netzwerk-ad.de Open in urlscan Pro
144.126.134.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://adnade.net/surfbar/
Effective URL:
https://netzwerk-ad.de/webbi_traffic.php
Submission: On August 23 via manual (August 23rd 2023, 1:07:21 pm UTC) from FR — Scanned from FR

Summary HTTP 80 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 23 domains to perform 80 HTTP transactions. The main IP is 144.126.134.105, located in St Louis, United States and belongs to CONTABO, US. The main domain is netzwerk-ad.de.
TLS certificate: Issued by R3 on August 20th 2023. Valid for: 3 months.

This is the only time netzwerk-ad.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a01:4f8:10b:... 2a01:4f8:10b:ddc::2	24940 (HETZNER-AS) (HETZNER-AS)
1	144.126.134.105 144.126.134.105	40021 (CONTABO) (CONTABO)
14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.90.212.124 195.90.212.124	42730 (EVANZOAS) (EVANZOAS)
6	46.4.20.137 46.4.20.137	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3032::ac43:ab44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	85.13.154.214 85.13.154.214	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e2:... 2606:4700:e2::ac40:8211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:80e::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:d400:d:6fdf:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	54.74.249.105 54.74.249.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	52.209.236.157 52.209.236.157	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.45 13.32.99.45	16509 (AMAZON-02) (AMAZON-02)
80	24

2 2a01:4f8:10b:ddc::2 (Landshut, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

adnade.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
billigerscheiss.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.126.134.105 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: h105.hubuhost.com

netzwerk-ad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

bitspush.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beycoin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adbit.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.90.212.124 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: v99150.1blu.de

libertad-ads.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.4.20.137 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.137.20.4.46.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ab44 (United States)

ASN13335 (CLOUDFLARENET, US)

free-btc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.154.214 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd38404.kasserver.com

www.paidclicker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

radioforuser.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8211 (United States)

ASN13335 (CLOUDFLARENET, US)

video.onetouch8.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:d400:d:6fdf:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.openstream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.249.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-249-105.eu-west-1.compute.amazonaws.com

listen.openstream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.236.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-236-157.eu-west-1.compute.amazonaws.com

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-45.fra60.r.cloudfront.net

delivery-cdn-cf.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	429 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 130 adservice.google.com — Cisco Umbrella Rank: 100	151 KB
7	blogger.com www.blogger.com — Cisco Umbrella Rank: 10247	73 KB
7	bitspush.io bitspush.io — Cisco Umbrella Rank: 853079	215 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	124 KB
6	beycoin.xyz beycoin.xyz — Cisco Umbrella Rank: 892773	9 KB
6	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 35978 static.a-ads.com — Cisco Umbrella Rank: 48520	419 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	14 KB
5	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 18478	2 KB
4	openstream.co s.openstream.co listen.openstream.co — Cisco Umbrella Rank: 674312	158 KB
4	onetouch8.info video.onetouch8.info — Cisco Umbrella Rank: 187883	15 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	21 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 510 fonts.googleapis.com — Cisco Umbrella Rank: 45	354 KB
2	adswizz.com synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2573 delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5263	10 KB
2	blogspot.com radioforuser.blogspot.com	15 KB
1	adbit.biz adbit.biz	5 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	17 KB
1	paidclicker.de www.paidclicker.de	569 B
1	free-btc.org free-btc.org	1 KB
1	libertad-ads.de libertad-ads.de	328 B
1	netzwerk-ad.de netzwerk-ad.de	1 KB
1	billigerscheiss.de 1 redirects billigerscheiss.de — Cisco Umbrella Rank: 582494	196 B
1	adnade.net 1 redirects adnade.net — Cisco Umbrella Rank: 515332	190 B
80	23

	Domain	Requested by
7	www.googletagmanager.com	beycoin.xyz www.googletagmanager.com netzwerk-ad.de
7	www.blogger.com	radioforuser.blogspot.com www.blogger.com apis.google.com
7	bitspush.io	netzwerk-ad.de bitspush.io
6	www.google-analytics.com	beycoin.xyz www.googletagmanager.com
6	beycoin.xyz	radioforuser.blogspot.com beycoin.xyz
5	pagead2.googlesyndication.com	radioforuser.blogspot.com imasdk.googleapis.com
5	resources.blogblog.com	radioforuser.blogspot.com www.blogger.com
4	apis.google.com	radioforuser.blogspot.com apis.google.com www.blogger.com
4	video.onetouch8.info	free-btc.org imasdk.googleapis.com
3	adservice.google.com	imasdk.googleapis.com
3	static.a-ads.com	ad.a-ads.com
3	ad.a-ads.com	netzwerk-ad.de beycoin.xyz
2	csi.gstatic.com	imasdk.googleapis.com
2	listen.openstream.co	s.openstream.co
2	imasdk.googleapis.com	video.onetouch8.info imasdk.googleapis.com
2	s.openstream.co	radioforuser.blogspot.com s.openstream.co
2	radioforuser.blogspot.com	netzwerk-ad.de radioforuser.blogspot.com
1	delivery-cdn-cf.adswizz.com	synchroscript.deliveryengine.adswizz.com
1	synchroscript.deliveryengine.adswizz.com	s.openstream.co
1	adbit.biz	beycoin.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	s.openstream.co
1	s0.2mdn.net	imasdk.googleapis.com
1	www.paidclicker.de	netzwerk-ad.de
1	free-btc.org	netzwerk-ad.de
1	libertad-ads.de	netzwerk-ad.de
1	netzwerk-ad.de
1	billigerscheiss.de	1 redirects
1	adnade.net	1 redirects
80	29

This site contains links to these domains. Also see Links.

Domain
www.netzwerk-ad.de

Subject Issuer	Validity	Valid
netzwerk-ad.de R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
bitspush.io GTS CA 1P5	`2023-08-16` - `2023-11-14`	3 months	crt.sh
libertad-ads.de R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
free-btc.org GTS CA 1P5	`2023-08-08` - `2023-11-06`	3 months	crt.sh
paidclicker.de R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
onetouch8.info E1	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.openstream.co Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
beycoin.xyz GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-31` - `2023-10-31`	a year	crt.sh
*.deliveryengine.adswizz.com Amazon RSA 2048 M02	`2023-02-09` - `2024-02-13`	a year	crt.sh
*.adswizz.com Amazon RSA 2048 M02	`2023-05-14` - `2024-06-11`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://netzwerk-ad.de/webbi_traffic.php
Frame ID: 9F29BA64F490753ABD8BDC23DA33CCAC
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1551779?size=468x60
Frame ID: 9CBDE8A5ADEE56EF56158A877BE608DE
Requests: 3 HTTP requests in this frame

Frame: https://free-btc.org/banner/u=frechdax/size=468x60
Frame ID: B6697DAC9134F0D301E48A9F86AA9D55
Requests: 7 HTTP requests in this frame

Frame: https://www.paidclicker.de/bettellink.php?uid=319
Frame ID: 83BFEE0DEE3FA4D30D839A1143C19E81
Requests: 1 HTTP requests in this frame

Frame: https://radioforuser.blogspot.com/
Frame ID: F97680548F1E6C9E90AECA252E4D3686
Requests: 20 HTTP requests in this frame

Frame: https://ad.a-ads.com/2084432?size=728x90
Frame ID: 37890DF0A2848FE7F46357A15D01D3C2
Requests: 3 HTTP requests in this frame

Frame: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Frame ID: E6FA745EA39B2066F1BFA70392EC88B3
Requests: 6 HTTP requests in this frame

Frame: https://beycoin.xyz/bits-ads.php?type=0&&ids=169
Frame ID: EFD55EE2841CF1B8D3183200D6C43A26
Requests: 5 HTTP requests in this frame

Frame: https://beycoin.xyz/bits-ads.php?type=3&&ids=169
Frame ID: 2FBD0A141683E70DECDDB410CF85866F
Requests: 6 HTTP requests in this frame

Frame: https://beycoin.xyz/bits-ads.php?type=1&&ids=169
Frame ID: 5C90D287BFC85015C8E5A0F130AD67C6
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5932499647699336755&blogName=Radio4user&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://radioforuser.blogspot.com/search&blogLocale=de&v=2&homepageUrl=https://radioforuser.blogspot.com/&vt=3950218659713081137&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VePzHPs6qN8.O%2Fd%3D1%2Frs%3DAHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A%2Fm%3D__features__
Frame ID: 8956D87551588595A2FA6F5911512022
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Frame ID: 260B8733E917977DCCBA7267BB140EFB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D451F87ACFC2CC68176B8A185DF63F49
Requests: 1 HTTP requests in this frame

Frame: https://beycoin.xyz/allads.php
Frame ID: C347184AEE7CA297111EA9E17325C0A1
Requests: 1 HTTP requests in this frame

Frame: https://beycoin.xyz/allads.php
Frame ID: 4BE707BEEE934F8DBB29605EBD6581F6
Requests: 1 HTTP requests in this frame

Frame: https://beycoin.xyz/allads.php
Frame ID: 2458A70A802DA53E29F418E76BB398DA
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/2224219?size=728x90
Frame ID: 1DEA094AB4D54E74FA7C4647D87B0EAA
Requests: 3 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9
Frame ID: 2E8B06E1EBADEDF7A751EC840DE7BFE1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://adnade.net/surfbar/ HTTP 302
https://billigerscheiss.de/?g=1 HTTP 302
https://netzwerk-ad.de/webbi_traffic.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

100 %
HTTPS

71 %
IPv6

23
Domains

29
Subdomains

24
IPs

3
Countries

2037 kB
Transfer

4577 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netzwerk-ad.de/
Title: netzwerk-ad.de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adnade.net/surfbar/ HTTP 302
https://billigerscheiss.de/?g=1 HTTP 302
https://netzwerk-ad.de/webbi_traffic.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request webbi_traffic.php Show response
netzwerk-ad.de/
Redirect Chain

https://adnade.net/surfbar/
https://billigerscheiss.de/?g=1
https://netzwerk-ad.de/webbi_traffic.php

3 KB
1 KB

383ms
125ms

Document
text/html

144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

af50df1dd598436023ac3d1fc4c5e3648102e56ddf03c08b6a362148e5e243df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:16 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:15 GMT
location: https://netzwerk-ad.de/webbi_traffic.php
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 items.php Show response
bitspush.io/display/ 61 KB
11 KB 132ms
79ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/items.php?357&239&468&60&0&0&0
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821f8376a59c1e7cc76cc3d0e5908d50905587e36351479c8bfbf72a48272358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 13:07:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:07:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzRSLwLXtgVAD09iCTdvybeev4rbU7LjT%2FR8KezHf2NnExB%2FLeitXHgHo21lvLh6AjrUoQhoKJ3epQJ7EbaX%2B5WY7WPevM%2FbfItub%2BnjXetrGkLLHuBsvOXGgAkXd4J1Ox64Q%2BEAtto9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fb393dacc9b0354-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK rot.php Show response
libertad-ads.de/kamp/ 65 B
328 B 97ms
31ms Script
text/html 195.90.212.124
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://libertad-ads.de/kamp/rot.php?art=bannerview&uid=45&sid=66
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS: v99150.1blu.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c46db6e3ba6b4c52faae173f16bfe5b64d2ca4a3b7fc6efde6457c61825872e7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 13:07:15 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 77

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame 9CBD 12 KB
5 KB 114ms
43ms Document
text/html 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.137.20.4.46.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

9ed25ae1a1a75a422ad82f1acb7b98248167b9b376c471409325711f948c52c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 23 Aug 2023 13:07:16 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 size=468x60 Show response
free-btc.org/banner/u=frechdax/ Frame B669 2 KB
1 KB 250ms
208ms Document
text/html 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://free-btc.org/banner/u=frechdax/size=468x60
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75ce0b26d25b78a574b8d41f2d0fb4e9d8326255f281df6a13e8cb617b5beb9

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb393db6c153c87-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWl1rWVOBexFt8p%2F%2FBYkd%2FG8oneqw6y8pzn8Z2N4mEWSBinn19Vv6MoXUz4mg4od%2FXkaA9s22fa60XG9jEeVYeo8qEehVBH7pRownSMFblJMRZRVsh5w0ftWWHSDNcnm85y2whkWwZsNKRQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bettellink.php Show response
www.paidclicker.de/ Frame 83BF 698 B
569 B 153ms
42ms Document
text/html 85.13.154.214
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paidclicker.de/bettellink.php?uid=319
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.154.214 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38404.kasserver.com
Software: Apache /
Resource Hash: 17f9b765abc9e304b9259e415a18226dbb1ac51f3ec3eaeb236762b0112240a9

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=1
content-encoding: gzip
content-type: text/html
date: Wed, 23 Aug 2023 13:07:16 GMT
expires: Wed, 23 Aug 2023 13:07:17 GMT
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 / Show response
radioforuser.blogspot.com/ Frame F976 57 KB
13 KB 249ms
164ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://radioforuser.blogspot.com/

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69fe716fda91b742d729dd8c4d5dda5c6b61b93442e24cb106a6147a0843f707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 12742
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:16 GMT
etag: W/"004750603250029226002166d8ceed7d9ba9952bec880c0faca1215cdaf02645"
expires: Wed, 23 Aug 2023 13:07:16 GMT
last-modified: Sun, 13 Aug 2023 15:27:48 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2084432 Show response
ad.a-ads.com/ Frame 3789 12 KB
5 KB 86ms
85ms Document
text/html 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2084432?size=728x90

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.137.20.4.46.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

5bca8d1df99253c21740d2027219ec8fc85211b2966db185512ab778a53f132f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 23 Aug 2023 13:07:16 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/117614/ Frame 9CBD 166 KB
166 KB 28ms
26ms Image
image/gif 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117614/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
x-amz-version-id: RiqlbFUXWzMloNmKcFxQkdDqraCFWLWD
last-modified: Sun, 19 Apr 2020 16:07:32 GMT
server: nginx
x-amz-request-id: SWTKYPSCQYWQ9N7Q
etag: "71fa04f4b751182f94820520d348d289"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 169525
x-amz-id-2: a1IAoB+xMIwGUFfKv0jvqfl2K33GgFFJpClFwvfDxKA6TP2O0W9MDN14k86hXLJetbMjs+PUEfI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9CBD 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.php Show response
bitspush.io/display/ Frame E6FA 8 KB
3 KB 58ms
58ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Requested by: Host: bitspush.io
URL: https://bitspush.io/display/items.php?357&239&468&60&0&0&0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d970b7386e4dd14653fa56de7d01b2a99ca08bd7d882eefaac1330f92719a796

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb393db4d2b0354-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZgZYCVAd4WBH769ReO0o4NXGMUR2KUpNF4eSL5%2FoKSglbTU%2B1qHgefY8nXjZfSo1Afqd0vOO3GIbEiEJ45XBj1Nn1%2B0fPfWA1J%2FMv8Eg2%2B%2BJmOKkMW5pziHpZccucb8T2m%2BwBxfMEPQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 jquery.min.js Show response
bitspush.io/display/js/ Frame E6FA 243 KB
74 KB 33ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/js/jquery.min.js
Requested by: Host: bitspush.io
URL: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 03:25:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3580
etag: W/"3cd47-5d7b59e3aeb66-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DveeY4u9jBXLbbxC4nO8P2PGnKnb6Ap1eEaRTKfNCovt8juwHHrGB6ueChG26VC2FPLmLrufViFdK5XsV1HXDLk%2BpN4BijHZNFYEAIwyVo4TYa9Fd627l0BiVo1prlQKfzKnB38fgW6H%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fb393dbac27d35b-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 data.png
bitspush.io/images/ Frame E6FA 931 B
1 KB 27ms
27ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitspush.io/images/data.png
Requested by: Host: bitspush.io
URL: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 03:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3580
etag: "3a3-5d7b59e7e9c31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6VanNHGKpyad0cX8hXI%2BX9rfcPrinhvUsmeryU7sTR89btGr9DgcS%2FfTNX5NG0U8LQQDIH9gY8ZMhHsepO3iIO5lqlKB7cacd8jV0QPioG6kKUw1VQaxnfKBWfhSTknDPjGKj3PdrUTCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fb393dbac28d35b-CDG
alt-svc: h3=":443"; ma=86400
content-length: 931

GET
H3 200 12_1653700481.gif
bitspush.io/upload/ Frame E6FA 58 KB
59 KB 112ms
111ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitspush.io/upload/12_1653700481.gif
Requested by: Host: bitspush.io
URL: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8793439a8ddaeda1c77be771e0b372ee84df830d2c04f34a9e7ab9e982759a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
cf-cache-status: HIT
last-modified: Sat, 28 May 2022 01:14:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e98b-5e00825becf14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FHJhsFYHX8xScTcbLwGF7CBxAO56ZsneM7u4LnjqJfML5%2BNgpBCjy4QFUWBw%2FL3RNSOCuu9wm4%2BEYn4SHy6ro3jNhyKhudOf31jYF2L%2B7AYRdJL6ivmtXp%2BScgoFae5xm7tVnemhBhPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fb393dbdc5bd35b-CDG
alt-svc: h3=":443"; ma=86400
content-length: 59787

GET
H3 200 7_1646045615.gif
bitspush.io/upload/ Frame E6FA 67 KB
67 KB 70ms
70ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitspush.io/upload/7_1646045615.gif
Requested by: Host: bitspush.io
URL: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ccf8c907f614ce79d3b45d975eb8b584092c33668f14fa0b683ca39f4d3522

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Feb 2022 10:53:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3580
etag: "10a53-5d911dc338f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZPIB0LDrppG%2FjCAIKhCjf6v5XBy45S%2BtBCgXvdLHzE%2Bi7ToCg1vVAEw8nWzTyazRu%2FVBZjNv5yS1JSDgDHuJmyhh41mLkT%2FdvCkR4XecOo%2BIh1LApf%2BtlgSActv%2BFz3xZV5zVsDedc0Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fb393dc8d1dd35b-CDG
alt-svc: h3=":443"; ma=86400
content-length: 68179

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/117613/ Frame 3789 119 KB
119 KB 27ms
27ms Image
image/gif 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117613/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2084432?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 1d088b3a1ec29cf32e83a45b3e0de21eaa65317b3e95a8a7a03564a04b484cf6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
x-amz-version-id: 4UuNq3rYilbw0bXTmf9yFiTJzUJp1Tld
last-modified: Sun, 19 Apr 2020 16:07:32 GMT
server: nginx
x-amz-request-id: FSFJ3YM6WMHXJP0E
etag: "c179f03b229eed73bf532282dec369e7"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 121782
x-amz-id-2: c32RzD5+GKTm4n0vaDrfojnJEKX2/Mk6JbXEQ4hgUR7M2BI1KDlrKh9fVIjYTy/G1Cj1+DUVE5I=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 3789 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d-video.js Show response
video.onetouch8.info/ Frame B669 91 KB
13 KB 76ms
30ms Script
application/javascript 2606:4700:e2::ac40:8211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/d-video.js?b=24
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 10:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3144
etag: W/"61c1b305-16d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJwVIfaeKEIC6pHIHTHgsxFYZUhgtPgHPKVqcGtVOC9DftnkF2exmW1PRU0Cf1tvv1UjATfpPiat7PALW%2BuB3TFBn3HSYSXAORGRh6PMoQ%2FWArAMpxdkPQVa97HgrqOeVfVWr%2FB63r6W4yOaIIzQ%2BTE2Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fb393dd0975386d-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ Frame F976 35 KB
8 KB 124ms
25ms Stylesheet
text/css 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:58:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 21 Aug 2024 12:14:18 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ Frame F976 1 B
684 B 770ms
672ms Stylesheet
text/css 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5932499647699336755&zx=4e301ca5-5b7e-4f94-ae30-5dc4aec05750

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:07:17 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame F976 57 KB
22 KB 110ms
33ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5e5df1d130dd028db61bd811eaed4705eaff95034fe3f8a86ba6a85e77af5f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 13:07:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22287
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e59798e8fe3fa64d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:07:16 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ Frame F976 162 B
259 B 63ms
46ms Image
image/gif 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 19:04:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 22:58:26 GMT
server: sffe
age: 64954
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 19:04:42 GMT

GET
H2 200 player.js Show response
s.openstream.co/extern/p/v4/js/ Frame F976 153 KB
153 KB 115ms
31ms Script
application/javascript 2600:9000:223c:d400:d:6fdf:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.openstream.co/extern/p/v4/js/player.js
Requested by: Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d400:d:6fdf:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c560b150976488bdb5561d8223e9045a932eafb9201ae06289576f3ae842d8e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 19:11:38 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
last-modified: Tue, 13 Jun 2023 10:19:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 64539
x-amz-server-side-encryption: AES256
etag: "7ffb7745f6621f8bc5461c1115486385"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 156612
x-amz-cf-id: KgzWmpiuuFz03x5tXHMxR6AXU6cDIGQk6NAGVXHUxFE1z8HGjRr87Q==

GET
H2 200 cookienotice.js Show response
radioforuser.blogspot.com/js/ Frame F976 6 KB
2 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://radioforuser.blogspot.com/js/cookienotice.js

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2026
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 12:56:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 17:08:27 GMT

GET
H2 200 2789723018-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame F976 156 KB
57 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2789723018-widgets.js

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df12f1788d48579ff2d735391648e079812b9289705e9d4c599d98a63247aa29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57840
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 04:43:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 21 Aug 2024 22:49:08 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B669 354 KB
122 KB 115ms
57ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onetouch8.info
URL: https://video.onetouch8.info/d-video.js?b=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695d7f02b1c1193c310b3606dce44ceec5b942debf5dae643857ac8b82956b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124775
x-xss-protection: 0
expires: Wed, 23 Aug 2023 13:07:16 GMT

GET
H2 200 body_background_dark.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ Frame F976 106 B
244 B 55ms
45ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/body_background_dark.png

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:59:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 06:51:22 GMT
server: sffe
age: 108452
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 06:59:44 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/ Frame F976 182 KB
61 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a17140a73e6ba18e9bb27b533d4dad8e8ee4340e0da7e9e87640452f006ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61951
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 07:28:20 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F976 47 B
455 B 86ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 10:03:05 GMT

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame EFD5 7 KB
3 KB 403ms
346ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=169
Requested by: Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a3e1093340672670c94ad0e6057020af015bca92bdba9c30f9f0efbce2d31a94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb393de2d0604a0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvLxoYVxH6NwghzDplZ1HnXPIy%2FVPFu%2FBI4Khbfcb%2F3TImImjfeXv76CTWTD99fHdsQuBRC79s5dqEGq6VHydzBTY2HD0Sln%2BO4J8pGEaDJ4y3NkzUwY1ntMpvUhkIQxJp8YVe7kRiLOfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame 2FBD 7 KB
2 KB 419ms
362ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=3&&ids=169
Requested by: Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 60258bab77d2379c7615dc910584babda414830d21d8005caf135da738107d77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb393de2d0804a0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kgd0h2EXkaqFAoD4keib2jMDZ5j6IuBMe4h2F3x2UCUFXl84E4NhtcNARafnkjrn0yicJPVwsaFjyRZgcPZ3v2%2FmuSl5JPO%2BNRQq56W2JmZ7kaYjjagXcJZOYRrLsB2P0jNb1Cy5EJzFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame 5C90 7 KB
2 KB 419ms
367ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=169
Requested by: Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 48d38bd76113297b9c44deefb3c946f28c5acea0674e6d32e36c77877fc41e19

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb393de2d0c04a0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B9g8P8g11A%2F2HXvaZ%2BkHgzjhQFwjrU5yJjSHThajQkB%2BQvw%2FEIwreSsvC4DbQD5LoNUksKoqG0lb%2FXsQgEpuz9DN4KTGFsQOTNKgCy5NkBfxwkcBNfjdIQZkMdZjsvz2Dwlo%2FLs%2BMnIag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 body_gradient_dark.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ Frame F976 141 B
254 B 34ms
34ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/body_gradient_dark.png

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:43:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 20:13:19 GMT
server: sffe
age: 109449
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 06:43:07 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ Frame F976 5 KB
5 KB 35ms
34ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 08:26:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 22:58:26 GMT
server: sffe
age: 103231
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 08:26:45 GMT

GET
H2 200 logo-16.png
www.blogger.com/img/ Frame F976 279 B
392 B 34ms
33ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 10:46:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 18:00:24 GMT
server: sffe
age: 94825
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 10:46:51 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 8956 7 KB
3 KB 137ms
136ms Document
text/html 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5932499647699336755&blogName=Radio4user&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://radioforuser.blogspot.com/search&blogLocale=de&v=2&homepageUrl=https://radioforuser.blogspot.com/&vt=3950218659713081137&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VePzHPs6qN8.O%2Fd%3D1%2Frs%3DAHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c4a0e251474c5604e83b248b0ae955d0986cc24cadb7a4868814c9ca33aca4f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2622
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bridge3.585.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 260B 720 KB
231 KB 25ms
24ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://free-btc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 22206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236309
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 06:57:10 GMT
expires: Thu, 22 Aug 2024 06:57:10 GMT
last-modified: Thu, 17 Aug 2023 18:26:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B669 44 KB
17 KB 134ms
69ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D451 40 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 23 Aug 2023 13:29:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B669 107 B
456 B 97ms
34ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 metadata Show response
listen.openstream.co/6172/ Frame F976 24 B
275 B 177ms
83ms XHR
application/json 54.74.249.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listen.openstream.co/6172/metadata
Requested by: Host: s.openstream.co
URL: https://s.openstream.co/extern/p/v4/js/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.249.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-249-105.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) / PHP/7.4.33
Resource Hash: 822c24e7bb8951137787e10f3cb0a25651717df77ef306930cac9732812bbddf

Request headers

Accept: */*
Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
server: Apache/2.4.38 (Debian)
os-server-ip: 172.17.0.2
x-powered-by: PHP/7.4.33
access-control-max-age: 1000
content-type: application/json
access-control-allow-origin: null
os-server-name: listen.openstream.co
access-control-allow-credentials: true
os-server-id: ecs-ec2
content-length: 24

GET
H2 200 Z.css
s.openstream.co/extern/p/v4/template/3/css/ Frame F976 4 KB
4 KB 28ms
28ms Stylesheet
text/css 2600:9000:223c:d400:d:6fdf:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.openstream.co/extern/p/v4/template/3/css/Z.css
Requested by: Host: s.openstream.co
URL: https://s.openstream.co/extern/p/v4/js/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d400:d:6fdf:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e612c5fd5c10a75b53abaee34c637e6a686d0b7ad72514c3d997d7d7ce85122

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:16:38 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
last-modified: Tue, 13 Jun 2023 10:19:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 71439
x-amz-server-side-encryption: AES256
etag: "e8e2ce01e32c75c674cb87491bd6e6ba"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 4007
x-amz-cf-id: wHi4albYaCxQsm1yMC1fHfV1ipPgjAbmsQIsL8dIxbNKgk_BQkxL1A==

GET
H2 200 config Show response
listen.openstream.co/6172/ Frame F976 240 B
493 B 128ms
40ms XHR
application/json 54.74.249.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listen.openstream.co/6172/config
Requested by: Host: s.openstream.co
URL: https://s.openstream.co/extern/p/v4/js/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.249.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-249-105.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) / PHP/7.4.33
Resource Hash: 644d5dadf3c588db3557ce352495e12cfa7e0e595ad0bd3fabcb807dedc4e975

Request headers

Accept: */*
Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
server: Apache/2.4.38 (Debian)
os-server-ip: 172.17.0.2
x-powered-by: PHP/7.4.33
access-control-max-age: 1000
content-type: application/json
access-control-allow-origin: null
os-server-name: listen.openstream.co
access-control-allow-credentials: true
os-server-id: ecs-ec2
content-length: 240

GET
H2 200 css2
fonts.googleapis.com/ Frame F976 2 KB
977 B 94ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@300&display=swap

Requested by

Host: s.openstream.co
URL: https://s.openstream.co/extern/p/v4/template/3/css/Z.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49c1e42f2acbd89561f3ec75ebc643caa60c16c245ff4a49c19f6404d9c76958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://s.openstream.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 12:15:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 8956 57 KB
22 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5932499647699336755&blogName=Radio4user&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://radioforuser.blogspot.com/search&blogLocale=de&v=2&homepageUrl=https://radioforuser.blogspot.com/&vt=3950218659713081137&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.VePzHPs6qN8.O%2Fd%3D1%2Frs%3DAHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19522ba5538e6e2c26794df7a2d5b692404454116c8686c20f198e769494778a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 13:07:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22297
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d7218a98e36c792a"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 8956 907 B
930 B 27ms
26ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 04:12:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 22:58:26 GMT
server: sffe
age: 118475
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 04:12:42 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 8956 117 B
140 B 25ms
25ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:45:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 18:00:24 GMT
server: sffe
age: 91333
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Aug 2023 11:45:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EFD5 52 KB
21 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:44:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame EFD5 179 KB
65 KB 100ms
38ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f0643b07c74ae6acb153d7023bac12f50e57ca3fc692e28810459bc4fb8d82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66526
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 allads.php Show response
beycoin.xyz/ Frame C347 31 B
310 B 187ms
186ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ab6ffe9491171d314071fcb2cd4d8bca3382206457d8ed717069b30a6932305e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb393e07fa804a0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onkWcsngenS15kTZY3yoHqw4RMEpnzTPx9C3ltab7BWGd7z95HW1lFgKnYUBZaBeVEygg5I0RnLVCD6hdvkTQrcd%2FEcCRCNogvPEoMEamvFag18ec7l43FNgSJA8tXZuS%2FFY5r6b82gVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260B 0
0 175ms
123ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.585.0&e=44772139%2C44775193%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2035772007897295&domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 13:07:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
video.onetouch8.info/api/video/ Frame 260B 42 B
835 B 68ms
68ms XHR
application/xml 2606:4700:e2::ac40:8211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=47763&tmax=500&video-skipafter=5&count=3&tagId=fhx04t8i7h85h0uf
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwSpdmG%2BoZcrhq7zUpglfYWpANcHygfru%2F1O3wHzUrmFldofnMcLBYThQjC%2FHJ4xu8OEyyxNyHc9Wxb%2FYsfAUjHioBo6zGXnA8C9fey7yDJPOi3Vu7SLaPWTfqdlaEbn3SmgCn3hS4D%2BALtaHG%2FuSOP2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 7fb393e07f5f386d-LHR
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2FBD 52 KB
21 KB 95ms
58ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=3&&ids=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:44:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2FBD 184 KB
67 KB 118ms
80ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=3&&ids=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1ea59d64d9002e704361add9c6a019fd90d1cc5dd77d08b9b3acf1476807aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68514
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5C90 52 KB
21 KB 86ms
50ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:44:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5C90 179 KB
65 KB 138ms
102ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f0643b07c74ae6acb153d7023bac12f50e57ca3fc692e28810459bc4fb8d82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66526
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame F976 21 KB
21 KB 92ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f67ce158a659b6dd01c5209ecb2b3543a3df33533f8cad4eb7243427a4452ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:19:09 GMT
x-content-type-options: nosniff
age: 488888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21084
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 21:19:09 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/ Frame 8956 136 KB
46 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee411da9d27c804d2054107a49d258f9a9dded067c7ac453d59a3b9302a9425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46748
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 17:58:17 GMT

GET
H3 200 allads.php Show response
beycoin.xyz/ Frame 4BE7 214 B
643 B 348ms
347ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=3&&ids=169
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8a67e8c93ce45efd6823f13e67074fdb20af4380da2017a6ca80f29c83f5d791

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb393e0bb16d62a-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crzA%2FbXou6opKXKlRyLu2L%2Br19iPnXmGwXC4LsV0t72d7rxlOidcBgOALWbc3ZtkM3nfRwQpTgMoTgSCLRlED4gsvxlfuicWnByKDs0K%2FoUs%2FNPV4XyGy2sWhqXpV3IZghHEckgxxHhfLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 allads.php Show response
beycoin.xyz/ Frame 2458 179 B
592 B 346ms
346ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=169
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1d2de2c757ecaab23228d1eb69c5fd64c898299e747448fd2830d9ea3133cecb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb393e0db34d62a-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 13:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bi7BR9F7MceT6gbBqOy7EQW68v06TbzfeVDkk%2BG3I9Pawi8KPYyeWKj9e7KQqERePv4gHOCeNWotnBTNzsmOSJqkyzpxg80uQjyq9AqdzD0rcatiiKcywm7pGL3Ewlo54n2NLHd8hncpBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

POST
H2 204 csi
csi.gstatic.com/ Frame 260B 0
234 B 93ms
35ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llnr1xoh&c=6080138594565&slotId=3040069297282.5&eee=missing-element&bi=missing-id&faa=1&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 13:07:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B669 107 B
165 B 37ms
36ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame EFD5 216 KB
77 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c4f6e081bfeba9c770f338f77b6e7c5e1156da3f7a074fd7fe2aaeb243dcc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EFD5 52 KB
21 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:44:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260B 0
0 123ms
123ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 13:07:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame 260B 42 B
890 B 54ms
54ms XHR
application/xml 2606:4700:e2::ac40:8211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=47763&tmax=500&video-skipafter=5&count=3&tagId=fhx04t8i7h85h0uf&repeat=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYU3cqjc0yrCUWlYuRcmSSzPIooRJpSQa37I5FNg4d73brlB%2F2AjB1tbxV0zb9NrhuctVjkrIgfNVW0%2BKkrOzFbNWheGz%2BcYnA3bnGkuLu1oFX1zaYkr%2B8Ni2GA30fcewsDwiCPcMelW5tHUsR1w6sousQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 7fb393e1a85735db-LHR
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2FBD 216 KB
77 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec613c1aa007d92161e3233c531cce46f5887104f7cbcdbf3d736dc4c92eeede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78777
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2FBD 52 KB
21 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:44:23 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ Frame F976 1 B
43 B 135ms
134ms Stylesheet
text/css 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5932499647699336755&zx=4e301ca5-5b7e-4f94-ae30-5dc4aec05750

Requested by

Host: radioforuser.blogspot.com
URL: https://radioforuser.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:07:17 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5C90 216 KB
77 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c4f6e081bfeba9c770f338f77b6e7c5e1156da3f7a074fd7fe2aaeb243dcc19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 13:07:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5C90 52 KB
21 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:44:23 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 260B 0
54 B 38ms
35ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llnr1xuf&c=6080138594565&slotId=3040069297282.5&ghmsh_eids=44772139%2C44775193%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 13:07:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B669 107 B
122 B 35ms
33ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 260B 0
0 125ms
125ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 13:07:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame 260B 42 B
860 B 57ms
56ms XHR
application/xml 2606:4700:e2::ac40:8211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=47763&tmax=500&video-skipafter=5&count=3&tagId=fhx04t8i7h85h0uf&repeat=2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhYx0Nhtmk8s6j240YMTGmO19O%2FE7lwhrA3kI0caYBV2o2AQEr9QoHfo%2Fe7uPmM95PKz%2BBpzTXt%2FER64LzSDyXC7vmqutWuM1znPTIeMNnGITkp85UaM9gDdv5sNI1xMlvYNKTNCQtEK6PZz8APiu%2FrdHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 7fb393e289b435db-LHR
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 2224219 Show response
ad.a-ads.com/ Frame 1DEA 12 KB
5 KB 33ms
32ms Document
text/html 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2224219?size=728x90

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.137.20.4.46.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

bb0b3c52d0da51f9916902424e0726b8bca18d9b218d897e589ad564a8838dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 23 Aug 2023 13:07:17 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 index.php Show response
bitspush.io/track/ Frame E6FA 171 B
549 B 83ms
83ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/track/index.php?page=action/impression/1|12|0|239|357|1|266|0|0/e76f5ecb7b237deb8ddab82d2b6dee98/1692796047/FR/
Requested by: Host: bitspush.io
URL: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7018f68a4d2bea064e6606af3a6792e0f8d475e093a6710cab7d6a3b25c29617

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bitspush.io/display/index.php?page=query/items/&aduid=357&pid=239&width=468&height=60&displaytype=0&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=1584&page_data=9fb07012b137710f7ffdf6cdb9057347&time=1692796036&deliver=netzwerk-ad.de&search_keywords=&page_referrer=aHR0cHM6Ly9uZXR6d2Vyay1hZC5kZS93ZWJiaV90cmFmZmljLnBocA==&page_title=&meta_description=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0UYQnvDOfY0TqOi6ZmkjDvWWv2y6MtIIVb4f8mbiOcVKBbSi%2FVJ5YVnDXPbdor%2FaQBtcpky4qb4OeXy5EfsDTXDYXkfGvxy4TONyeIKpuStaN4Yl%2FVmJtbRo80xuV85wvZP1g1QBj2DZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7fb393e2fc11d35b-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads.js Show response
adbit.biz/js/ Frame 2458 13 KB
5 KB 80ms
24ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adbit.biz/js/show_ads.js
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ec552ee9e7bc32cdda1ef340fde362c17ee370595a87713a448d2e69fe10b07

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 546132
cf-polished: origSize=13619
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 20 Jun 2022 08:29:04 GMT
server: cloudflare
etag: W/"62b02fd0-3533"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSXT4YDY8xsCbZouOo1o27wTAZdHi2rjXKmpiqlS1pGQKQocyv2mdRcDqA1ZATLvzVrMg7xCDULuknwaqliwijYYIjC0KaenNJrGHTCZUWl51gymALQ59I2%2BBTM3NfEfNf%2FmQkku%2BQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7fb393e36b470403-CDG
expires: Tue, 22 Aug 2023 11:20:47 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/117613/ Frame 1DEA 119 KB
119 KB 27ms
27ms Image
image/gif 46.4.20.137
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117613/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2224219?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.20.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.137.20.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 1d088b3a1ec29cf32e83a45b3e0de21eaa65317b3e95a8a7a03564a04b484cf6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
x-amz-version-id: 4UuNq3rYilbw0bXTmf9yFiTJzUJp1Tld
last-modified: Sun, 19 Apr 2020 16:07:32 GMT
server: nginx
x-amz-request-id: FSFJ3YM6WMHXJP0E
etag: "c179f03b229eed73bf532282dec369e7"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 121782
x-amz-id-2: c32RzD5+GKTm4n0vaDrfojnJEKX2/Mk6JbXEQ4hgUR7M2BI1KDlrKh9fVIjYTy/G1Cj1+DUVE5I=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 1DEA 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 afr.php Show response
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 2E8B 402 B
991 B 156ms
39ms Document
text/html 52.209.236.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9
Requested by: Host: s.openstream.co
URL: https://s.openstream.co/extern/p/v4/js/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.236.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-236-157.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Charset: utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 402
Content-Type: text/html;charset=UTF-8
Date: Wed, 23 Aug 2023 13:07:17 GMT
Instance-id: i-00c7e5bc11bee0f4d
P3P: policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code: -1
X-Adswizz-request-id: fca0b2a0-41b5-11ee-884b-063fb271df47
X-Application-Context: application:production
X-Clacks-Overhead: GNU Terry Pratchett

GET
H3 200 a
www.googletagmanager.com/ Frame 2FBD 0
11 B 72ms
70ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1744748654&rv=38l0&ut=AACA&h=Ag&cid=UA-195030228-1&l=UA-195030228-1.L490.S3.Y26.E320.EC5.TC5.HTC0~gtm.init.S0.V0.E33.TS5ogt1pdatav2.TI6.TE2.TS5ccdgalast.TI8.TE0.TS5ccdgafirst.TI9.TE0~gtm.js.S0.V0.E29.TS5rep.TI1.TE0.TS5zone.TI3.TE1~gtm.dom.S0.V0.E9~gtm.load.S0.V0.E1~gtm.init_consent.S0.V0.E21

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 13:07:17 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 swfobject-2.2.min.js Show response
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 2E8B 9 KB
9 KB 109ms
24ms Script
application/x-javascript 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by: Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 03:50:05 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2015 12:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 58142
etag: "e6a40488a5f5774d02c06d0787ef01d8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 9211
x-amz-cf-id: yInk_JgGS1zOcxyq5qWYrHAml-4gDIXzuwssstaiGFkZkGo5EQ1d_w==

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			netzwerk-ad.de/	1970-01-20 14:13:19	Name: _data_cpc Value: 12-1-1692799637

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/cb=gapi.loaded_0?le=scs(Line 175) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.blogger.com') does not match the recipient window's origin ('null').
security	error	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/cb=gapi.loaded_0?le=scs(Line 175) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.blogger.com') does not match the recipient window's origin ('null').
security	error	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.VePzHPs6qN8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9VLeukmHJGBafBpBAYYNVj4Nyt4A/cb=gapi.loaded_0?le=scs(Line 175) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://radioforuser.blogspot.com') does not match the recipient window's origin ('null').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adbit.biz
adnade.net
adservice.google.com
apis.google.com
beycoin.xyz
billigerscheiss.de
bitspush.io
csi.gstatic.com
delivery-cdn-cf.adswizz.com
fonts.googleapis.com
fonts.gstatic.com
free-btc.org
imasdk.googleapis.com
libertad-ads.de
listen.openstream.co
netzwerk-ad.de
pagead2.googlesyndication.com
radioforuser.blogspot.com
resources.blogblog.com
s.openstream.co
s0.2mdn.net
static.a-ads.com
synchroscript.deliveryengine.adswizz.com
video.onetouch8.info
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.paidclicker.de
13.32.99.45
144.126.134.105
195.90.212.124
2001:4860:4802:32::3
2600:9000:223c:d400:d:6fdf:61c0:93a1
2606:4700:3032::ac43:ab44
2606:4700:e2::ac40:8211
2a00:1450:4001:802::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::2009
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a01:4f8:10b:ddc::2
2a06:98c1:3121::3
46.4.20.137
52.209.236.157
54.74.249.105
85.13.154.214
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
17f9b765abc9e304b9259e415a18226dbb1ac51f3ec3eaeb236762b0112240a9
1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723
19522ba5538e6e2c26794df7a2d5b692404454116c8686c20f198e769494778a
1d088b3a1ec29cf32e83a45b3e0de21eaa65317b3e95a8a7a03564a04b484cf6
1d2de2c757ecaab23228d1eb69c5fd64c898299e747448fd2830d9ea3133cecb
1e5e5df1d130dd028db61bd811eaed4705eaff95034fe3f8a86ba6a85e77af5f
2c560b150976488bdb5561d8223e9045a932eafb9201ae06289576f3ae842d8e
36ccf8c907f614ce79d3b45d975eb8b584092c33668f14fa0b683ca39f4d3522
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a
48d38bd76113297b9c44deefb3c946f28c5acea0674e6d32e36c77877fc41e19
49c1e42f2acbd89561f3ec75ebc643caa60c16c245ff4a49c19f6404d9c76958
4a17140a73e6ba18e9bb27b533d4dad8e8ee4340e0da7e9e87640452f006ed78
4ec552ee9e7bc32cdda1ef340fde362c17ee370595a87713a448d2e69fe10b07
50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677
5bca8d1df99253c21740d2027219ec8fc85211b2966db185512ab778a53f132f
5c8793439a8ddaeda1c77be771e0b372ee84df830d2c04f34a9e7ab9e982759a
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
60258bab77d2379c7615dc910584babda414830d21d8005caf135da738107d77
625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
644d5dadf3c588db3557ce352495e12cfa7e0e595ad0bd3fabcb807dedc4e975
695d7f02b1c1193c310b3606dce44ceec5b942debf5dae643857ac8b82956b42
69fe716fda91b742d729dd8c4d5dda5c6b61b93442e24cb106a6147a0843f707
6f0643b07c74ae6acb153d7023bac12f50e57ca3fc692e28810459bc4fb8d82f
7018f68a4d2bea064e6606af3a6792e0f8d475e093a6710cab7d6a3b25c29617
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7c4f6e081bfeba9c770f338f77b6e7c5e1156da3f7a074fd7fe2aaeb243dcc19
7ee411da9d27c804d2054107a49d258f9a9dded067c7ac453d59a3b9302a9425
821f8376a59c1e7cc76cc3d0e5908d50905587e36351479c8bfbf72a48272358
822c24e7bb8951137787e10f3cb0a25651717df77ef306930cac9732812bbddf
8a67e8c93ce45efd6823f13e67074fdb20af4380da2017a6ca80f29c83f5d791
8e612c5fd5c10a75b53abaee34c637e6a686d0b7ad72514c3d997d7d7ce85122
9c4a0e251474c5604e83b248b0ae955d0986cc24cadb7a4868814c9ca33aca4f
9ed25ae1a1a75a422ad82f1acb7b98248167b9b376c471409325711f948c52c5
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1ea59d64d9002e704361add9c6a019fd90d1cc5dd77d08b9b3acf1476807aeb
a3e1093340672670c94ad0e6057020af015bca92bdba9c30f9f0efbce2d31a94
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
ab6ffe9491171d314071fcb2cd4d8bca3382206457d8ed717069b30a6932305e
af50df1dd598436023ac3d1fc4c5e3648102e56ddf03c08b6a362148e5e243df
bb0b3c52d0da51f9916902424e0726b8bca18d9b218d897e589ad564a8838dac
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c46db6e3ba6b4c52faae173f16bfe5b64d2ca4a3b7fc6efde6457c61825872e7
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d75ce0b26d25b78a574b8d41f2d0fb4e9d8326255f281df6a13e8cb617b5beb9
d970b7386e4dd14653fa56de7d01b2a99ca08bd7d882eefaac1330f92719a796
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
df12f1788d48579ff2d735391648e079812b9289705e9d4c599d98a63247aa29
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec613c1aa007d92161e3233c531cce46f5887104f7cbcdbf3d736dc4c92eeede
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f67ce158a659b6dd01c5209ecb2b3543a3df33533f8cad4eb7243427a4452ef8

netzwerk-ad.de Open in urlscan Pro 144.126.134.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

71 %IPv6

23 Domains

29 Subdomains

24 IPs

3 Countries

2037 kBTransfer

4577 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

netzwerk-ad.de Open in urlscan Pro
144.126.134.105 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

71 %
IPv6

23
Domains

29
Subdomains

24
IPs

3
Countries

2037 kB
Transfer

4577 kB
Size

1
Cookies

80 HTTP transactions
3 data transactions