www.gbpclk.com Open in urlscan Pro
31.204.152.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://spykemedia.go2cloud.org/aff_c?offer_id=129392&aff_id=4031&ios_ifa=AB2A67EA-DE6B-45C4-8D17-72DA957E69A5&aff_sub=new_c57aa...
Effective URL:
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Submission: On June 22 via manual (June 22nd 2018, 7:31:01 pm UTC) from US

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 17 domains to perform 61 HTTP transactions. The main IP is 31.204.152.169, located in Boesingheliede, Netherlands and belongs to I3DNET, NL. The main domain is www.gbpclk.com.

This is the only time www.gbpclk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.246.209.63 54.246.209.63	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.218.171.103 34.218.171.103	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	54.208.38.120 54.208.38.120	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	34.197.12.237 34.197.12.237	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	52.0.69.144 52.0.69.144	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	2400:cb00:204... 2400:cb00:2048:1::6818:7c1f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
44	31.204.152.169 31.204.152.169	49544 (I3DNET) (I3DNET)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	139.162.206.25 139.162.206.25	63949 (LINODE-AP...) (LINODE-AP Linode)
1	45.60.80.8 45.60.80.8	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
61	12

1 54.246.209.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-209-63.eu-west-1.compute.amazonaws.com

spykemedia.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.218.171.103 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-218-171-103.us-west-2.compute.amazonaws.com

newsbuzz.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.38.120 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-208-38-120.compute-1.amazonaws.com

sax.peakonspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.12.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-12-237.compute-1.amazonaws.com

sjs.perfonspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.69.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-69-144.compute-1.amazonaws.com

goto.peak-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6818:7c1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

popmyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 31.204.152.169 (Boesingheliede, Netherlands)

ASN49544 (I3DNET, NL)
PTR: ns1.colo-host.com

www.gbpclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.206.25 (London, United Kingdom) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1369-25.members.linode.com

partner.becomeaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.80.8 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)

www.arescasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	gbpclk.com www.gbpclk.com	2 MB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	facebook.com staticxx.facebook.com
2	youtube.com www.youtube.com	924 B
2	gstatic.com fonts.gstatic.com	46 KB
2	google-analytics.com www.google-analytics.com	14 KB
2	popmyads.com 1 redirects popmyads.com	3 KB
2	peakonspot.com 1 redirects sax.peakonspot.com	7 KB
1	facebook.net connect.facebook.net	62 KB
1	ytimg.com s.ytimg.com	8 KB
1	arescasino.com www.arescasino.com
1	becomeaffiliates.com 1 redirects partner.becomeaffiliates.com	591 B
1	peak-serving.com 1 redirects goto.peak-serving.com	777 B
1	perfonspot.com 1 redirects sjs.perfonspot.com	463 B
1	newsbuzz.tv 1 redirects newsbuzz.tv	315 B
1	go2cloud.org 1 redirects spykemedia.go2cloud.org	461 B
0	amung.us Failed whos.amung.us Failed
61	17

	Domain	Requested by
44	www.gbpclk.com	popmyads.com www.gbpclk.com
2	staticxx.facebook.com	connect.facebook.net
2	www.youtube.com	www.gbpclk.com s.ytimg.com
2	fonts.gstatic.com	www.gbpclk.com
2	fonts.googleapis.com	www.gbpclk.com
2	www.google-analytics.com	popmyads.com
2	popmyads.com	1 redirects sax.peakonspot.com
2	sax.peakonspot.com	1 redirects
1	connect.facebook.net
1	s.ytimg.com	www.youtube.com
1	www.arescasino.com	www.gbpclk.com
1	partner.becomeaffiliates.com	1 redirects
1	ajax.googleapis.com	www.gbpclk.com
1	goto.peak-serving.com	1 redirects
1	sjs.perfonspot.com	1 redirects
1	newsbuzz.tv	1 redirects
1	spykemedia.go2cloud.org	1 redirects
0	whos.amung.us Failed	popmyads.com
61	18

This site contains no links.

Subject Issuer	Validity	Valid
sni101728.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-06-21` - `2018-12-28`	6 months	crt.sh
*.arescasino.com AlphaSSL CA - SHA256 - G2	`2017-07-30` - `2020-07-30`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2018-06-07` - `2018-08-16`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Frame ID: 5FD9F6EC2FCAF9E88315E172E6ED6D5C
Requests: 58 HTTP requests in this frame

Frame: https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0
Frame ID: D18174E58FC04EC816C116F9DA33E96E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?controls=0&disablekb=0&loop=0&autoplay=0&wmode=opaque&showinfo=0&rel=0&modestbranding=1&iv_load_policy=3&cc_load_policy=0&fs=0&html5=0&enablejsapi=1&origin=http%3A%2F%2Fwww.gbpclk.com&widgetid=1
Frame ID: 977220E1F1B999DE658956AFA2B9AE4E
Requests: 1 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
Frame ID: C40CFA241575170C69EDB88BF5E3155A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
Frame ID: 311BA1D525137AEC9CE33198EEC80B84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://spykemedia.go2cloud.org/aff_c?offer_id=129392&aff_id=4031&ios_ifa=AB2A67EA-DE6B-45C4-8D17-72DA957E69... HTTP 302
http://newsbuzz.tv/tanal?aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711& HTTP 302
http://sax.peakonspot.com/pops/dlink.php?pid=4132&format=POPUP&subid={aff_sub1}_AF&aff_sub1=4031&sourc... HTTP 302
http://sjs.perfonspot.com/pops/dlink.php?pid=4247&format=POPUP&subid={aff_sub1}_AF HTTP 302
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667... Page URL
http://goto.peak-serving.com/?&id=15296958505290092992130667&tid=4247&sr=ep&filter=1&ftype=js&trs=1529695... HTTP 302
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t Page URL
https://popmyads.com/go HTTP 302
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

61
Requests

7 %
HTTPS

50 %
IPv6

17
Domains

18
Subdomains

12
IPs

4
Countries

2446 kB
Transfer

3163 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://spykemedia.go2cloud.org/aff_c?offer_id=129392&aff_id=4031&ios_ifa=AB2A67EA-DE6B-45C4-8D17-72DA957E69A5&aff_sub=new_c57aa79a9cb6ffb277e961418547e338-706-7516791-900-1260-7516791-514-113&source=706_20623706 HTTP 302
http://newsbuzz.tv/tanal?aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711& HTTP 302
http://sax.peakonspot.com/pops/dlink.php?pid=4132&format=POPUP&subid={aff_sub1}_AF&aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711& HTTP 302
http://sjs.perfonspot.com/pops/dlink.php?pid=4247&format=POPUP&subid={aff_sub1}_AF HTTP 302
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247 Page URL
http://goto.peak-serving.com/?&id=15296958505290092992130667&tid=4247&sr=ep&filter=1&ftype=js&trs=15296958506095364&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t Page URL
https://popmyads.com/go HTTP 302
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://spykemedia.go2cloud.org/aff_c?offer_id=129392&aff_id=4031&ios_ifa=AB2A67EA-DE6B-45C4-8D17-72DA957E69A5&aff_sub=new_c57aa79a9cb6ffb277e961418547e338-706-7516791-900-1260-7516791-514-113&source=706_20623706 HTTP 302
http://newsbuzz.tv/tanal?aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711& HTTP 302
http://sax.peakonspot.com/pops/dlink.php?pid=4132&format=POPUP&subid={aff_sub1}_AF&aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711& HTTP 302
http://sjs.perfonspot.com/pops/dlink.php?pid=4247&format=POPUP&subid={aff_sub1}_AF HTTP 302
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247

Request Chain 1

http://goto.peak-serving.com/?&id=15296958505290092992130667&tid=4247&sr=ep&filter=1&ftype=js&trs=15296958506095364&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t

Request Chain 19

https://partner.becomeaffiliates.com/scripts/gx76ewfyecx?a_aid=57988cf2d2278&a_bid=79a6a05f&chan=ARDE-pc38-42654-nmlnd HTTP 301
https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0

Request Chain 43

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

filter.php Show response
sax.peakonspot.com/pops/
Redirect Chain

http://spykemedia.go2cloud.org/aff_c?offer_id=129392&aff_id=4031&ios_ifa=AB2A67EA-DE6B-45C4-8D17-72DA957E69A5&aff_sub=new_c57aa79a9cb6ffb277e961418547e338-706-7516791-900-1260-7516791-514-113&sourc...
http://newsbuzz.tv/tanal?aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711&
http://sax.peakonspot.com/pops/dlink.php?pid=4132&format=POPUP&subid={aff_sub1}_AF&aff_sub1=4031&source=4031&source2=129392&ecid=129392&track=4711&
http://sjs.perfonspot.com/pops/dlink.php?pid=4247&format=POPUP&subid={aff_sub1}_AF
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247

7 KB
7 KB

97ms
97ms

Document
text/html

54.208.38.120
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247
Protocol: HTTP/1.1
Server: 54.208.38.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-208-38-120.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0693f2f7fb7689a9bc8544a19d36ba452f94c2796acac44d69fb34ebc96d79d8

Request headers

Host: sax.peakonspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: uuid=15296958491938248209189623
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Jun 2018 19:30:50 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Server: nginx
Content-Length: 6833
Connection: keep-alive

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Jun 2018 19:30:50 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247
Server: nginx
Set-Cookie: uuid=15296958509559733562171460; expires=Sun, 22-Jul-2018 19:30:50 GMT; Max-Age=2592000
Content-Length: 0
Connection: keep-alive

GET
H2

200

aHR0cDovL3BlYWthZHguY29t Show response
popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/
Redirect Chain

http://goto.peak-serving.com/?&id=15296958505290092992130667&tid=4247&sr=ep&filter=1&ftype=js&trs=15296958506095364&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined
https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t

6 KB
3 KB

59ms
30ms

Document
text/html

2400:cb00:2048:1::6818:7c1f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
Requested by: Host: sax.peakonspot.com
URL: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:7c1f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.1.18
Resource Hash: bd4c9244b04167ffdf6badc332576d29a1b602a5e697b8b13b601f8315e5b105

Request headers

:method: GET
:authority: popmyads.com
:scheme: https
:path: /serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C
Referer: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&sr=ep&id=15296958505290092992130667&tid=4247

Response headers

status: 200
date: Fri, 22 Jun 2018 19:30:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4bd91aadc4f10cc17c2fbb7b21e56d151529695851; expires=Sat, 22-Jun-19 19:30:51 GMT; path=/; domain=.popmyads.com; HttpOnly
x-powered-by: PHP/7.1.18
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42f121c0be2a97ec-FRA
content-encoding: gzip

Redirect headers

Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Jun 2018 19:30:51 GMT
Location: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
Server: nginx
Set-Cookie: ctxfeed_media-serving=%7B%22ctxpop_uuid%22%3A%2224724693107418711529695851%22%7D; expires=Wed, 31-Dec-2098 23:00:00 GMT; Max-Age=2541209349 ep_2566870080df9561ce1e102d802b152e=20180622%7C1637%7CEI775b2d4e6b87654395431235%7C; expires=Sun, 22-Jul-2018 19:30:51 GMT; Max-Age=2592000; path=/; domain=.peak-serving.com eprt_067a9243f06e23b09a948e996055c2e8=20180622%7C1637%7CEI775b2d4e6b87654395431235%7C; expires=Sun, 22-Jul-2018 19:30:51 GMT; Max-Age=2592000; path=/; domain=.peak-serving.com
Content-Length: 0
Connection: keep-alive

GET popmyads.png
whos.amung.us/swidget/ 0
0

GET
S 200 analytics.js
www.google-analytics.com/ 34 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: popmyads.com
URL: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t

Protocol

SPDY

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1974
date: Fri, 22 Jun 2018 18:57:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Fri, 22 Jun 2018 20:57:57 GMT

GET
H/1.1

200
OK

Primary Request nmindex.php Show response
www.gbpclk.com/ares/de/
Redirect Chain

https://popmyads.com/go
http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

7 KB
3 KB

54ms
38ms

Document
text/html

31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Requested by: Host: popmyads.com
URL: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin / PHP/5.6.30
Resource Hash: b28ebb597e05c0b1fa2486a781d23455ee35a2ac3a64256d6d17176857bb1c95

Request headers

Host: www.gbpclk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Origin: https://popmyads.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C

Response headers

Server: nginx admin
Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Content-Encoding: gzip

Redirect headers

status: 302
date: Fri, 22 Jun 2018 19:30:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.18
set-cookie: CheckMe=5; expires=Fri, 22-Jun-2018 19:30:56 GMT; Max-Age=5; path=/
location: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 42f121c11e8c97ec-FRA

GET
S 200 collect
www.google-analytics.com/r/ 35 B
111 B 16ms
15ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=488436568&t=pageview&_s=1&dl=https%3A%2F%2Fpopmyads.com%2Fserve%2F48382%2F42654%2Fszqpmqqoapdpgpq%2FaHR0cDovL3BlYWthZHguY29t&dr=http%3A%2F%2Fsax.peakonspot.com%2Fpops%2Ffilter.php%3Frd%3Dgoto.peak-serving.com%26sr%3Dep%26id%3D15296958505290092992130667%26tid%3D4247&ul=en-us&de=UTF-8&dt=PopMyAds%20Redirecting...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1406944494&gjid=2124871315&cid=370975598.1529695852&tid=UA-43135408-1&_gid=498590262.1529695852&_r=1&z=2131288055

Protocol

SPDY

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://popmyads.com/serve/48382/42654/szqpmqqoapdpgpq/aHR0cDovL3BlYWthZHguY29t
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jun 2018 19:30:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 css
fonts.googleapis.com/ 1003 B
365 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Protocol

SPDY

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b8f59e008e78b58c23277c9356538b5bd845ab4a25f1105608f9c1c746565dd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Fri, 22 Jun 2018 19:30:51 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Fri, 22 Jun 2018 19:30:51 GMT

GET
S 200 css
fonts.googleapis.com/ 2 KB
424 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:400,500,600,700,800,900

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Protocol

SPDY

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

401b7f6ac0fae44b7d2b86a1fb9dc0b5d926d0a578b8c09f8c2aaa36805e20a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Fri, 22 Jun 2018 19:30:51 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Fri, 22 Jun 2018 19:30:51 GMT

GET
H/1.1 200
OK bootstrap3.min.css
www.gbpclk.com/ares/de/css/ 132 KB
20 KB 20ms
18ms Stylesheet
text/css 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/css/bootstrap3.min.css
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d2eb4c367ddf99ef45b361de9ade34025c88be6867369a3a5be39d2285386b72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:17 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK style3.css
www.gbpclk.com/ares/de/css/ 5 KB
2 KB 34ms
14ms Stylesheet
text/css 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/css/style3.css
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ba0b00ad38afe09753d055031ad728bb49d611a1bf752b21c3fe0fc2c4b1bbe7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:16 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK font-awesome3.min.css
www.gbpclk.com/ares/de/css/ 26 KB
6 KB 33ms
14ms Stylesheet
text/css 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/css/font-awesome3.min.css
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:16 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK stop.png
www.gbpclk.com/ares/de/images/ 16 KB
16 KB 27ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/stop.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:14:41 GMT
Server: nginx admin
ETag: "5a609dc1-3fd5"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16341
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK FWDEVPlayer.js Show response
www.gbpclk.com/ares/de/java/ 304 KB
72 KB 31ms
30ms Script
application/javascript 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: c1c0f4d119b75affcbb60f2cc8eb84d36db7b461944fce6f7073a8419f2942a9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 12:41:21 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK merkur_logo.png
www.gbpclk.com/ares/de/images/ 24 KB
24 KB 26ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/merkur_logo.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: bbee9276b0f4a985baa34e7180910d2b932c7b93a8e6b56d79baed0a704e16fa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:22 GMT
Server: nginx admin
ETag: "5a609aa2-5f10"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24336
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK novo_line.png
www.gbpclk.com/ares/de/images/ 38 KB
38 KB 27ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/novo_line.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 427995aa63f3543dc6ff3bb09d9e6557e1c00ea82390d4d7fe1deb3cf62ceefa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:44 GMT
Server: nginx admin
ETag: "5a609ab8-9646"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38470
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK button-3.gif
www.gbpclk.com/ares/de/images/ 37 KB
37 KB 13ms
13ms Image
image/gif 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/button-3.gif
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 5aad00c856ea2600445c720a44894b4542462df2c63e3e29615384675b89954e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:09 GMT
Server: nginx admin
ETag: "5a609a95-92f4"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37620
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK jquery3.min.js Show response
www.gbpclk.com/ares/de/js/ 94 KB
33 KB 26ms
25ms Script
application/javascript 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:03:00 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK bootstrap3.min.js Show response
www.gbpclk.com/ares/de/js/ 36 KB
10 KB 15ms
15ms Script
application/javascript 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gbpclk.com/ares/de/js/bootstrap3.min.js
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 13:02:59 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Protocol

HTTP/1.1

Server

2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 15:17:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2520813
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29478
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 May 2019 15:17:18 GMT

GET
H/1.1 200
OK bg-polygon.jpg
www.gbpclk.com/ares/de/images/ 34 KB
34 KB 31ms
13ms Image
image/jpeg 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/bg-polygon.jpg
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: b3f1c1b8e4ec35738e99866bae325103a652d65cae971aa15f79fc6a91e0cdae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/css/style3.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/css/style3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:08 GMT
Server: nginx admin
ETag: "5a609a94-8811"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34833
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H2

200

book_of_ra_deluxe
www.arescasino.com/de/lp1/ Frame D181
Redirect Chain

https://partner.becomeaffiliates.com/scripts/gx76ewfyecx?a_aid=57988cf2d2278&a_bid=79a6a05f&chan=ARDE-pc38-42654-nmlnd
https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0

0
0

111ms
49ms

Document
text/html

45.60.80.8
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.80.8 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: nginx/1.12.2 / PHP/5.6.33
Resource Hash

Request headers

:method: GET
:authority: www.arescasino.com
:scheme: https
:path: /de/lp1/book_of_ra_deluxe?autofocus=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

status: 200
server: nginx/1.12.2
date: Fri, 22 Jun 2018 19:30:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.33
set-cookie: PHPSESSID=8uu73pue4arskb7vmok684ab65; path=/ source=http%3A%2F%2Fwww.gbpclk.com%2Fares%2Fde%2Fnmindex.php%3Fsite%3Dpc38-42654-nmlnd; expires=Mon, 23-Jul-2018 19:30:52 GMT; Max-Age=2678400; path=/; domain=www.arescasino.com first_page=%2Fde%2Flp1%2Fbook_of_ra_deluxe%3Fautofocus%3D0; expires=Mon, 23-Jul-2018 19:30:52 GMT; Max-Age=2678400; path=/; domain=www.arescasino.com site_visitor_id=1529695852_148.251.45.254; expires=Sun, 02-Jun-3135 12:20:48 GMT; Max-Age=35247286196; path=/; domain=www.arescasino.com visid_incap_1680467=YqL35p1JQWeMeUCRod3YOmtOLVsAAAAAQUIPAAAAAACQJeGTYvskuzDIQt/W5rfJ; expires=Sat, 22 Jun 2019 07:09:25 GMT; path=/; Domain=.arescasino.com incap_ses_184_1680467=yVEaFNBtM205kmE4C7SNAmtOLVsAAAAAVz0w0YrXu8a2vW9nyOVKVQ==; path=/; Domain=.arescasino.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-iinfo: 7-10898051-10896202 PNNN RT(1529695851320 0) q(0 0 0 0) r(0 0) U2
x-cdn: Incapsula
content-encoding: gzip

Redirect headers

status: 301
server: nginx
date: Fri, 22 Jun 2018 19:30:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.arescasino.com/de/lp1/book_of_ra_deluxe?autofocus=0
x-srv: 1
x-varnish: 814370590
age: 0
vary: Accept-Encoding
via: 1.1 varnish (2.lb-app.pap.linode-uk)
set-cookie: PAPVisitorId=hgdpmegen8qPhewSfBSTncK1MVCrmqsE;Max-Age=31556926;Path=/;Domain=.postaffiliatepro.com; PAPVisitorId=hgdpmegen8qPhewSfBSTncK1MVCrmqsE;Max-Age=31556926;Path=/;Domain=.becomeaffiliates.com; PAPAffiliateId=57988cf2d2278;Max-Age=300;Path=/;Domain=.postaffiliatepro.com; PAPAffiliateId=57988cf2d2278;Max-Age=300;Path=/;Domain=.becomeaffiliates.com;
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

GET
H/1.1 200
OK bg_still.jpg
www.gbpclk.com/ares/de/images/ 260 KB
261 KB 19ms
18ms Image
image/jpeg 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/bg_still.jpg
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d50486ab83f9db2f93baf88ed7a8859d39a5a626d38482d493d24b23ca7cd953

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/css/style3.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/css/style3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:08 GMT
Server: nginx admin
ETag: "5a609a94-4112a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 266538
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
H/1.1 200
OK move_new.gif
www.gbpclk.com/ares/de/images/ 2 MB
2 MB 18ms
18ms Image
image/gif 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/images/move_new.gif
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 89511215043b5ffc4d3f473b794bef19611ef89700369f6215ae13049fc70390

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/css/style3.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/css/style3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:48 GMT
Last-Modified: Thu, 18 Jan 2018 13:01:43 GMT
Server: nginx admin
ETag: "5a609ab7-19ec8a"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1698954
Expires: Sun, 22 Jul 2018 19:30:48 GMT

GET
S 200 BngMUXZYTXPIvIBgJJSb6ufN5qA.ttf
fonts.gstatic.com/s/robotoslab/v7/ 35 KB
22 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufN5qA.ttf

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js

Protocol

SPDY

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0747d3bb1a47671210add22ff8f49d6130bf39ad8559153b6beee2166fdbb67b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700
Origin: http://www.gbpclk.com

Response headers

date: Fri, 15 Jun 2018 20:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600426
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 22243
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 18:31:32 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2019 20:43:46 GMT

GET
S 200 jizAREVItHgc8qDIbSTKq4XkRi2c_CI0q14.ttf
fonts.gstatic.com/s/librefranklin/v2/ 45 KB
25 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v2/jizAREVItHgc8qDIbSTKq4XkRi2c_CI0q14.ttf

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/js/jquery3.min.js

Protocol

SPDY

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9eb04a9d690af9b4bb3390415e04cdcc59bd6bd7bdff3cc7f2c7fa11c07515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin:400,500,600,700,800,900
Origin: http://www.gbpclk.com

Response headers

date: Fri, 15 Jun 2018 19:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 605739
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25042
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2017 23:09:48 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2019 19:15:13 GMT

GET
S 200 iframe_api Show response
www.youtube.com/ 859 B
924 B 21ms
20ms Script
application/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js

Protocol

SPDY

Server

2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

a1b028e9a027db7cf77f75b7798a375179b0406aab480df1df1abe8586b7d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Fri, 22 Jun 2018 19:30:52 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 859
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
S 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl3m9ZW-/ 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl3m9ZW-/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

SPDY

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 18 Jun 2018 22:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334507
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 7696
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Jun 2018 21:50:31 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 26 Jun 2018 22:35:45 GMT

GET
H/1.1 200
OK preloader.jpg
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 29 KB
29 KB 14ms
14ms Image
image/jpeg 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/preloader.jpg
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: dda5b2f8971eaff5deb0072616a34a24cc97885746bb7606cb600d19658c205c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:00 GMT
Server: nginx admin
ETag: "5a609528-74bc"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29884
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK play.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 202 B
510 B 13ms
12ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/play.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 67ca63c8be159aa4ecc820de5748ceba05b97a2e01a328717c908fe9b4993d2a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:59 GMT
Server: nginx admin
ETag: "5a609527-ca"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK pause.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 145 B
453 B 15ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/pause.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 47667528f123620b151bf5cf53712b0233ee2a5ed43c204111a277bc5764ad08

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:58 GMT
Server: nginx admin
ETag: "5a609526-91"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK scrubber-left-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 122 B
430 B 16ms
15ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-left-background.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 1637ee7cfc859dd9d196ad52bc69a35b1c2be7d20cbfdd39d848517f4f59207b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:01 GMT
Server: nginx admin
ETag: "5a609529-7a"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK scrubber-right-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 936 B
1 KB 15ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-right-background.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 609777e632957b09ecab444b27cb9c0147bb2a595c590052f67b0efa3b879b42

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:02 GMT
Server: nginx admin
ETag: "5a60952a-3a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 936
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK scrubber-left-drag.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 1007 B
1 KB 16ms
15ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-left-drag.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 63d47dc974124968407c17c5927d26cab7f8e9132142f2704c560ab8b96684b1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:01 GMT
Server: nginx admin
ETag: "5a609529-3ef"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1007
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK scrubber-line.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 936 B
1 KB 17ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-line.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d36b2377e4cd1f6025d4de48a6f10b36014b5eb21b1e89f3f2d9cbb431f1f9f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:01 GMT
Server: nginx admin
ETag: "5a609529-3a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 936
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK volume.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 194 B
502 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/volume.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 73e7773f3bcafd36c27ca0aefdc0fbf3d27b96145ed2b6402fe05830435b7ce3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:05 GMT
Server: nginx admin
ETag: "5a60952d-c2"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 194
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK progress-left.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 1004 B
1 KB 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/progress-left.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: bdee751f011820245126e1da6118410a9ff58682f29f4048046e0d3b1f72731d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:00 GMT
Server: nginx admin
ETag: "5a609528-3ec"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK large-play.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 697 B
1006 B 14ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/large-play.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: a70b5c6c2372e2b888d111c2467fc367513f497609dd3b532eb566bee4fc1678

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:57 GMT
Server: nginx admin
ETag: "5a609525-2b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 697
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK full-screen.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 179 B
487 B 14ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/full-screen.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 1f84d5c3e16996d4fa6473ac8da6f7e1594bbae927fcc10c75065959e75b55d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:56 GMT
Server: nginx admin
ETag: "5a609524-b3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK youtube-quality.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/youtube-quality.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 4ee3eb917a307cdaf3cb6dfd6b15a4812777f7da931daa7c2118b5a5c1799b8e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:06 GMT
Server: nginx admin
ETag: "5a60952e-c35"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3125
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK facebook.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 169 B
477 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/facebook.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 76e7ffec23fcf4eef52aaab700d367bb84706a607456cffb136e81122bdcc69f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:55 GMT
Server: nginx admin
ETag: "5a609523-a9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 169
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK normal-screen.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 173 B
481 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/normal-screen.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 26ee431afc690ecec9120b549617ad9db64c0d9a923c76cc96098b24bf3034e6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:58 GMT
Server: nginx admin
ETag: "5a609526-ad"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 173
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK embed.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 312 B
621 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/embed.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ebe56e9f75247ac63384a1937db19a49dabc8f8688be005f19c1530fab1617fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:54 GMT
Server: nginx admin
ETag: "5a609522-138"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK embed-close-button.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 14ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/embed-close-button.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: a46a790dae4cb94f2da50e2a92f0c3f762a065fbe939bf84c6cac7f00bc7f581

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:53 GMT
Server: nginx admin
ETag: "5a609521-b5b"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2907
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
H/1.1 200
OK skip-icon.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 993 B
1 KB 14ms
14ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/skip-icon.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: b00a9e0a5f6664333f022895ac9a658eae5a3c5d49595579704b4a36827b6fc0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:49 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:04 GMT
Server: nginx admin
ETag: "5a60952c-3e1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 993
Expires: Sun, 22 Jul 2018 19:30:49 GMT

GET
S

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

206 KB
62 KB

7ms
7ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1670b3f7179fbb2259a668624a010693b955a671d3407286bb69794697bc76c6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bCvzVE6Kp1b81yeU9EGo0w==
status: 200
content-length: 62807
x-xss-protection: 0
x-fb-debug: Oi7TZnfZAeSZOMi6rq4g6pr98Hn67jUr+/bXZ0W7+y0cRIyT+dQz5U+VUo0ViZvukyvlB68AR2KwmQ9rsyYUYw==
x-fb-content-md5: 15a3ed8a23dc8dfd1714948c87530022
x-frame-options: DENY
date: Fri, 22 Jun 2018 19:30:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "88a8cea89610e83399c2fa8ddb50458b"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Fri, 22 Jun 2018 19:36:20 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.youtube.com/embed/ Frame 9772 0
0 48ms
48ms Document
text/html 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/?controls=0&disablekb=0&loop=0&autoplay=0&wmode=opaque&showinfo=0&rel=0&modestbranding=1&iv_load_policy=3&cc_load_policy=0&fs=0&html5=0&enablejsapi=1&origin=http%3A%2F%2Fwww.gbpclk.com&widgetid=1

Requested by

Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl3m9ZW-/www-widgetapi.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/?controls=0&disablekb=0&loop=0&autoplay=0&wmode=opaque&showinfo=0&rel=0&modestbranding=1&iv_load_policy=3&cc_load_policy=0&fs=0&html5=0&enablejsapi=1&origin=http%3A%2F%2Fwww.gbpclk.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

status: 200
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Tue, 27 Apr 1971 19:44:06 EST
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cache-control: no-cache
strict-transport-security: max-age=31536000
date: Fri, 22 Jun 2018 19:30:53 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=5o7gX88rg1w; path=/; domain=.youtube.com; expires=Wed, 19-Dec-2018 19:30:52 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Fri, 22-Jun-2018 20:00:52 GMT YSC=aZSIQf0XscI; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=5o7gX88rg1w; path=/; domain=.youtube.com; expires=Wed, 19-Dec-2018 19:30:52 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 21-Feb-2019 07:23:53 GMT
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"

GET
H/1.1 200
OK xaOI6zd9HW9.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame C40C 0
0 27ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

HTTP/1.1

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: staticxx.facebook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

Expires: Sat, 22 Jun 2019 08:21:03 GMT
Cache-Control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-XSS-Protection: 0
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: mVvUj+88kYwO1tTegzVWz+IGwHuJq5rblf8YY3TAR+fxjN5CnRC2/VzLY0tqI8hi+V6SPQLrFCTJgRYRTjOuFA==
Date: Fri, 22 Jun 2018 19:30:53 GMT
Connection: keep-alive
Content-Length: 13905

GET
H2 200 xaOI6zd9HW9.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 311B 0
0 16ms
14ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 5FD9F6EC2FCAF9E88315E172E6ED6D5C
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd

Response headers

status: 200
expires: Sat, 22 Jun 2019 08:21:03 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-xss-protection: 0
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: mVvUj+88kYwO1tTegzVWz+IGwHuJq5rblf8YY3TAR+fxjN5CnRC2/VzLY0tqI8hi+V6SPQLrFCTJgRYRTjOuFA==
content-length: 13905
date: Fri, 22 Jun 2018 19:30:53 GMT

GET
H/1.1 200
OK ads-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 938 B
1 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/ads-background.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ec7ac9662e1a8fd8ff8038976850c893ca74dafcd79ee7479a5f39f879011228

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:51 GMT
Server: nginx admin
ETag: "5a60951f-3aa"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 938
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK controller-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/controller-background.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 1478fc52446859ee3633be7b8194715274924668bce8ba640250eb4e7573f4a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:52 GMT
Server: nginx admin
ETag: "5a609520-af3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2803
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK progress-middle.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 3 KB
3 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/progress-middle.png
Requested by: Host: www.gbpclk.com
URL: http://www.gbpclk.com/ares/de/java/FWDEVPlayer.js
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 029ee4f37264d7802c4074b32a70a66eb520f8e5f2080e2a132042cba7cedc0d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:00 GMT
Server: nginx admin
ETag: "5a609528-b02"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2818
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK pause-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 146 B
454 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/pause-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: d18c6dce56aa93bbac8f563a4397265311b7352301972bc5dc8b4f53f5ef6769

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:58 GMT
Server: nginx admin
ETag: "5a609526-92"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK play-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 176 B
484 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/play-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 76975a2fb10ed18e966b7ee552871649fe3d3fae977473a6c66e1364a1533cdc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:59 GMT
Server: nginx admin
ETag: "5a609527-b0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK scrubber-middle-background.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 135 B
443 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-middle-background.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: b1c289697d4a3362100a62ad9cd884b82c9212cae5654e24b627c6f48d14607b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:02 GMT
Server: nginx admin
ETag: "5a60952a-87"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK scrubber-middle-drag.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 137 B
445 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/scrubber-middle-drag.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 38684cb3db5a7d3b7bcfde3faf80a9d5963ebf6cc181e14f7a312905bff51408

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:02 GMT
Server: nginx admin
ETag: "5a60952a-89"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK volume-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 182 B
490 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/volume-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 51b0692a1d875e904fc05ecec453000e48a99b6f5ddd7c54c0006a19318e6f0c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:04 GMT
Server: nginx admin
ETag: "5a60952c-b6"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK volume-disabled.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 141 B
449 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/volume-disabled.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 0519c3fc62a108e3d45cb5e3780ec4e543b7f18bf2a1161a2f6cfcd5f0313c4a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:04 GMT
Server: nginx admin
ETag: "5a60952c-8d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK normal-screen-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 168 B
476 B 14ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/normal-screen-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ec567c888b921f68e0bec22011a9b233fb1dd012fdf0d6fdbca056d70d20f72e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:57 GMT
Server: nginx admin
ETag: "5a609525-a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK full-screen-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 177 B
485 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/full-screen-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 6891bc1ac30cfda7878f53d9b87b95247a731a7f2264f23c9da927cf185e8673

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:56 GMT
Server: nginx admin
ETag: "5a609524-b1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK large-play-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 276 B
585 B 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/large-play-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: ddefeec3f412b8c61c295963baa96250f413fa2ed142e8bff14fbc8aa9faba70

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:37:56 GMT
Server: nginx admin
ETag: "5a609524-114"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 276
Expires: Sun, 22 Jul 2018 19:30:50 GMT

GET
H/1.1 200
OK skip-icon-over.png
www.gbpclk.com/ares/de/content/minimal_skin_dark/ 979 B
1 KB 13ms
13ms Image
image/png 31.204.152.169
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gbpclk.com/ares/de/content/minimal_skin_dark/skip-icon-over.png
Protocol: HTTP/1.1
Server: 31.204.152.169 Boesingheliede, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS: ns1.colo-host.com
Software: nginx admin /
Resource Hash: 7e2e64449065456d9ecbabae34efb834cec5b45b308bd263147deca33738d1a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.gbpclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.gbpclk.com/ares/de/nmindex.php?site=pc38-42654-nmlnd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 19:30:50 GMT
Last-Modified: Thu, 18 Jan 2018 12:38:03 GMT
Server: nginx admin
ETag: "5a60952b-3d3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979
Expires: Sun, 22 Jul 2018 19:30:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: whos.amung.us
URL: https://whos.amung.us/swidget/popmyads.png

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.arescasino.com/	1970-01-19 01:40:31	Name: PAPVisitorId Value: hgdpmegen8qPhewSfBSTncK1MVCrmqsE
www.arescasino.com/	1970-01-18 16:54:55	Name: ___utmvc Value: 8QeBBRsZ94yR5sPLK/FQ0PCB28MR1OfMOfA+7xEnofL554CZe2VLPMPj9vuaYNIbkfEIdDwgTChE4zlua96Q7F7OEa0mtf1YBm7sAtKunbNBvJHptjIFAxpwFVu4pTBLmTFCn5RQu2Pi0JZDVkMS6tXnN1jLc4doNfKkal6IQeA3l3R3TFFeEPFHGf9yoP9xm0qJg44kdDHX5s2g9ojNzTt39lF4DBL7ym9+5v4NYa7t4QQGA5+Cy5s6J1JiX35bfxsquFTtW2PZYOU0uCihbtGIAQXB/kkIVofPHjQIeLB6Kgt5RvFxWVVK9boGTpj53s5JKW47c7k0hputuOO4BUHh4FMOyP/izNuW8YY64jtLNgdA5PP60KWH1tvibczauR7UIR5JH8igDLVmR7HjF316STMNWVgAKPf0r3Gf43/cP2/242gjcqz2vXcJOEq1xEJoKTLgi6i5IhK6HOq6qMaTWCpy4XmU1o3ogE5986obx3Mi5Gy5lKEes7dEEgulGCHUAOaPbqYhObKbt5WKQTUgG7mN/uvBVySJ/4CBMhuO7NUz35ji/E9hjKUmXH2msM+Jqwl3eyn7wiqNqzeVkOdxoyhNurDkg5NLFqHnu7gRD8HCjZ10MI3fJQ8DPbQOvdP5Uy71v1yvCVNAfTVn6onPxZkeyUD8cFC2dgn+IWWDJx6h0mwwWNev/DXVkLOAow5HfCGVAc4klcKVLlyvMLejJko7N84rYif2rkwu1Ou2rWeB1OSY7jEm01av+X1FsW5lplTj1ovlLtpcClITzcOTnSwNaFtIjyNtd1qV+QvrNj8/7V168KLPRyL7T9d7e8v5TjH2Zgqc/Zzs+QaPaNnmuHSCFTMoYk+bT2gm+xW32Z8tKW01M6F7rapfLLQicu0gIbxn/L0Ya6AQwv2k3uIfCyCgyL8xL/cj2zYWKU29Y1Thx4Th9aZMsTfKbyWZn+RMHzQBGh0OnLBr7Rje/X7BB1anNKVmDhH6kTNCxJNGZLA17IRwIpKVRS5+Noty3DSFH/nnZ9OeF1sSFlMwrILkeoccdXojPk1QDdEaqIUwP6OTTTimZwSZwjGrmNAdphruWDX1UpqlCS2O4DUhmcer01eNeZH4S59aBbOJsFjc7hbsPjKf7knEvQ/4lPAQ/jMG9hxHzo84kBs8dgQxn9sERuiDwj2Yvgc53Y9gEPmZYGULXywUXbovEXzQiUsxZpOio6OeciNqWtOeLrMd/UjRLGRpZ2VzdD05MDcxMSxzPTg4NzhhNjYxNzg2YmE1N2M5Yzk5NjhhMjc5OTg4OTZhOWQ2Njg5ODI3YTc5YWE5MzdjOWY5MTg3NzM4YWIxOTc4YzgyNjg4YzdkYWU2ZTZl
.arescasino.com/	1969-12-31 23:59:59	Name: incap_ses_184_1680467 Value: yVEaFNBtM205kmE4C7SNAmtOLVsAAAAAVz0w0YrXu8a2vW9nyOVKVQ==
.www.arescasino.com/	1971-03-02 15:49:42	Name: site_visitor_id Value: 1529695852_148.251.45.254
.www.arescasino.com/	1970-01-18 17:39:34	Name: first_page Value: %2Fde%2Flp1%2Fbook_of_ra_deluxe%3Fautofocus%3D0
.www.arescasino.com/	1970-01-18 17:39:34	Name: source Value: http%3A%2F%2Fwww.gbpclk.com%2Fares%2Fde%2Fnmindex.php%3Fsite%3Dpc38-42654-nmlnd
.arescasino.com/	1970-01-19 01:39:47	Name: visid_incap_1680467 Value: YqL35p1JQWeMeUCRod3YOmtOLVsAAAAAQUIPAAAAAACQJeGTYvskuzDIQt/W5rfJ
www.arescasino.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8uu73pue4arskb7vmok684ab65

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
goto.peak-serving.com
newsbuzz.tv
partner.becomeaffiliates.com
popmyads.com
s.ytimg.com
sax.peakonspot.com
sjs.perfonspot.com
spykemedia.go2cloud.org
staticxx.facebook.com
whos.amung.us
www.arescasino.com
www.gbpclk.com
www.google-analytics.com
www.youtube.com
whos.amung.us
139.162.206.25
2400:cb00:2048:1::6818:7c1f
2a00:1450:4001:817::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::200e
2a00:1450:4001:825::200e
2a03:2880:f02d:12:face:b00c:0:3
31.204.152.169
34.197.12.237
34.218.171.103
45.60.80.8
52.0.69.144
54.208.38.120
54.246.209.63
0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd
029ee4f37264d7802c4074b32a70a66eb520f8e5f2080e2a132042cba7cedc0d
0519c3fc62a108e3d45cb5e3780ec4e543b7f18bf2a1161a2f6cfcd5f0313c4a
0693f2f7fb7689a9bc8544a19d36ba452f94c2796acac44d69fb34ebc96d79d8
0747d3bb1a47671210add22ff8f49d6130bf39ad8559153b6beee2166fdbb67b
1478fc52446859ee3633be7b8194715274924668bce8ba640250eb4e7573f4a4
1637ee7cfc859dd9d196ad52bc69a35b1c2be7d20cbfdd39d848517f4f59207b
1670b3f7179fbb2259a668624a010693b955a671d3407286bb69794697bc76c6
1d9eb04a9d690af9b4bb3390415e04cdcc59bd6bd7bdff3cc7f2c7fa11c07515
1f84d5c3e16996d4fa6473ac8da6f7e1594bbae927fcc10c75065959e75b55d8
26ee431afc690ecec9120b549617ad9db64c0d9a923c76cc96098b24bf3034e6
38684cb3db5a7d3b7bcfde3faf80a9d5963ebf6cc181e14f7a312905bff51408
401b7f6ac0fae44b7d2b86a1fb9dc0b5d926d0a578b8c09f8c2aaa36805e20a8
427995aa63f3543dc6ff3bb09d9e6557e1c00ea82390d4d7fe1deb3cf62ceefa
47667528f123620b151bf5cf53712b0233ee2a5ed43c204111a277bc5764ad08
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
4ee3eb917a307cdaf3cb6dfd6b15a4812777f7da931daa7c2118b5a5c1799b8e
51b0692a1d875e904fc05ecec453000e48a99b6f5ddd7c54c0006a19318e6f0c
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5aad00c856ea2600445c720a44894b4542462df2c63e3e29615384675b89954e
609777e632957b09ecab444b27cb9c0147bb2a595c590052f67b0efa3b879b42
63d47dc974124968407c17c5927d26cab7f8e9132142f2704c560ab8b96684b1
67ca63c8be159aa4ecc820de5748ceba05b97a2e01a328717c908fe9b4993d2a
6891bc1ac30cfda7878f53d9b87b95247a731a7f2264f23c9da927cf185e8673
73e7773f3bcafd36c27ca0aefdc0fbf3d27b96145ed2b6402fe05830435b7ce3
76975a2fb10ed18e966b7ee552871649fe3d3fae977473a6c66e1364a1533cdc
76e7ffec23fcf4eef52aaab700d367bb84706a607456cffb136e81122bdcc69f
7e2e64449065456d9ecbabae34efb834cec5b45b308bd263147deca33738d1a4
89511215043b5ffc4d3f473b794bef19611ef89700369f6215ae13049fc70390
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a1b028e9a027db7cf77f75b7798a375179b0406aab480df1df1abe8586b7d2be
a46a790dae4cb94f2da50e2a92f0c3f762a065fbe939bf84c6cac7f00bc7f581
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
a70b5c6c2372e2b888d111c2467fc367513f497609dd3b532eb566bee4fc1678
b00a9e0a5f6664333f022895ac9a658eae5a3c5d49595579704b4a36827b6fc0
b1c289697d4a3362100a62ad9cd884b82c9212cae5654e24b627c6f48d14607b
b28ebb597e05c0b1fa2486a781d23455ee35a2ac3a64256d6d17176857bb1c95
b3f1c1b8e4ec35738e99866bae325103a652d65cae971aa15f79fc6a91e0cdae
b8f59e008e78b58c23277c9356538b5bd845ab4a25f1105608f9c1c746565dd1
ba0b00ad38afe09753d055031ad728bb49d611a1bf752b21c3fe0fc2c4b1bbe7
bbee9276b0f4a985baa34e7180910d2b932c7b93a8e6b56d79baed0a704e16fa
bd4c9244b04167ffdf6badc332576d29a1b602a5e697b8b13b601f8315e5b105
bdee751f011820245126e1da6118410a9ff58682f29f4048046e0d3b1f72731d
c1c0f4d119b75affcbb60f2cc8eb84d36db7b461944fce6f7073a8419f2942a9
d18c6dce56aa93bbac8f563a4397265311b7352301972bc5dc8b4f53f5ef6769
d2eb4c367ddf99ef45b361de9ade34025c88be6867369a3a5be39d2285386b72
d36b2377e4cd1f6025d4de48a6f10b36014b5eb21b1e89f3f2d9cbb431f1f9f9
d50486ab83f9db2f93baf88ed7a8859d39a5a626d38482d493d24b23ca7cd953
dda5b2f8971eaff5deb0072616a34a24cc97885746bb7606cb600d19658c205c
ddefeec3f412b8c61c295963baa96250f413fa2ed142e8bff14fbc8aa9faba70
ebe56e9f75247ac63384a1937db19a49dabc8f8688be005f19c1530fab1617fd
ec567c888b921f68e0bec22011a9b233fb1dd012fdf0d6fdbca056d70d20f72e
ec7ac9662e1a8fd8ff8038976850c893ca74dafcd79ee7479a5f39f879011228
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

www.gbpclk.com Open in urlscan Pro 31.204.152.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

7 %HTTPS

50 %IPv6

17 Domains

18 Subdomains

12 IPs

4 Countries

2446 kBTransfer

3163 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gbpclk.com Open in urlscan Pro
31.204.152.169 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

7 %
HTTPS

50 %
IPv6

17
Domains

18
Subdomains

12
IPs

4
Countries

2446 kB
Transfer

3163 kB
Size

8
Cookies

61 HTTP transactions
1 data transactions