRzug1vwQMD9MvajPnnjuXY2AeCvOYmwIxD32LKiaUk9X4yBnOIwk5%2BSZwGfO9gq1RXSWqtRMHK6zGQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=569855742&t=pageview&_s=1&dl=https%3A%2F%2Fapproved-offer.xyz%2Fredirect%2Faction%2F1InEoMC0uJXRnPTwiKHNmf3BlZ2E_eQ_Pyi%3Fuc%3DDUCL170067cd16dd89724a7ad152d%26tsid%3D170097&dr=http%3A%2F%2Fdollarupload.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1089143527&gjid=833606305&cid=1213213107.1689887543&tid=UA-1672790-14&_gid=385370513.1689887543&_r=1&_slc=1&z=415657229
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://approved-offer.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 21:12:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://approved-offer.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1672790-14&cid=1213213107.1689887543&jid=1089143527&gjid=833606305&_gid=385370513.1689887543&_u=IEBAAEAAAAAAACAAI~&z=1062226076
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://approved-offer.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Jul 2023 21:12:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://approved-offer.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1672790-14&cid=1213213107.1689887543&jid=1089143527&_u=IEBAAEAAAAAAACAAI~&z=574908761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://approved-offer.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 21:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1672790-14&cid=1213213107.1689887543&jid=1089143527&_u=IEBAAEAAAAAAACAAI~&z=574908761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://approved-offer.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 21:12:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7556c220859e509cf18297cacd5f9348ea5a55b13392e59be1086064f7f0f7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jul 2023 21:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 21:02:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jul 2023 21:12:23 GMT
styles.5456667dfd289745b3a8.css
dlh.media-bucket.com/yqhld/assets/ 		113 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9693a72c7ecf50e77d388e58ed0bdc2564c8c55ec63e4aea305394f8be1f484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a7e37f-1c56c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD28A9TjbRDwMMbb8EoArhcLehqUMpXIXiCPFXZ8jinsa0H3tyI9S1XOfpGWNg256JgR9OeUaVAm2UJooEinqDAQm8WNpIdgc%2FDSRkZAzY6SmFA%2FZS4P9NiKaU2erKBoFdY5oxVbzSMlsA2FTh%2FLwxG4Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7e9e33ba0c75381b-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 21:12:23 GMT
secure-icons_4f7ffaaa7838a19bb78d.png
dlh.media-bucket.com/yqhld/assets/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/secure-icons_4f7ffaaa7838a19bb78d.png
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09113453a21759134d49bec7e4af7afa558448170d069bfb2dd63eb0b62885db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10339
alt-svc
h3=":443"; ma=86400
content-length
15749
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
server
cloudflare
etag
"64a7e37f-3d85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHID7mPMdAgSjnKSCnmgUDYIA92kDd8jPtoUm5kL7bpJMuvWUaVyYCUo5NLshtUQWEt7SF6xC2x8EvGfsRFavwEPgkYG6xZ13wgGMK5BoQUthWR7YYsNwTxAN2C5yjarzz8h5CHop52kPeWWC97O6xXxcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e33baff6318c3-FRA
expires
Sat, 19 Aug 2023 18:20:04 GMT
runtime.9552cc599bbd464fba55.js
dlh.media-bucket.com/yqhld/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/runtime.9552cc599bbd464fba55.js
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1162768d7067b4581c82f40bb924b854404e10d8447ff11e06e6184d34db47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10339
etag
W/"64a7e37f-4e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ku1ZboBf1g8lKKou8IK%2BF7ecEAEwz8jKjReXnB6Z5s2epAdEesUi5udVljwaCW4b6ACdbQ6Fh3vSmiJIvoq1x1qBKtAb1dlT6uTvqkKC75qSrwQkg0IKPC8QNKhbCy6trcTE3lponyXtRPO7FBMouShZ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e9e33baff6a18c3-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 18:20:04 GMT
app.73dfc75127a9997b2d10.js
dlh.media-bucket.com/yqhld/assets/ 		557 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/app.73dfc75127a9997b2d10.js
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6381aa8fdd19b05173447a9c2948850e4880edd6dcbe03d186c45bb77243d582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10339
etag
W/"64a7e37f-8b2a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4V3uv4TOashJyyMczDxfjnxA1OY39lP95RfxCTYPatW5fEMJLEV0aFcNVekPcDZHD23PnzFZ4y6zIPlmc5%2BFft7RWD3TKdKqD7leOMylyMYIKmToK7Aj7KOrfjjgqPvda4JfoNMPr%2BpSmtPRkDoYoWqxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e9e33baff6c18c3-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 18:20:04 GMT
styles.b8be24617ed3fcd1501f.js
dlh.media-bucket.com/yqhld/assets/ 		130 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dlh.media-bucket.com/yqhld/assets/styles.b8be24617ed3fcd1501f.js
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13247de0f4efc85f02a7ee3dfe91db4acf4c010e43452d4596aba7ec5b5fc4ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/de/?aid=bbrX5VXyDAIkB4N2b&var4=agn_333&sn=False&hobj=eyJoc2lkIjogImVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWIiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJjdXJyZW5jeV9zeW1ib2wiOiAiXHUyMGFjIiwgInRyaWFsIjogdHJ1ZSwgInBlcmlvZCI6IDMwLCAiYmlsbGluZ19wZXJpb2QiOiAxLCAiYmlsbGluZ19zdGVwIjogIm1vbnRoIiwgInRyaWFsX3N0ZXAiOiAiZGF5IiwgInRyaWFsX3BlcmlvZCI6IDcsICJkaXNwbGF5X3ByaWNlIjogIjQ5Ljk5IFx1MjBhYyIsICJkaXNwbGF5X3ZfcHJpY2UiOiAiMSBcdTIwYWMiLCAidl9wcmljZSI6ICIxIn0sICJzYSI6ICIwIiwgInZwIjogIjAiLCAiX19wZnYiOiAic3RyYWFsX2NzciIsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAiZGVsdGEtaG9sZGVyLm5ldCIsICJzdWJfaWQiOiAiMTI2Wi10VFl5LS0xNzAwOTciLCAic24iOiBmYWxzZSwgIndpdGhfYXZzIjogZmFsc2UsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIn0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10339
etag
W/"64a7e37f-82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZOc7kOUgvpjmHoN7fHUBv4am7ip3kQI9Ooq3tORnWGHVf7H2VIebfGOSegEyVbyeLknb%2B%2BMBk1xLGFy4zIx1mBjmsEzha7dtFA2KvJjnEx7blH995xVpYJPoMxw7hvaHggPyCn4BM%2F3iCNh7mkB1AYrYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7e9e33baff6e18c3-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 18:20:04 GMT
iphone13-bg_image_f2444b92c42707a3c933.jpg
dlh.media-bucket.com/yqhld/assets/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/iphone13-bg_image_f2444b92c42707a3c933.jpg
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea62119108325fffb33c3fe2ab8d2a41e4b4dcd3e87e64e25858357bdefa72c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10338
alt-svc
h3=":443"; ma=86400
content-length
59786
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
server
cloudflare
etag
"64a7e37f-e98a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02fHAQPDMkMC%2Bs3%2BboyGsdVE%2BAJ6x%2F%2BTgIgHCdyrdY3UKsRQp3nl2n3OWUTXcv4n2%2Fk2TCaBDMfhrksbdMYFSSBnYTtQ2GZegO%2FxbyjD3PBqTHXQsduEzq%2BwCfhwh1OBlfREHJzx1iNesrbAKLQoQEJZJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e33bc793b18c3-FRA
expires
Sat, 19 Aug 2023 18:20:05 GMT
de_04405748985f1a6a0db6.svg
dlh.media-bucket.com/yqhld/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/de_04405748985f1a6a0db6.svg
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef470669371c6a8e32a2731716896770f136365ce8310f06cb1559aeead2072c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a7e37f-513"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT8MhJfhBRj%2BcJ%2FgC%2BAE0cQiOVxJCTZOx4X2yPFC2LmOQR0k%2Bjt7QERgH4nEZJ5CwBXeg61Qygy01o4C4%2BxKCRVfOO4yBqCidXHm34IckZcLdRNBwnEYlXWvbWCFSvfX%2FK433DFDYzmtY%2FgpNi0OfWbsqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7e9e33bc793d18c3-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 21:12:23 GMT
flame_56f9213f59504caa0da1.png
dlh.media-bucket.com/yqhld/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/flame_56f9213f59504caa0da1.png
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4dcb5714a9f4816cb9bd8b31816a0e3abf8bd183f53295d9d04b088ef659430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10338
alt-svc
h3=":443"; ma=86400
content-length
1184
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
server
cloudflare
etag
"64a7e37f-4a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xfbi%2BLK1t50Z6U75tu07wQClS%2Fxfww%2BgDcWeIbBFw7YyWvb4uHsBSElzWG5kVA6vW8t9cy6%2FyXypuOTRsw6C0SyIRzQj%2BS71djJCEoW9Q8j0brhiO5%2F0JlWEgBgwn2ZeGF0EzGm%2F4vQ5jyASp9fEUCNe0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e33bc894018c3-FRA
expires
Sat, 19 Aug 2023 18:20:05 GMT
iphone14-desktop_a6cbcf1c652d9e0ab307.png
dlh.media-bucket.com/yqhld/assets/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dlh.media-bucket.com/yqhld/assets/iphone14-desktop_a6cbcf1c652d9e0ab307.png
Requested by
Host: dlh.media-bucket.com
URL: https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28995f6820935e760e3835dbb98526d16c550346518e745febecb7111a7c79dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dlh.media-bucket.com/yqhld/assets/styles.5456667dfd289745b3a8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 21:12:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10338
alt-svc
h3=":443"; ma=86400
content-length
36510
last-modified
Fri, 07 Jul 2023 10:05:51 GMT
server
cloudflare
etag
"64a7e37f-8e9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49vrcLPjbz7zr8TspPiQRFuMNhz3Y2j30JLaOJqvh4A2%2B2bVjTXx8MjaZTgkSnyRL3GIqwVve2Y3mtBxpW%2B%2BPceB3gj5S%2FQT3I%2FxhktzGJiacY09E5euM9S09D5VXj62r%2B3%2FS0dVBwNCborWnlEJ2kzqoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e9e33bc894118c3-FRA
expires
Sat, 19 Aug 2023 18:20:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dlh.media-bucket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 05:45:28 GMT
x-content-type-options
nosniff
age
487615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 05:45:28 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config object| languageOptions object| products object| webpackChunkusertive function| jQuery function| $ object| Landify boolean| __MOCKS__

9 Cookies

Domain/Path Name / Value
approved-offer.xyz/redirect/action Name: msv-26Z-Nza-0-1i-0-0
Value: %7B%22ip%22%3A%222a0104a0133800920000000000000005%22%2C%22created%22%3A1689887542%7D
approved-offer.xyz/conversion Name: click-2b9-6cbe9e
Value: 30720veCNBruI_26Z_tTYy_1QmAWG_1hg8REU6a9IwapnEQcJJB3_0_0_0_2_0
clkdu.com/ Name: PHPSESSID
Value: v6iknuc1haap0u2umjpbgghkl4
dollarupload.com/ Name: PHPSESSID
Value: th18h3r2gnh56uftmovadv5po0
.approved-offer.xyz/ Name: _ga
Value: GA1.2.1213213107.1689887543
.approved-offer.xyz/ Name: _gid
Value: GA1.2.385370513.1689887543
.approved-offer.xyz/ Name: _gat
Value: 1
router.delta-holder.net/ Name: air3_site_cookie
Value: 6fe01d6a66774625aafe4ffb8889c8d659314369gAWVRAAAAAAAAACMQGVhNDM1MDJhYjg1NWVhODZhYzQ3Mjk0MjBkZDZhZjg2MTNmOTRmMzE4YjFmYTExNGFhYjhlNDc3OGRmY2UwMWKULg==
dlh.media-bucket.com/ Name: session_id
Value: d88db6624d6c4ffca1e91649bfc2d031