neueaffenspiele.de Open in urlscan Pro
78.109.31.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://short.php5developer.com/RqI
Effective URL:
http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Submission: On March 04 via manual (March 4th 2021, 7:53:40 am UTC) from UA

Summary HTTP 93 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 93 HTTP transactions. The main IP is 78.109.31.4, located in Ukraine and belongs to HOSTING-AS http://hosting.ua, UA. The main domain is neueaffenspiele.de.

This is the only time neueaffenspiele.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3032::6815:2970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
21	78.109.31.4 78.109.31.4	41665 (HOSTING-A...) (HOSTING-AS http://hosting.ua)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 2	23.235.251.211 23.235.251.211	19437 (SS-ASH) (SS-ASH)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
4	35.190.9.86 35.190.9.86	15169 (GOOGLE) (GOOGLE)
2	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700:e2:... 2606:4700:e2::ac40:8b11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	152.199.21.117 152.199.21.117	15133 (EDGECAST) (EDGECAST)
1	50.112.179.209 50.112.179.209	16509 (AMAZON-02) (AMAZON-02)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
93	25

9 2606:4700:3032::6815:2970 (United States)

ASN13335 (CLOUDFLARENET, US)

short.php5developer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 78.109.31.4 (Ukraine)

ASN41665 (HOSTING-AS http://hosting.ua, UA)
PTR: 4.31.109.78.hosting.ua

neueaffenspiele.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.235.251.211 (Ashburn, United States) 1 redirects

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

html5.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
html5.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.gamedock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.9.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.9.190.35.bc.googleusercontent.com

game.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
msgrt.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8b11 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ana.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.21.117 (United States)

ASN15133 (EDGECAST, US)

ssl.cdne.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.179.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-179-209.us-west-2.compute.amazonaws.com

gsght.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	neueaffenspiele.de neueaffenspiele.de	256 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	380 KB
9	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	114 KB
9	php5developer.com short.php5developer.com	83 KB
7	gamedistribution.com html5.gamedistribution.com img.gamedistribution.com html5.api.gamedistribution.com game.api.gamedistribution.com msgrt.gamedistribution.com	324 KB
4	google-analytics.com www.google-analytics.com	36 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	headerlift.com pub.headerlift.com ana.headerlift.com	1 KB
3	cpmstar.com 1 redirects server.cpmstar.com ssl.cdne.cpmstar.com	37 KB
3	googletagservices.com www.googletagservices.com	75 KB
3	google.com adservice.google.com	990 B
3	google.de adservice.google.de	1 KB
2	googleapis.com imasdk.googleapis.com	302 KB
2	improvedigital.com hb.improvedigital.com	107 KB
2	cloudflare.com cdnjs.cloudflare.com	2 KB
2	googleadservices.com partner.googleadservices.com	1 KB
1	gsght.com gsght.com	307 B
1	2mdn.net s0.2mdn.net	17 KB
1	gamedock.io cdn.gamedock.io	9 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
93	20

	Domain	Requested by
21	neueaffenspiele.de	short.php5developer.com neueaffenspiele.de
12	pagead2.googlesyndication.com	short.php5developer.com pagead2.googlesyndication.com tpc.googlesyndication.com neueaffenspiele.de srcdoc
9	short.php5developer.com	short.php5developer.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.google-analytics.com	short.php5developer.com html5.api.gamedistribution.com www.googletagmanager.com
3	counter.yadro.ru	2 redirects neueaffenspiele.de
3	www.googletagservices.com	pagead2.googlesyndication.com hb.improvedigital.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	imasdk.googleapis.com	html5.api.gamedistribution.com imasdk.googleapis.com
2	pub.headerlift.com	hb.improvedigital.com
2	hb.improvedigital.com	html5.api.gamedistribution.com hb.improvedigital.com
2	msgrt.gamedistribution.com	html5.api.gamedistribution.com
2	game.api.gamedistribution.com	html5.api.gamedistribution.com
2	server.cpmstar.com	1 redirects neueaffenspiele.de
2	cdnjs.cloudflare.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
1	gsght.com	neueaffenspiele.de
1	ssl.cdne.cpmstar.com	neueaffenspiele.de
1	ana.headerlift.com	html5.api.gamedistribution.com
1	s0.2mdn.net	imasdk.googleapis.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	cdn.gamedock.io	html5.api.gamedistribution.com
1	html5.api.gamedistribution.com	html5.gamedistribution.com
1	img.gamedistribution.com	html5.gamedistribution.com
1	html5.gamedistribution.com	neueaffenspiele.de
1	www.googletagmanager.com	neueaffenspiele.de
93	28

This site contains links to these domains. Also see Links.

Domain
www.google.com
silktide.com
codecanyon.net

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
*.gamedistribution.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-29` - `2021-07-30`	a year	crt.sh
*.api.gamedistribution.com R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
*.gamedock.io Sectigo RSA Domain Validation Secure Server CA	`2020-08-28` - `2021-08-29`	a year	crt.sh
*.improvedigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-04-25`	2 years	crt.sh
gsght.com R3	`2021-02-23` - `2021-05-24`	3 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Frame ID: 47CFC90C7149F6035ACE0A7C9AF94105
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html
Frame ID: 5F4C9889558FA633D9B212B0B5D16AEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8044416489926921&output=html&h=280&slotname=1042399892&adk=74649267&adf=2653041513&pi=t.ma~as.1042399892&w=1200&fwrn=4&fwrnh=100&lmt=1614844398&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fshort.php5developer.com%2FRqI&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614844397916&bpp=9&bdt=94&idt=84&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5949651563589&frm=20&pv=2&ga_vid=1555210474.1614844398&ga_sid=1614844398&ga_hid=849274047&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067213%2C44736377%2C44736525&oid=3&pvsid=2168643250007552&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=73Itdq458a&p=http%3A//short.php5developer.com&dtd=100
Frame ID: 3A3B2E947A3E404D6F4207933D960D34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8044416489926921&output=html&adk=1812271804&adf=3025194257&lmt=1614844398&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fshort.php5developer.com%2FRqI&ea=0&flash=0&pra=7&wgl=1&dt=1614844397926&bpp=1&bdt=104&idt=97&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5949651563589&frm=20&pv=1&ga_vid=1555210474.1614844398&ga_sid=1614844398&ga_hid=849274047&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067213%2C44736377%2C44736525&oid=3&pvsid=2168643250007552&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=102
Frame ID: 93367597536FA2609B84AB3A39C8327E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3D63C9E7F3C51E63417414BB149EFFDB
Requests: 2 HTTP requests in this frame

Frame: http://neueaffenspiele.de/spiele/seite/spielen-silly-ways-to-get-infected.html
Frame ID: 65CB1107E6BA2A2EFC027E94F74FAAA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html
Frame ID: E10C694501FFB4606F7CBE0075CBA483
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=280&slotname=4951701945&adk=971683036&adf=3198534375&pi=t.ma~as.4951701945&w=1200&fwrn=4&fwrnh=100&lmt=1614844409&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614844409615&bpp=11&bdt=56&idt=55&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7355013325604&frm=20&pv=2&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RSMHxLjBNQ&p=http%3A//neueaffenspiele.de&dtd=69
Frame ID: D8F0AAE5FE81E8F51448388F8FDE098B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=2506731704&adk=734794216&adf=3770511711&pi=t.ma~as.2506731704&w=160&lmt=1614844409&psa=0&format=160x600&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&wgl=1&dt=1614844409626&bpp=2&bdt=67&idt=64&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oJY4sFv2iK&p=http%3A//neueaffenspiele.de&dtd=68
Frame ID: D3AFA503B8D737744A61FD0BD1C8981E
Requests: 1 HTTP requests in this frame

Frame: http://html5.gamedistribution.com/dee7173d2b55487a99bcc2ad079376b0/
Frame ID: B41278C4FD0DB1B7984EEEA971538A41
Requests: 18 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 56DC2ADC3619E01B8FFBD4F7469C6BAC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FBB3854DBDAB5D2EA4EEBA8F4BDA5FD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=8413664506&adk=1762272480&adf=4082197280&pi=t.ma~as.8413664506&w=160&lmt=1614844410&psa=0&format=160x600&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&wgl=1&dt=1614844410519&bpp=1&bdt=961&idt=2&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da52aa28b0d89aa64-224a9a59f3a60054%3AT%3D1614844409%3ART%3D1614844409%3AS%3DALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q&prev_fmts=1200x280%2C160x600&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1308&ady=424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=EakQRDLLN4&p=http%3A//neueaffenspiele.de&dtd=6
Frame ID: 6BB5DA8C258615A3A3712A8C6DF0E9EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1614844410&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&ea=0&flash=0&pra=7&wgl=1&dt=1614844410540&bpp=1&bdt=981&idt=1&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da52aa28b0d89aa64-224a9a59f3a60054%3AT%3D1614844409%3ART%3D1614844409%3AS%3DALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q&prev_fmts=1200x280%2C160x600%2C160x600&nras=1&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=6
Frame ID: 733A39378187394C926BF1ADB8612A96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 160D7CD42557F1116C66DB7B48516270
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://short.php5developer.com/RqI Page URL
http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

93
Requests

61 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

25
IPs

4
Countries

1800 kB
Transfer

4204 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.google.com/intl/en/policies/privacy/partners/
Title: Learn more

Search URL Search Domain Scan URL

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://codecanyon.net/?ref=forza020

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://short.php5developer.com/RqI Page URL
http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 11

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534200897&utmhn=short.php5developer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=You%20are%20going%20to%20http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&utmhid=849274047&utmr=-&utmp=%2FRqI&utmht=1614844397906&utmac=UA-39007868-3&utmcc=__utma%3D100772547.1555210474.1614844398.1614844398.1614844398.1%3B%2B__utmz%3D100772547.1614844398.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1224080724&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534200897&utmhn=short.php5developer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=You%20are%20going%20to%20http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&utmhid=849274047&utmr=-&utmp=%2FRqI&utmht=1614844397906&utmac=UA-39007868-3&utmcc=__utma%3D100772547.1555210474.1614844398.1614844398.1614844398.1%3B%2B__utmz%3D100772547.1614844398.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1224080724&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 20

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

Request Chain 48

http://server.cpmstar.com/view.aspx?poolid=50732&script=1&rnd=792940 HTTP 302
https://server.cpmstar.com/view.aspx?poolid=50732&script=1&rnd=792940

Request Chain 84

http://counter.yadro.ru/hit?t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzustecken%20-%20Jetzt%20spielen%20auf%20Neueaffenspiele.de;0.5908344609841449 HTTP 302
https://counter.yadro.ru/hit?t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzustecken%20-%20Jetzt%20spielen%20auf%20Neueaffenspiele.de;0.5908344609841449 HTTP 302
https://counter.yadro.ru/hit?q;t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzustecken%20-%20Jetzt%20spielen%20auf%20Neueaffenspiele.de;0.5908344609841449

Request Chain 87

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-floating.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-floating.css

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set RqI Show response
short.php5developer.com/ 4 KB
2 KB 46ms
39ms Document
text/html 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f44d02022c2cba9eee2922fc5e2ce9f90ab0e17e9e3da436862c98784374dbb

Request headers

Host: short.php5developer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df4b9fc99d154d8cc2ebccf912a125c4c1614844397; expires=Sat, 03-Apr-21 07:53:17 GMT; path=/; domain=.php5developer.com; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
cf-request-id: 089dd320d500002c222e82a000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8pe62nZTKwfGcvnUtTrGcShbZfzqeERsKQ2w4UIGAryo2MXVqMmvFXXA2fWw1lF7DtbLvjUa3BPp8ZaaxKhchULbz2CxLYMRUyyjzM3dokv5LRVuM1QhXDLIglSJbleKWreDew%3D%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 62a987ae2ea32c22-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK frontend.css
short.php5developer.com/css/ 5 KB
2 KB 11ms
10ms Stylesheet
text/css 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/css/frontend.css
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f32680cfb742e5616c0ec4aa2e37372cf953b45eab0e15403bc505e16ebf0d6

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 02 Mar 2013 17:48:06 GMT
Server: cloudflare
Age: 55
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kINLCcaL85lznI6rKUjrL5Od95Zvn7XG6ig7xsdp2KovqTYz3rx%2B2ixOzrbpOGzXTTij38MExmOmIGrjKwQosV%2FepPqaL54ub%2FZgCUj5p3vECS8k251XYxqVlA6O1e%2FTnQKZRQ%3D%3D"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62a987ae6f092c22-FRA
NEL: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 089dd3210300002c221fbe1000000001

GET
H/1.1 200
OK jquery.min.js Show response
short.php5developer.com/assets/a3d6c0fc/ 94 KB
33 KB 22ms
16ms Script
application/javascript 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/assets/a3d6c0fc/jquery.min.js
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 28 Jan 2020 07:26:14 GMT
Server: cloudflare
Age: 55
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c2jcRLaIfii6DNYBQ50WPOR8pK4qVM9uH9wv2Xit2QOt2xrVjB%2FWZDphlNQzndLdAiDI2x%2BT7QNHBhPcgPZPs5bUuM2xCDg4wOaaz21R0AWfxJfhYE0iFgb17zjPQ2rXdtXO8Q%3D%3D"}],"max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62a987ae7cd50625-FRA
NEL: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 089dd3210800000625cbbc1000000001

GET
H/1.1 200
OK frontend.js Show response
short.php5developer.com/js/ 4 KB
2 KB 23ms
17ms Script
application/javascript 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/js/frontend.js?v=0.5
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186a97c6e86dfe00138bf544cd9dd76c93fd6c78e1605d5c3d87744ea3f7b98b

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 10 Feb 2018 18:02:20 GMT
Server: cloudflare
Age: 55
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PRxg%2BTB1HV5f8p0quLs4%2B76f4JO1seReLOHTm3uBZSGtEkyoVtx8nvyD4ynxfxuZs%2F8nhQDlAT2lwgiBb9uS2JJCtdWl5bKn3N8S0W2YSCvdQqK%2B8H3a4smHvaGk2DdKtFjFVg%3D%3D"}],"max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62a987ae7b94c2db-FRA
NEL: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 089dd321080000c2dbac82e000000001

GET
H/1.1 200
OK clipboard.min.js Show response
short.php5developer.com/js/ 11 KB
4 KB 20ms
14ms Script
application/javascript 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/js/clipboard.min.js
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 10 Feb 2018 18:02:22 GMT
Server: cloudflare
Age: 55
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ENC9iA9ra3ziAe7kKnkOx6wGVvftyffoDPZCNiIYlr0LjEfauTzTu7XgqgHtUZtCCDkFFpCPWUu3WYmYoclV7ekaE%2BsLKm2OLY%2FPj1zNBfW4vBZEjysvf2h2Y6Z9n1EENk2FDA%3D%3D"}]}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62a987ae7e674e44-FRA
NEL: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 089dd3210800004e44b02d0000000001

GET
H/1.1 200
OK share42.js Show response
short.php5developer.com/js/ 4 KB
2 KB 28ms
22ms Script
application/javascript 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/js/share42.js
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f6ef13daa8d8813f043b0a368762a7b950ffb195cea4d01f46d334fb6fcb27

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sat, 02 Mar 2013 17:48:22 GMT
Server: cloudflare
Age: 55
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Jrupp6a5NQ5UIr63yNMMVg8lxkwukw4paYzlBAbfjNRcJn%2BOFMFslNLFfXM54kKCPbtwg3uCW6MiHHk2LdDV6ZINikCfxhl6imuAl48ekT77HtQ3oMv2rvIuOMnn4kGoYdiZA%3D%3D"}]}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62a987ae7a8b4a68-FRA
NEL: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 089dd3210900004a685b1b2000000001

GET
H/1.1 200
OK cc_300x250_v1.gif
short.php5developer.com/images/ 32 KB
32 KB 26ms
26ms Image
image/gif 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://short.php5developer.com/images/cc_300x250_v1.gif
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcde3897b46a1944be73861fc37adad8c7b3c21ef6b0bfce0822ec8617b5b585

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 55
Connection: keep-alive
Content-Length: 32514
cf-request-id: 089dd3212c0000c2db17aee000000001
Last-Modified: Thu, 07 Mar 2013 16:44:22 GMT
Server: cloudflare
ETag: "5138c3e6-7f02"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AJZpp%2F3Woqo7rmd8mAew%2BdYoYvlmlGWRPW4%2FmsfENTugPnQq42GrENnmm1eT7vqbI%2B%2Fa06zFeVkZcT5mz3b%2F128ufChRpfwPoionhQgHvrYj2tcOKOpL%2B%2B%2F87Ic6hEOdFJ1jJA%3D%3D"}],"max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 62a987aeabc7c2db-FRA

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
50 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: short.php5developer.com
URL: http://short.php5developer.com/RqI

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 04 Mar 2021 07:53:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12800053778782964411
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50150
X-XSS-Protection: 0
Expires: Thu, 04 Mar 2021 07:53:17 GMT

GET
H/1.1 200
OK cookieconsent.latest.min.js Show response
short.php5developer.com/js/ 4 KB
3 KB 10ms
10ms Script
application/javascript 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://short.php5developer.com/js/cookieconsent.latest.min.js
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Request headers

Referer: http://short.php5developer.com/RqI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Sat, 09 Jan 2016 13:21:26 GMT
Server: cloudflare
Age: 55
vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DyyQrUPb3Np%2B2DReIVROx7e3Yflf7%2FYAX5BcOlkR1D33aGU8RKEm9ZD%2Bli6aq3R7y6de0CUpOa9DB%2F4bw4HyoxzLSttGeaXx6fsJ9OI5YlfAit1Z8xBDpSFBeOGpAmayMz6r7w%3D%3D"}],"max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62a987ae9bb3c2db-FRA
NEL: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 089dd3211e0000c2dba433a000000001

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: short.php5developer.com
URL: http://short.php5developer.com/RqI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2753
date: Thu, 04 Mar 2021 07:07:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 04 Mar 2021 09:07:24 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg.png
short.php5developer.com/images/ 2 KB
2 KB 10ms
9ms Image
image/png 2606:4700:3032::6815:2970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://short.php5developer.com/images/bg.png
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/css/frontend.css
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:2970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d611c68aa02e4cee400a1e6a34bb27628d53a5329a3b249ff6c022799071f535

Request headers

Referer: http://short.php5developer.com/css/frontend.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:17 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 55
Connection: keep-alive
Content-Length: 1575
cf-request-id: 089dd3212b00004a68203c9000000001
Last-Modified: Sat, 02 Mar 2013 17:48:14 GMT
Server: cloudflare
ETag: "51323b5e-627"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dLhuWlYH%2BlSE0Z0yh60Jm78Z4bK9BhC7%2FDYHD2n1V7hzQbSJ6aQUnLEZRfBff89Lq7h4lihMwq6weY53GKWGIaWc4gwZcfi3%2Behr%2BK0vI%2FPDMbvXXs6rU5DBikh0YfZZGSVLjw%3D%3D"}]}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 62a987aeaacf4a68-FRA

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534200897&utmhn=short.php5developer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534200897&utmhn=short.php5developer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...

35 B
378 B

35ms
21ms

Image
image/gif

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534200897&utmhn=short.php5developer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=You%20are%20going%20to%20http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&utmhid=849274047&utmr=-&utmp=%2FRqI&utmht=1614844397906&utmac=UA-39007868-3&utmcc=__utma%3D100772547.1555210474.1614844398.1614844398.1614844398.1%3B%2B__utmz%3D100772547.1614844398.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1224080724&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: short.php5developer.com
URL: http://short.php5developer.com/RqI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:53:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1534200897&utmhn=short.php5developer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=You%20are%20going%20to%20http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&utmhid=849274047&utmr=-&utmp=%2FRqI&utmht=1614844397906&utmac=UA-39007868-3&utmcc=__utma%3D100772547.1555210474.1614844398.1614844398.1614844398.1%3B%2B__utmz%3D100772547.1614844398.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1224080724&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/ 227 KB
86 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8044416489926921&plah=short.php5developer.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 15270628242900322163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Mar 2021 07:53:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/ Frame 5F4C 11 KB
6 KB 27ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210302/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://short.php5developer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://short.php5developer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 18:03:50 GMT
expires: Wed, 17 Mar 2021 18:03:50 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 49767
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
645 B 52ms
28ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=short.php5developer.com&callback=_gfp_s_&client=ca-pub-8044416489926921

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8044416489926921&plah=short.php5developer.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a2da432e4004e18c47cc9b6a954080468b5186e8dd93fc365edfef701a74c7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=short.php5developer.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=short.php5developer.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A3B 399 B
330 B 107ms
93ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8044416489926921&output=html&h=280&slotname=1042399892&adk=74649267&adf=2653041513&pi=t.ma~as.1042399892&w=1200&fwrn=4&fwrnh=100&lmt=1614844398&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fshort.php5developer.com%2FRqI&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614844397916&bpp=9&bdt=94&idt=84&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5949651563589&frm=20&pv=2&ga_vid=1555210474.1614844398&ga_sid=1614844398&ga_hid=849274047&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067213%2C44736377%2C44736525&oid=3&pvsid=2168643250007552&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=73Itdq458a&p=http%3A//short.php5developer.com&dtd=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2963fb0ad1d10bf935657c57c96b290a3fe2a75cb1d6ae6016d1494378c52dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8044416489926921&output=html&h=280&slotname=1042399892&adk=74649267&adf=2653041513&pi=t.ma~as.1042399892&w=1200&fwrn=4&fwrnh=100&lmt=1614844398&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fshort.php5developer.com%2FRqI&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614844397916&bpp=9&bdt=94&idt=84&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5949651563589&frm=20&pv=2&ga_vid=1555210474.1614844398&ga_sid=1614844398&ga_hid=849274047&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=547&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067213%2C44736377%2C44736525&oid=3&pvsid=2168643250007552&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=73Itdq458a&p=http%3A//short.php5developer.com&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://short.php5developer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://short.php5developer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 07:53:18 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 04-Mar-2021 08:08:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 07:53:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:18 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9336 0
549 B 32ms
29ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8044416489926921&output=html&adk=1812271804&adf=3025194257&lmt=1614844398&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fshort.php5developer.com%2FRqI&ea=0&flash=0&pra=7&wgl=1&dt=1614844397926&bpp=1&bdt=104&idt=97&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5949651563589&frm=20&pv=1&ga_vid=1555210474.1614844398&ga_sid=1614844398&ga_hid=849274047&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067213%2C44736377%2C44736525&oid=3&pvsid=2168643250007552&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=102

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8044416489926921&output=html&adk=1812271804&adf=3025194257&lmt=1614844398&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fshort.php5developer.com%2FRqI&ea=0&flash=0&pra=7&wgl=1&dt=1614844397926&bpp=1&bdt=104&idt=97&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5949651563589&frm=20&pv=1&ga_vid=1555210474.1614844398&ga_sid=1614844398&ga_hid=849274047&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067213%2C44736377%2C44736525&oid=3&pvsid=2168643250007552&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://short.php5developer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://short.php5developer.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 04 Mar 2021 07:53:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 04-Mar-2021 08:08:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 07:53:18 GMT
cache-control: private

GET
H2

200

light-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

3 KB
1 KB

10ms
10ms

Stylesheet
text/css

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3661752
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 776
cf-request-id: 089dd3223900004aaf07113000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cqVH8ioBzwqdLYBCZk6OHLyMS%2F3ZAMDqu%2BZrEWb22ggLnL43Vlb183rutXS26NJlG28bAWis1ggAce6uOlLFKX7bqy2MXQ1%2Fa3XpP2C0jQNv8pUMK4Vx%2Bl5IqHAUSuynhg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62a987b05cd04aaf-FRA
expires: Tue, 22 Feb 2022 07:53:18 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
Non-Authoritative-Reason: HSTS

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 37ms
24ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210302&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

183c95fb742395a9a6432ff988a2c005d542db17ae8ca0e05d02376fa829bb4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6616
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:18 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3D63 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://short.php5developer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://short.php5developer.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 23:45:07 GMT
expires: Thu, 03 Mar 2022 23:45:07 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29291
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D63 14 KB
6 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 21:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 209373
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Tue, 01 Mar 2022 21:43:45 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 28ms
27ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210302&jk=2168643250007552&bg=!srGlsfLNAAWsVXnBrDsAKQB2-Dxa_44_kmIveHBW3GDbMErJArwWeH8NJ8v7CG9H4oZSyfhoOtJEAgAAAElSAAAADGgBBwoAqqXVoqKDH-0mda37sM9zdfMaHPwxG1_OhLOkpaZcnCpsfzFFRae3aC66appR9H3xdoleWHFAdCFOvS5rJNO2svCfhPg6WwTCMzlAS7ckNEX9Bx8O7l_g6F8gcRMomwens4k0TxOBpiy3fuYzU0jXo18zp59MtdX7GDHqrtNMU6W-2qCFB4Rfol9HsxjtYMXitaa8X0V2v8GmA0USBomai65ObD7i_qoItx3gmQHWYxymOWzsttmLO_YwCMvI81T8bgbQjyEeVsmTC8QGOh6cwLxPY1W5aAjwLUi3L5n4DKmf-IaaBuzAYtR85IyBHHaYg6wKdfz7ByagsTZFOHjAzMzxqSMYKLKs31R7RhA3477XL2Nk8O1ULxWUlOEAT4Z5g8lu1td4V6vM5_rMhmOfAndUsVm3la0TtzUnzS6wgqJJvovEmwHYtG7lyNYiRVm_-e5elIN2S4V7gTh31uQ4YDTUj7XGnuwnXgQkn-lo4bfX3aIKDxA1pxEiMFyQC0bOQ5j070XhQZ4OWvBR8OIaumxNRbfYL139xZHq_gtWW3H-cuXba3UyOc5TvEZcNBnip6w7ghFRGDaRZpiicUUxdDGEkrneL6z2DusX3mDJvENi7m1p4-H-E2f5iWqit6k-HMSo3enifo3HNJsRoiPV-63H0z3_jNXL3o2QW0pQIIJieMmoWRansLoeq6SoBUveN2rTKZd9AESwkXxY6nC9sDFpNy7sf-s_phMGJV1Ypg26sQsLvIOaVk54mZD6mBo7Z4XFYxCBR4H3rhMjY3FrS2S3DaNYVLxMulWQ3ZbOmmMl7xyb2YKcpFXOPZx5HKT_2fT9ZxacFfsqczHxQ8w9AuNPZ6g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://short.php5developer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:53:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Primary Request dumme-moeglichkeiten-sich-anzustecken.html Show response
neueaffenspiele.de/ 31 KB
8 KB 662ms
646ms Document
text/html 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Requested by: Host: short.php5developer.com
URL: http://short.php5developer.com/RqI
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx / PHP/5.3.29
Resource Hash: af3fe8174ea24c0aa1e2ad6ba965fbfe89575049f8426e54ae23aeef3099f8a8

Request headers

Host: neueaffenspiele.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://short.php5developer.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://short.php5developer.com/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 7799
Connection: keep-alive
X-Powered-By: PHP/5.3.29
X-Hyper-Cache: stop - no cache header
Link: <http://neueaffenspiele.de/?p=3129>; rel=shortlink
Expires: Thu, 04 Mar 2021 19:53:28 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H/1.1 200
OK logo.png
neueaffenspiele.de/wp-content/themes/affe/images/ 10 KB
10 KB 64ms
63ms Image
image/png 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/images/logo.png
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 6d5303f5c9f3b010704e78a5a36fb7f91e123cb9659606dd70eab1ffc8723b5d

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Sat, 23 Sep 2017 09:07:51 GMT
Server: nginx
ETag: "59c62467-289a"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10394
Expires: Sat, 03 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK menu-ham-icon.png
neueaffenspiele.de/wp-content/themes/affe/images/ 3 KB
3 KB 124ms
117ms Image
image/png 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/images/menu-ham-icon.png
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: d306150613b5f898a3153cbf32f7edeaa4fc7e264a320b4fad881a42cfeedf5f

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Sat, 23 Sep 2017 09:07:51 GMT
Server: nginx
ETag: "59c62467-b1d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2845
Expires: Sat, 03 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK close-btn.png
neueaffenspiele.de/wp-content/themes/affe/images/ 296 B
627 B 63ms
63ms Image
image/png 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/images/close-btn.png
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: fc7c9613541328021bfd36f2edbd89397e9a0d991c42fe6fdeaac450730b22d1

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Sat, 23 Sep 2017 09:07:50 GMT
Server: nginx
ETag: "128-559d7a8f1f4ff"
Content-Type: image/png
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 296
Expires: Sat, 03 Apr 2021 07:53:29 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50150
x-xss-protection: 0
server: cafe
etag: 12800053778782964411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
50 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12800053778782964411
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50150
X-XSS-Protection: 0
Expires: Thu, 04 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK rating_on.png
neueaffenspiele.de/wp-content/plugins/wp-postratings/images/stars_crystal/ 659 B
990 B 283ms
63ms Image
image/png 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/plugins/wp-postratings/images/stars_crystal/rating_on.png
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 89da33a2204ca0e7165bf60dd3bfa3a3c20fd6ed97313fd7a2640e673efac01c

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Thu, 20 Feb 2020 19:22:55 GMT
Server: nginx
ETag: "293-59f06d4f63e4c"
Content-Type: image/png
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 659
Expires: Sat, 03 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK rating_off.png
neueaffenspiele.de/wp-content/plugins/wp-postratings/images/stars_crystal/ 657 B
988 B 227ms
65ms Image
image/png 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/plugins/wp-postratings/images/stars_crystal/rating_off.png
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 6da72fd805f23a255ed485e7dd455dc08c0a37e3f4aa142bbde7bec7dbd7b6ab

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Thu, 20 Feb 2020 19:22:55 GMT
Server: nginx
ETag: "291-59f06d4f626dc"
Content-Type: image/png
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 657
Expires: Sat, 03 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK chuck-rock.jpg
neueaffenspiele.de/wp-content/uploads/2017/10/ 22 KB
23 KB 221ms
63ms Image
image/jpeg 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/uploads/2017/10/chuck-rock.jpg
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 400b56159e996ff455c0f5641908914b31c27c3f952449c555de4bce61ace7be

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Fri, 27 Oct 2017 22:15:06 GMT
Server: nginx
ETag: "59f3afea-5994"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22932
Expires: Thu, 01 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK zombidle-halloween.jpg
neueaffenspiele.de/wp-content/uploads/2017/10/ 16 KB
17 KB 224ms
62ms Image
image/jpeg 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/uploads/2017/10/zombidle-halloween.jpg
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 09cbd559df38661d45250bc1e0f1aaa67b0d1021adb6cf81a35165b063fa1026

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Fri, 27 Oct 2017 21:16:37 GMT
Server: nginx
ETag: "59f3a235-41fb"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16891
Expires: Thu, 01 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK effing-worms-xmas.jpg
neueaffenspiele.de/wp-content/uploads/2016/12/ 48 KB
49 KB 215ms
63ms Image
image/jpeg 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/uploads/2016/12/effing-worms-xmas.jpg
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: f19a724634d1c34788711f18c8dd8d51e20540cc8b12259b4dd71d77952cd0de

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Fri, 23 Dec 2016 00:58:22 GMT
Server: nginx
ETag: "585c76ae-c0fa"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49402
Expires: Thu, 01 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK happy-wheels.jpg
neueaffenspiele.de/wp-content/uploads/2016/12/ 18 KB
19 KB 219ms
63ms Image
image/jpeg 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/uploads/2016/12/happy-wheels.jpg
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 5edc2d988821d5a2c628ba375d6c057666db0ce10afd6cef5d09ccd75c664d06

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Thu, 08 Dec 2016 23:38:08 GMT
Server: nginx
ETag: "5849eee0-496e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Thu, 01 Apr 2021 07:53:29 GMT

GET
H/1.1 200
OK miami-rex.jpg
neueaffenspiele.de/wp-content/uploads/2016/11/ 41 KB
41 KB 162ms
63ms Image
image/jpeg 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/uploads/2016/11/miami-rex.jpg
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 2e7a238325c2b6e67d4a872f95be234b42656f90ed40d435293a13eeb0ee9e32

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Mon, 14 Nov 2016 22:12:22 GMT
Server: nginx
ETag: "582a36c6-a4a8"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42152
Expires: Thu, 01 Apr 2021 07:53:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8DH33QQECN

Requested by

Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

471aae0cf6dbd7106af713232aed41c6d017f46f051108f52992521091e2d6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53716
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK jquery-1.9.1.min-parallax-effect-for-beautiful-sites.js Show response
neueaffenspiele.de/wp-content/themes/affe/ 90 KB
37 KB 135ms
126ms Script
application/javascript 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/jquery-1.9.1.min-parallax-effect-for-beautiful-sites.js
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Sep 2017 09:07:48 GMT
Server: nginx
ETag: W/"59c62464-169d9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 11 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK menu-side-slide-menu.js Show response
neueaffenspiele.de/wp-content/themes/affe/ 486 B
588 B 129ms
120ms Script
application/javascript 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/menu-side-slide-menu.js
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: e701ec10e4eb8b79cb36def30413a61c6cbbbe9b3218fff64f5cc7ea36ca326d

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Sep 2017 09:07:48 GMT
Server: nginx
ETag: "1e6-559d7a8d1f58d-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
X-Accel-Version: 0.01
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182
Expires: Thu, 11 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK jquery.js Show response
neueaffenspiele.de/wp-includes/js/jquery/ 95 KB
39 KB 132ms
123ms Script
application/javascript 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/wp-includes/js/jquery/jquery.js
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Sep 2017 08:54:46 GMT
Server: nginx
ETag: W/"59c62156-17ba0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 11 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK postratings-js.js Show response
neueaffenspiele.de/wp-content/plugins/wp-postratings/js/ 3 KB
1 KB 129ms
120ms Script
application/javascript 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.50
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 19:23:02 GMT
Server: nginx
ETag: W/"5e4edc96-d01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 11 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK cookieconsent.min.js Show response
neueaffenspiele.de/js/ 4 KB
2 KB 64ms
64ms Script
application/javascript 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/js/cookieconsent.min.js
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: e18e8fe67b7af3e4c82382023e05f598c42dd08cfab1db7f4be2c26acbe4d1fa

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jul 2016 17:36:39 GMT
Server: nginx
ETag: W/"5794fca7-118a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 11 Mar 2021 07:53:29 GMT

GET
H/1.1 200
OK menu-bg1.gif
neueaffenspiele.de/wp-content/themes/affe/images/ 128 B
458 B 177ms
62ms Image
image/gif 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/images/menu-bg1.gif
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 82db6acc3061a9750ea0b5d1bdb57c8950e95d3b570036f61f50637a69066107

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Sat, 23 Sep 2017 09:07:51 GMT
Server: nginx
ETag: "80-559d7a8f6b7c0"
Content-Type: image/gif
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128
Expires: Sat, 03 Apr 2021 18:22:29 GMT

GET
H/1.1 200
OK search.gif
neueaffenspiele.de/wp-content/themes/affe/images/ 165 B
495 B 168ms
62ms Image
image/gif 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/images/search.gif
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Sat, 23 Sep 2017 09:07:51 GMT
Server: nginx
ETag: "a5-559d7a8f86189"
Content-Type: image/gif
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165
Expires: Sat, 03 Apr 2021 18:22:29 GMT

GET
H/1.1 200
OK searchpart.gif
neueaffenspiele.de/wp-content/themes/affe/images/ 240 B
570 B 172ms
63ms Image
image/gif 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/themes/affe/images/searchpart.gif
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:29 GMT
Last-Modified: Sat, 23 Sep 2017 09:07:51 GMT
Server: nginx
ETag: "f0-559d7a8f91151"
Content-Type: image/gif
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240
Expires: Sat, 03 Apr 2021 18:22:29 GMT

GET
H/1.1 200
OK spielen-silly-ways-to-get-infected.html Show response
neueaffenspiele.de/spiele/seite/ Frame 65CB 734 B
846 B 103ms
63ms Document
text/html 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/spiele/seite/spielen-silly-ways-to-get-infected.html
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: f3703277413e566b49c9500482e810219ff5f795d0724ab41117bd663339c0c3

Request headers

Host: neueaffenspiele.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Type: text/html
Content-Length: 454
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 07 Dec 2020 19:10:07 GMT
ETag: "2de-5b5e49309a257-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=43200
Expires: Thu, 04 Mar 2021 19:53:29 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H/1.1

200
OK

view.aspx Show response
server.cpmstar.com/
Redirect Chain

http://server.cpmstar.com/view.aspx?poolid=50732&script=1&rnd=792940
https://server.cpmstar.com/view.aspx?poolid=50732&script=1&rnd=792940

899 B
2 KB

616ms
156ms

Script
text/html

23.235.251.211
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=50732&script=1&rnd=792940
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a65e92cf3f695172d44154883a85f0774cc24888bc98c49d3c95a629922f6f84

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:53:29 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://server.cpmstar.com/view.aspx?poolid=50732&script=1&rnd=792940
Cache-Control: no-cache
Content-length: 0

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/ 227 KB
85 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=neueaffenspiele.de&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 15270628242900322163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Mar 2021 07:53:29 GMT

GET
H3-Q050 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/ Frame E10C 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210302/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://neueaffenspiele.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 18:03:50 GMT
expires: Wed, 17 Mar 2021 18:03:50 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 49779
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
622 B 77ms
59ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=neueaffenspiele.de&callback=_gfp_s_&client=ca-pub-7652110621730409

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b1ac7c828b13ee0c366633b73793cc456a3ebaecd2f7c3db4871cf90e7f2602c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 39ms
21ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=neueaffenspiele.de

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 36ms
19ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=neueaffenspiele.de

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8F0 405 B
503 B 128ms
128ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=280&slotname=4951701945&adk=971683036&adf=3198534375&pi=t.ma~as.4951701945&w=1200&fwrn=4&fwrnh=100&lmt=1614844409&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614844409615&bpp=11&bdt=56&idt=55&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7355013325604&frm=20&pv=2&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RSMHxLjBNQ&p=http%3A//neueaffenspiele.de&dtd=69

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

252ded355451390fd757017587857d343795f36b63207cea2badae7a63862b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&h=280&slotname=4951701945&adk=971683036&adf=3198534375&pi=t.ma~as.4951701945&w=1200&fwrn=4&fwrnh=100&lmt=1614844409&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1614844409615&bpp=11&bdt=56&idt=55&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7355013325604&frm=20&pv=2&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RSMHxLjBNQ&p=http%3A//neueaffenspiele.de&dtd=69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://neueaffenspiele.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 07:53:29 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUlkOazYgvmHJov7978wV9pzqch55WmmmF0KG7jugxh0Vq-RoKOE_rE5Y_Wl7a8; expires=Tue, 29-Mar-2022 07:53:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 07:53:29 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:29 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3AF 405 B
370 B 121ms
119ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=2506731704&adk=734794216&adf=3770511711&pi=t.ma~as.2506731704&w=160&lmt=1614844409&psa=0&format=160x600&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&wgl=1&dt=1614844409626&bpp=2&bdt=67&idt=64&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oJY4sFv2iK&p=http%3A//neueaffenspiele.de&dtd=68

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c3217a52babf6036a7693f08dcd71ec408e3bb224ace4912666d5f664a1ba97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=2506731704&adk=734794216&adf=3770511711&pi=t.ma~as.2506731704&w=160&lmt=1614844409&psa=0&format=160x600&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&wgl=1&dt=1614844409626&bpp=2&bdt=67&idt=64&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=132&ady=424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oJY4sFv2iK&p=http%3A//neueaffenspiele.de&dtd=68
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://neueaffenspiele.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 07:53:29 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUnoJe8BJlHqgJtFCWIgCQzXz6K20C4LOLE0WIbOwKYaG0SY2sVkKNuU07vtL28; expires=Tue, 29-Mar-2022 07:53:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 07:53:29 GMT
cache-control: private

GET
H/1.1 200
OK / Show response
html5.gamedistribution.com/dee7173d2b55487a99bcc2ad079376b0/ Frame B412 6 KB
2 KB 33ms
26ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://html5.gamedistribution.com/dee7173d2b55487a99bcc2ad079376b0/
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/spiele/seite/spielen-silly-ways-to-get-infected.html
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d8dec8303e0f282b906ff96f35ff75aeba6f4e256e85386cf1179a22827f12d

Request headers

Host: html5.gamedistribution.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://neueaffenspiele.de/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:53:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: private, max-age 3600
ETag: W/"1868-CHZnbRH/bzlGFZM7/g+dPCK3PYI"
Content-Encoding: gzip
Via: 1.1 google
Cache: EXPIRED
X-Cached-Since: 2021-01-20T13:38:48+00:00
X-ID: fr5-up-gc32
X-VHOST-VER: 7662385464339138996

GET
H2 200 dee7173d2b55487a99bcc2ad079376b0-512x512.jpeg
img.gamedistribution.com/ Frame B412 226 KB
226 KB 30ms
7ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/dee7173d2b55487a99bcc2ad079376b0-512x512.jpeg
Requested by: Host: html5.gamedistribution.com
URL: http://html5.gamedistribution.com/dee7173d2b55487a99bcc2ad079376b0/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d96ddf11a28cff222354af4a2b6af8e1ffab5a87333c32529b827b786a820c41

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Thu, 04 Mar 2021 07:53:29 GMT
last-modified: Mon, 06 Apr 2020 14:02:10 GMT
server: nginx
etag: "82f17f9815263746a0e47be765eb82da"
x-cached-since: 2021-03-01T19:43:48+00:00
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 231198
x-vhost-ver: 3220252195967861157
expires: Fri, 05 Mar 2021 07:53:29 GMT

GET
H2 200 main.min.js Show response
html5.api.gamedistribution.com/ Frame B412 320 KB
91 KB 148ms
44ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.api.gamedistribution.com/main.min.js
Requested by: Host: html5.gamedistribution.com
URL: http://html5.gamedistribution.com/dee7173d2b55487a99bcc2ad079376b0/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3d55abaea0eb323966b9f0c88f81c91c433efb5bf45bf6390e8cad729ea0a38c

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 04 Mar 2021 07:53:29 GMT
content-encoding: gzip
last-modified: Sun, 21 Feb 2021 15:57:50 GMT
server: nginx
etag: W/"592676489bfd711460868914b921f2bd"
vary: Accept-Encoding
x-cached-since: 2021-03-01T16:00:10+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
x-vhost-ver: 7851848426094787396
expires: Fri, 05 Mar 2021 07:53:29 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame B412 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 372
date: Thu, 04 Mar 2021 07:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 04 Mar 2021 09:47:17 GMT

GET
H2 200 gamedock-sdk.min.js Show response
cdn.gamedock.io/gamedock-web-tracker/4.0.4/script/ Frame B412 9 KB
9 KB 48ms
9ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gamedock.io/gamedock-web-tracker/4.0.4/script/gamedock-sdk.min.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 63456a217edb6d57c61411b3f3b3be365f6f5604bc7109f6d97b457f96cd752e

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
last-modified: Mon, 14 Sep 2020 08:30:44 GMT
etag: "1600072244"
x-hw: 1614844410.dop217.fr8.t,1614844410.cds220.fr8.hn,1614844410.cds207.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=985058
accept-ranges: bytes
content-length: 8968

GET
H2 200 / Show response
game.api.gamedistribution.com/game/v3/get/dee7173d2b55487a99bcc2ad079376b0/ Frame B412 3 KB
4 KB 34ms
16ms Fetch
application/json 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v3/get/dee7173d2b55487a99bcc2ad079376b0/?domain=neueaffenspiele.de&v=1.8.12&localTime=8
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 778f6241842f7727f4e9b7480dd3aff5c2c9a1bb8524fb655485a538c7c1078a

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
etag: W/"dc7-Zc3+sPfi6IpU5UqyJbXhSIb+b1M"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age 3600
alt-svc: clear
content-length: 3527

GET
H2 200 neueaffenspiele.de Show response
game.api.gamedistribution.com/game/v3/checkdomain/ Frame B412 55 B
148 B 18ms
17ms Fetch
application/json 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v3/checkdomain/neueaffenspiele.de?correlator=1614844410023
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: fa6de724b65acaaee077c75c7347a11805bed57b2277e009ce525f185bbb4332

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
etag: W/"37-6H/Q2akFCCaTzHF0OfG11GlVj0c"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age 3600
alt-svc: clear
content-length: 55

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame B412 2 B
153 B 33ms
16ms Fetch
text/plain 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.error&ar=W3siZ21pZCI6ImRlZTcxNzNkMmI1NTQ4N2E5OWJjYzJhZDA3OTM3NmIwIiwidGRtbiI6Im5ldWVhZmZlbnNwaWVsZS5kZSIsImRvbW4iOiJuZXVlYWZmZW5zcGllbGUuZGUiLCJyZnJyIjoiaHR0cDovL25ldWVhZmZlbnNwaWVsZS5kZS8iLCJsdGhyIjo4LCJjdHJ5IjoiREUiLCJkcHRoIjoyLCJ2ZXJzIjoiMS44LjEyIiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoiQ2Fubm90IHJlYWQgcHJvcGVydHkgJ2dldEl0ZW0nIG9mIG51bGwifSwidHRsZSI6IlNpbGx5IFdheXMgVG8gR2V0IEluZmVjdGVkIiwic2l6ZSI6Ijg5NiB4IDU3NiIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiODMiLCJvc25tIjoiTWFjIE9TIiwib3N2ciI6IjEwLjE0LjUiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6ZmFsc2UsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1614844410031
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 2

GET
H2 200 gameDistributionV1.3.min.js Show response
hb.improvedigital.com/pbw/ Frame B412 60 KB
19 KB 39ms
9ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2e198e9eba7efa5923e4a7d8e0f1e49c7c1d9f4c34b6ab305162111a9edf4ca7

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 09:47:55 GMT
etag: "1611049675"
x-hw: 1614844410.dop220.fr8.t,1614844410.cds263.fr8.hn,1614844410.cds248.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1472
accept-ranges: bytes
content-length: 19022

GET
H/1.1 200
OK prebid-idhb-v3.26e.min.js Show response
hb.improvedigital.com/pbw/prebid/ Frame B412 284 KB
88 KB 15ms
9ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v3.26e.min.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Protocol: HTTP/1.1
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: b1c9552ff946c8d6ed8b4a6879aed0d758c5c1bdffe3e284de7e3bb4c4e3b950

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Nov 2020 08:29:15 GMT
ETag: "1604564955"
X-HW: 1614844410.dop245.fr8.t,1614844410.cds126.fr8.c
Content-Type: application/javascript
Cache-Control: public, max-age=127195
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 90098

GET
H2 200 opphb Show response
pub.headerlift.com/ Frame B412 336 B
969 B 37ms
20ms Fetch
application/json 2606:4700:e2::ac40:8b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=http%3A%2F%2Fneueaffenspiele.de&game_id=dee7173d2b55487a99bcc2ad079376b0&ad_position=gdbanner
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd57050ed6edcd7d939c06d6374386d268598ddc6f4b3049307ca5dc54d80951

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
content-encoding: br
cf-request-id: 089dd3510200004e68ec3d3000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s7XI4LttRoi8r8PS%2BP5FAhYDGmQM2K5xQdMnBEMRz9OsEojzx32F2aUNvA4vauti1Gxkyq2RvSY0V3R1WhwqswIm7dzeyhXM53OYGziuvZrmtliENvnTkA2WcsFvnkQ%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 62a987fb3c924e68-FRA
access-control-allow-headers: *

GET
H2 200 opphb Show response
pub.headerlift.com/ Frame B412 341 B
507 B 39ms
22ms Fetch
application/json 2606:4700:e2::ac40:8b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=http%3A%2F%2Fneueaffenspiele.de&game_id=dee7173d2b55487a99bcc2ad079376b0&ad_position=gdprerollbanner
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0371e8c852e2743f21a6d458edef88e71904ac2661b00909f235ca4eb5043948

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
content-encoding: br
cf-request-id: 089dd3510200004e68d4bae000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F6YRZDz7wO09OQNezatFYY8Ge2IU6kfXF0OsxuNxUc6ziWi2q7JZfU%2FtBZYe7mXvd5Fo3py%2FNo1DycgtkBXLsGmAC%2By2tE%2BUdiIZIwxDyP59TKMCrXhxrhDYD%2BaUpAg%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 62a987fb3c954e68-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame B412 56 KB
19 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352ba752406e786b9966b4216f7f4e2eecf6ced4c3819551eb13bb14a5f35147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "801 / 903 of 1000 / last-modified: 1614813189"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 19381
X-XSS-Protection: 0
Expires: Thu, 04 Mar 2021 07:53:30 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B412 327 KB
113 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115081
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:30 GMT

GET
H2 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B412 287 KB
101 KB 38ms
15ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:30 GMT

GET
H/1.1 200
OK bridge3.445.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 56DC 577 KB
189 KB 12ms
7ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.445.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://html5.gamedistribution.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://html5.gamedistribution.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193133
Date: Wed, 03 Mar 2021 17:33:09 GMT
Expires: Thu, 03 Mar 2022 17:33:09 GMT
Last-Modified: Tue, 02 Mar 2021 18:31:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 51621

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B412 44 KB
17 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:30 GMT

GET
H2 200 event
ana.headerlift.com/ Frame B412 0
0 26ms
20ms Fetch 2606:4700:e2::ac40:8b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ana.headerlift.com/event?page_url=http%3A%2F%2Fneueaffenspiele.de%2F&game_id=dee7173d2b55487a99bcc2ad079376b0&eventtype=7&ts=1614844410166
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
content-length: 0
cf-request-id: 089dd3513e00004e68d4bb2000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9AC%2FkJotvlDSwgi1URf%2BWNC9R7FvafiiuxQCvhd9M%2Fvsy0D0ol5AIuulGNMW9fXtachWLW7MYavryWN%2F4ybw%2FL%2F6GHytYCM3DJt2VuX4d%2F6EPuETUaY2qIxpn7uSXts%3D"}]}
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 62a987fb9d154e68-FRA
access-control-allow-headers: *

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame B412 2 B
62 B 15ms
15ms Fetch
text/plain 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.view&ar=W3siZ21pZCI6ImRlZTcxNzNkMmI1NTQ4N2E5OWJjYzJhZDA3OTM3NmIwIiwidGRtbiI6Im5ldWVhZmZlbnNwaWVsZS5kZSIsImRvbW4iOiJuZXVlYWZmZW5zcGllbGUuZGUiLCJyZnJyIjoiaHR0cDovL25ldWVhZmZlbnNwaWVsZS5kZS8iLCJsdGhyIjo4LCJjdHJ5IjoiREUiLCJkcHRoIjoyLCJ2ZXJzIjoiMS44LjEyIiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MSwidHRsZSI6IlNpbGx5IFdheXMgVG8gR2V0IEluZmVjdGVkIiwic2l6ZSI6Ijg5NiB4IDU3NiIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiODMiLCJvc25tIjoiTWFjIE9TIiwib3N2ciI6IjEwLjE0LjUiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6ZmFsc2UsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1614844410166
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
via: 1.1 google
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 2

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FBB3 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 04 Mar 2021 08:27:22 GMT

GET
H2 200 Second_Extinction_PEGI_728x90.jpg
ssl.cdne.cpmstar.com/cached/creatives/1250532/ 35 KB
35 KB 44ms
8ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1250532/Second_Extinction_PEGI_728x90.jpg
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E89) /
Resource Hash: 951ca7152bc4181f9db9750bdb1bd27256590a531eca24fdb7a6eb51106509dc

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:30 GMT
last-modified: Wed, 03 Mar 2021 09:26:51 GMT
server: ECAcc (frc/8E89)
age: 80799
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1250532_Second_Extinction_PEGI_728x90.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 35431
expires: Fri, 05 Mar 2021 07:53:30 GMT

GET
H2 200 2e13pt
gsght.com/i/ 0
307 B 560ms
186ms Image
text/html 50.112.179.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsght.com/i/2e13pt?sub1=3965&sub2=50732&campaign_name=SE_Q1_2021
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.112.179.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-179-209.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:53:30 GMT
server: envoy
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 0
expires: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=neueaffenspiele.de

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=neueaffenspiele.de

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BB5 405 B
225 B 104ms
104ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=8413664506&adk=1762272480&adf=4082197280&pi=t.ma~as.8413664506&w=160&lmt=1614844410&psa=0&format=160x600&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&wgl=1&dt=1614844410519&bpp=1&bdt=961&idt=2&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da52aa28b0d89aa64-224a9a59f3a60054%3AT%3D1614844409%3ART%3D1614844409%3AS%3DALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q&prev_fmts=1200x280%2C160x600&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1308&ady=424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=EakQRDLLN4&p=http%3A//neueaffenspiele.de&dtd=6

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1cf2c4b66e0db55f6ab02f7f6d8b7cb38f271ca2805f25d4f2f6248a800d0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=8413664506&adk=1762272480&adf=4082197280&pi=t.ma~as.8413664506&w=160&lmt=1614844410&psa=0&format=160x600&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&flash=0&wgl=1&dt=1614844410519&bpp=1&bdt=961&idt=2&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da52aa28b0d89aa64-224a9a59f3a60054%3AT%3D1614844409%3ART%3D1614844409%3AS%3DALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q&prev_fmts=1200x280%2C160x600&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1308&ady=424&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=EakQRDLLN4&p=http%3A//neueaffenspiele.de&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://neueaffenspiele.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnoJe8BJlHqgJtFCWIgCQzXz6K20C4LOLE0WIbOwKYaG0SY2sVkKNuU07vtL28
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 07:53:30 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rating_over.png
neueaffenspiele.de/wp-content/plugins/wp-postratings/images/stars_crystal/ 691 B
1022 B 65ms
63ms Image
image/png 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://neueaffenspiele.de/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.png
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 24db5b0c94dba143c29ac1e443e7a3269fe9e44fddaf65344cf243c847ce4988

Request headers

Referer: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:53:30 GMT
Last-Modified: Thu, 20 Feb 2020 19:22:55 GMT
Server: nginx
ETag: "2b3-59f06d4f84da5"
Content-Type: image/png
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 691
Expires: Sat, 03 Apr 2021 07:53:30 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzuste...
https://counter.yadro.ru/hit?t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzust...
https://counter.yadro.ru/hit?q;t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzu...

104 B
558 B

49ms
49ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzustecken%20-%20Jetzt%20spielen%20auf%20Neueaffenspiele.de;0.5908344609841449

Requested by

Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

23fed8652faec000b5b25520c641ac61cf53307dd042d59a7d7c7c8d05281981

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:53:30 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 104
Expires: Tue, 03 Mar 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:53:30 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.11;rhttp%3A//short.php5developer.com/;s1600*1200*24;uhttp%3A//neueaffenspiele.de/dumme-moeglichkeiten-sich-anzustecken.html;hDumme%20M%F6glichkeiten%20Sich%20Anzustecken%20-%20Jetzt%20spielen%20auf%20Neueaffenspiele.de;0.5908344609841449
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 03 Mar 2020 21:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 733A 1 KB
477 B 44ms
44ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1614844410&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&ea=0&flash=0&pra=7&wgl=1&dt=1614844410540&bpp=1&bdt=981&idt=1&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da52aa28b0d89aa64-224a9a59f3a60054%3AT%3D1614844409%3ART%3D1614844409%3AS%3DALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q&prev_fmts=1200x280%2C160x600%2C160x600&nras=1&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=6

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90ba9e7b41093e69cb2b587d3ca8f215faad5b67d1036f3495c20ed6fe545c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1614844410&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&ea=0&flash=0&pra=7&wgl=1&dt=1614844410540&bpp=1&bdt=981&idt=1&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da52aa28b0d89aa64-224a9a59f3a60054%3AT%3D1614844409%3ART%3D1614844409%3AS%3DALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q&prev_fmts=1200x280%2C160x600%2C160x600&nras=1&correlator=7355013325604&frm=20&pv=1&ga_vid=1982487110.1614844410&ga_sid=1614844410&ga_hid=844325645&ga_fc=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068785&oid=3&pvsid=3588433540725190&ref=http%3A%2F%2Fshort.php5developer.com%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://neueaffenspiele.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnoJe8BJlHqgJtFCWIgCQzXz6K20C4LOLE0WIbOwKYaG0SY2sVkKNuU07vtL28
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 07:53:30 GMT
server: cafe
content-length: 429
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
100 B 13ms
13ms Other
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8DH33QQECN&gtm=2oe2o0&_p=844325645&sr=1600x1200&ul=en-us&cid=1982487110.1614844410&_s=1&dl=http%3A%2F%2Fneueaffenspiele.de%2Fdumme-moeglichkeiten-sich-anzustecken.html&dr=http%3A%2F%2Fshort.php5developer.com%2F&dt=Dumme%20M%C3%B6glichkeiten%20Sich%20Anzustecken%20-%20Jetzt%20spielen%20auf%20Neueaffenspiele.de&sid=1614844410&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8DH33QQECN
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:53:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://neueaffenspiele.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

light-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-floating.css
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-floating.css

3 KB
1 KB

11ms
10ms

Stylesheet
text/css

2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-floating.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7750d672ae2973a7f32832040cae87f1d6b687cbd268fd4000c906bc761328c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 33934
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 778
cf-request-id: 089dd354cb00004aaff9909000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-d11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UxbgZOdAq6PN13jVWDoFqUSk%2FUt4DXMGp4U9WH0as5x7RJ9pg%2Bauzp92GFWWIhII5sPEOA7b1PKmn4R%2FB6LjnahWtSLkpUz9FMbqKl4sBMnE5zjYQA8VO5ouldK0a9OVGw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62a988014f454aaf-FRA
expires: Tue, 22 Feb 2022 07:53:31 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-floating.css
Non-Authoritative-Reason: HSTS

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210302&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de57d747cab8bcfcd6708c55ad039f7200bc472e8e0a155f034207a09ec56507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6450
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:53:31 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 160D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://neueaffenspiele.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 23:45:07 GMT
expires: Thu, 03 Mar 2022 23:45:07 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29304
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 160D 14 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 21:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 209386
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Tue, 01 Mar 2022 21:43:45 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 27ms
27ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210302&jk=3588433540725190&bg=!q6ilqOvNAAWsVXnBrDsAKQB2-Dxa0U-YKkcKqXZQSYgchJ719hm8HkL2P7SPi9EhLfJuMvfygb7cAgAAAEFSAAAACGgBBwoA9srpgDlYquuUfINEfZUceuybWO3fVschIf1pxh2d0oEOLxtYFrIoEaTILVRDXfUZTY9ghQnhdZcWWtYD6hZr3jjwZSI-IhcuNMbkYvgQRW-IirE-g4YyWP3MS8qgGkDeXNudr52Cx6-DEf7R3rm-KYlKwTPeUUMBiZ10AZXWHH0CKG6HMqal-oqALyIUx26BiBOGZY9sGGp2GjZoWopRW6lkeuAjBhGJpt0qCnVynFU7lx6-ZtiMRm3TMoMwX3DS4OE6-BQ_mzuDvfU1hxlRoA3cakwslvqJeFjVoAFzMsuqKOrSRghnPSPLvBLyDLzcKZzRIcDhjpkB2Zrw-AqGRgDyJtg-EN0L9gtf9MlyO3KIk_sSeQURJX6q5tKmVJBTGbfC5Zr9MTdU2Z2pyrMDr0aiPU5-KgU3y76FyCOzSNQ2fLCJMwbpwxuphMVoqq6DYebNkzzXEvc9tfilPe2ncgJWzBCwK2C5LO10AYWaIjnWqWR0hAObjftEJJ1dYlOzXJQ9Vsk2N4LmrHpzUvi9by3N4dDuWxZNpvWjgbkbKWek3ToR3hsYlfaOfYijmv7Ccl99r867UdJ0t3LruVlBkeAk1ELZTZDS-rbxFDokq00A2cXEZ2OudeuXWAy8skX8e1cz9aHtWgRFa8hXWibq38x22efpi4TLkCpQk8Ph8L1d4OgF21KJyRhL8vt1R-KUPbfl_aGcJ-HFp1IcRFsM6WQuQfwgNW3wMpELTcfErIibyRqp8Nxhne33nF03pntNGJHZjX1qEVCV3A4GPr9LmlhsmsnFda6CMV4CxNqY6esJZY-YmHSGNly1bdvP1YMqzYgVPNFBQ4N-NYN98bALB2pZRIoGAKMbPSE7ppQoc6zceKvsJcsBpcB12krDY9zVhOZM5f_lLG4cp2WV7GUVsOcSeCdjGdOLhznGCVSjg8QngpI6sTu8cwaFdwS-w3oPityq

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:53:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.neueaffenspiele.de/	1970-01-20 10:05:16	Name: _ga_8DH33QQECN Value: GS1.1.1614844410.1.0.1614844410.0
.doubleclick.net/	1970-01-20 01:55:40	Name: IDE Value: AHWqTUnoJe8BJlHqgJtFCWIgCQzXz6K20C4LOLE0WIbOwKYaG0SY2sVkKNuU07vtL28
.neueaffenspiele.de/	1970-01-20 10:05:16	Name: _ga Value: GA1.1.1982487110.1614844410
.neueaffenspiele.de/	1970-01-20 01:55:40	Name: __gads Value: ID=a52aa28b0d89aa64-224a9a59f3a60054:T=1614844409:RT=1614844409:S=ALNI_MZhaWL7eEfL2g15g14iB5XTcEDK9Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://html5.api.gamedistribution.com/main.min.js(Line 8) Message: %c %c %c GameDistribution.com HTML5 SDK \| Version: 1.8.12 %c %c %c background: #9854d8 background: #6c2ca7 color: #fff; background: #450f78; background: #6c2ca7 background: #9854d8 background: #ffffff
console-api	warning	URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v3.26e.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ana.headerlift.com
cdn.gamedock.io
cdnjs.cloudflare.com
counter.yadro.ru
game.api.gamedistribution.com
googleads.g.doubleclick.net
gsght.com
hb.improvedigital.com
html5.api.gamedistribution.com
html5.gamedistribution.com
imasdk.googleapis.com
img.gamedistribution.com
msgrt.gamedistribution.com
neueaffenspiele.de
pagead2.googlesyndication.com
partner.googleadservices.com
pub.headerlift.com
s0.2mdn.net
securepubads.g.doubleclick.net
server.cpmstar.com
short.php5developer.com
ssl.cdne.cpmstar.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
142.250.186.34
152.199.21.117
205.185.216.10
205.185.216.42
23.235.251.211
2606:4700:3032::6815:2970
2606:4700::6810:135e
2606:4700:e2::ac40:8b11
2a00:1450:4001:801::2006
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a03:90c0:41:2801::254
35.190.9.86
50.112.179.209
78.109.31.4
88.212.201.216
0371e8c852e2743f21a6d458edef88e71904ac2661b00909f235ca4eb5043948
09cbd559df38661d45250bc1e0f1aaa67b0d1021adb6cf81a35165b063fa1026
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f44d02022c2cba9eee2922fc5e2ce9f90ab0e17e9e3da436862c98784374dbb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
183c95fb742395a9a6432ff988a2c005d542db17ae8ca0e05d02376fa829bb4f
186a97c6e86dfe00138bf544cd9dd76c93fd6c78e1605d5c3d87744ea3f7b98b
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109
23fed8652faec000b5b25520c641ac61cf53307dd042d59a7d7c7c8d05281981
24db5b0c94dba143c29ac1e443e7a3269fe9e44fddaf65344cf243c847ce4988
252ded355451390fd757017587857d343795f36b63207cea2badae7a63862b6d
29f6ef13daa8d8813f043b0a368762a7b950ffb195cea4d01f46d334fb6fcb27
2e198e9eba7efa5923e4a7d8e0f1e49c7c1d9f4c34b6ab305162111a9edf4ca7
2e7a238325c2b6e67d4a872f95be234b42656f90ed40d435293a13eeb0ee9e32
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
352ba752406e786b9966b4216f7f4e2eecf6ced4c3819551eb13bb14a5f35147
3d55abaea0eb323966b9f0c88f81c91c433efb5bf45bf6390e8cad729ea0a38c
400b56159e996ff455c0f5641908914b31c27c3f952449c555de4bce61ace7be
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
471aae0cf6dbd7106af713232aed41c6d017f46f051108f52992521091e2d6d4
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4d8dec8303e0f282b906ff96f35ff75aeba6f4e256e85386cf1179a22827f12d
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5edc2d988821d5a2c628ba375d6c057666db0ce10afd6cef5d09ccd75c664d06
61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495
63456a217edb6d57c61411b3f3b3be365f6f5604bc7109f6d97b457f96cd752e
6d5303f5c9f3b010704e78a5a36fb7f91e123cb9659606dd70eab1ffc8723b5d
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
6da72fd805f23a255ed485e7dd455dc08c0a37e3f4aa142bbde7bec7dbd7b6ab
7750d672ae2973a7f32832040cae87f1d6b687cbd268fd4000c906bc761328c9
778f6241842f7727f4e9b7480dd3aff5c2c9a1bb8524fb655485a538c7c1078a
82db6acc3061a9750ea0b5d1bdb57c8950e95d3b570036f61f50637a69066107
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89da33a2204ca0e7165bf60dd3bfa3a3c20fd6ed97313fd7a2640e673efac01c
8f32680cfb742e5616c0ec4aa2e37372cf953b45eab0e15403bc505e16ebf0d6
90ba9e7b41093e69cb2b587d3ca8f215faad5b67d1036f3495c20ed6fe545c9e
951ca7152bc4181f9db9750bdb1bd27256590a531eca24fdb7a6eb51106509dc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c3217a52babf6036a7693f08dcd71ec408e3bb224ace4912666d5f664a1ba97
9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2da432e4004e18c47cc9b6a954080468b5186e8dd93fc365edfef701a74c7d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65e92cf3f695172d44154883a85f0774cc24888bc98c49d3c95a629922f6f84
af3fe8174ea24c0aa1e2ad6ba965fbfe89575049f8426e54ae23aeef3099f8a8
b1ac7c828b13ee0c366633b73793cc456a3ebaecd2f7c3db4871cf90e7f2602c
b1c9552ff946c8d6ed8b4a6879aed0d758c5c1bdffe3e284de7e3bb4c4e3b950
b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31
bd57050ed6edcd7d939c06d6374386d268598ddc6f4b3049307ca5dc54d80951
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cf2c4b66e0db55f6ab02f7f6d8b7cb38f271ca2805f25d4f2f6248a800d0fa
d306150613b5f898a3153cbf32f7edeaa4fc7e264a320b4fad881a42cfeedf5f
d611c68aa02e4cee400a1e6a34bb27628d53a5329a3b249ff6c022799071f535
d96ddf11a28cff222354af4a2b6af8e1ffab5a87333c32529b827b786a820c41
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcde3897b46a1944be73861fc37adad8c7b3c21ef6b0bfce0822ec8617b5b585
de57d747cab8bcfcd6708c55ad039f7200bc472e8e0a155f034207a09ec56507
e18e8fe67b7af3e4c82382023e05f598c42dd08cfab1db7f4be2c26acbe4d1fa
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e701ec10e4eb8b79cb36def30413a61c6cbbbe9b3218fff64f5cc7ea36ca326d
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
f19a724634d1c34788711f18c8dd8d51e20540cc8b12259b4dd71d77952cd0de
f2963fb0ad1d10bf935657c57c96b290a3fe2a75cb1d6ae6016d1494378c52dd
f3703277413e566b49c9500482e810219ff5f795d0724ab41117bd663339c0c3
fa6de724b65acaaee077c75c7347a11805bed57b2277e009ce525f185bbb4332
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc7c9613541328021bfd36f2edbd89397e9a0d991c42fe6fdeaac450730b22d1
fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1

neueaffenspiele.de Open in urlscan Pro 78.109.31.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

61 %HTTPS

63 %IPv6

20 Domains

28 Subdomains

25 IPs

4 Countries

1800 kBTransfer

4204 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

neueaffenspiele.de Open in urlscan Pro
78.109.31.4 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

61 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

25
IPs

4
Countries

1800 kB
Transfer

4204 kB
Size

4
Cookies

93 HTTP transactions
1 data transactions