nadihartanah.com Open in urlscan Pro
104.152.168.36 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nadihartanah.com/work/gdoc/
Submission: On March 22 via api (March 22nd 2017, 12:34:40 am UTC) from CA

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 5 domains to perform 57 HTTP transactions. The main IP is 104.152.168.36, located in Canada and belongs to CROCWEB - CrocWeb, CA. The main domain is nadihartanah.com.

This is the only time nadihartanah.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
8	104.152.168.36 104.152.168.36	63068 (CROCWEB) (CROCWEB - CrocWeb)
1	134.249.116.78 134.249.116.78	15895 (KSNET-AS) (KSNET-AS)
1	188.42.162.218 188.42.162.218	35415 (WEBZILLA) (WEBZILLA)
1	35.157.30.97 35.157.30.97	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	188.42.162.213 188.42.162.213	35415 (WEBZILLA) (WEBZILLA)
3	50.28.63.60 50.28.63.60	32244 (LIQUID-WE...) (LIQUID-WEB-INC - Liquid Web)
32	185.3.185.94 185.3.185.94	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
57	8

8 104.152.168.36 (Canada)

ASN63068 (CROCWEB - CrocWeb, CA)
PTR: server36.hostwhitelabel.com

nadihartanah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.249.116.78 (Lviv, Ukraine)

ASN15895 (KSNET-AS, UA)
PTR: 134-249-116-78.broadband.kyivstar.net

134.249.116.78	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.162.218 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

go.padsdel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.30.97 (Ann Arbor, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-30-97.eu-central-1.compute.amazonaws.com

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.162.213 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

go.padsdel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.28.63.60 (Lansing, United States)

ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US)

lvmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 185.3.185.94 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

www.freie-auswahl.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	freie-auswahl.de www.freie-auswahl.de Failed	211 KB
8	nadihartanah.com nadihartanah.com	59 KB
3	lvmobi.com lvmobi.com Failed	2 KB
2	padsdel.com go.padsdel.com Failed	4 KB
1	rtmark.net my.rtmark.net
57	5

	Domain	Requested by
32	www.freie-auswahl.de	www.freie-auswahl.de
8	nadihartanah.com	nadihartanah.com
3	lvmobi.com
2	go.padsdel.com
1	my.rtmark.net	go.padsdel.com
57	5

This site contains links to these domains. Also see Links.

Domain
www.big-bang-ads.com

Subject Issuer	Validity	Valid
go.padsdel.com RapidSSL SHA256 CA	`2016-05-10` - `2017-06-09`	a year	crt.sh
my.rtmark.net RapidSSL SHA256 CA - G2	`2017-03-06` - `2018-04-05`	a year	crt.sh

This page contains 4 frames:

Frame: https://go.padsdel.com/afu.php?id=979282
Frame ID: 31779.1
Requests: 17 HTTP requests in this frame

Frame: http://lvmobi.com/jump/clk1.php?jl=82952506
Frame ID: 31827.1
Requests: 4 HTTP requests in this frame

Frame: http://www.freie-auswahl.de/
Frame ID: 31855.1
Requests: 4 HTTP requests in this frame

Frame: http://www.freie-auswahl.de/
Frame ID: 31880.1
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

57
Requests

5 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

8
IPs

5
Countries

279 kB
Transfer

740 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.big-bang-ads.com/affiliate-signup/?utm_source=GWS&utm_medium=Link&utm_campaign=Registration
Title: click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 15

https://go.ad2up.com/afu.php?id=979282
https://go.padsdel.com/afu.php?id=979282

Request 18

http://lvmobi.com/click.php?c=3287&key=jl9iqom234uupohpn6s5k1f5&c1=979282&c2=300349941265&drf=http://nadihartanah.com/work/gdoc/
http://lvmobi.com/jump/clk1.php?jl=82952506

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nadihartanah.com/work/gdoc/ 179 KB
22 KB 1501ms
1305ms Document
text/html 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed / PHP/5.6.23
Resource Hash: a0e483abebf13d85ea118f468a19c56f0706848631a4b9a6c4f3773c93c6ab5e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: LiteSpeed
X-Powered-By: PHP/5.6.23
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: close
Accept-Ranges: bytes

GET
H/1.1 200
OK featuredcontentglider.js Show response
nadihartanah.com/work/gdoc/images/ 8 KB
3 KB 231ms
132ms Script
application/javascript 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/images/featuredcontentglider.js
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 4ff2d30f1fcf3653e1f72f64cacc0883041a9cd0554974c620910f1794fe9e13

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2017 10:05:59 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3093
Expires: Wed, 29 Mar 2017 00:34:28 GMT

GET
H/1.1 200
OK jquery.min.js Show response
nadihartanah.com/work/gdoc/images/ 56 KB
22 KB 230ms
132ms Script
application/javascript 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/images/jquery.min.js
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 6403df2f8a80e11e0ce3ebc07994ee3d0c444200ec9cf08f0325508801ddc5d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2017 10:05:59 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 22187
Expires: Wed, 29 Mar 2017 00:34:28 GMT

GET
H/1.1 200
OK R3WinLive1033.css
nadihartanah.com/work/gdoc/images/ 16 KB
4 KB 230ms
133ms Stylesheet
text/css 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/images/R3WinLive1033.css
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 73c37bdf590324de38f67e4790d6b420c131631bdda14aafa7cf468926ea63fa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Mar 2014 02:24:32 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4041
Expires: Wed, 29 Mar 2017 00:34:28 GMT

GET
H/1.1 200
OK featuredcontentglider.css
nadihartanah.com/work/gdoc/images/ 2 KB
844 B 229ms
131ms Stylesheet
text/css 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/images/featuredcontentglider.css
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 809e23b0208305e20b0893c82cc655d2d38d44121488ee71a9cb044d9b918592

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Mar 2014 02:24:54 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 844
Expires: Wed, 29 Mar 2017 00:34:28 GMT

GET
H/1.1 200
OK yahoo.css
nadihartanah.com/work/gdoc/images/ 778 B
324 B 204ms
106ms Stylesheet
text/css 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/images/yahoo.css
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: cd1b493e6a71fabd543b6df3c2522eb83aadc71ecefda20192a164685ab73972

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Mar 2014 02:25:08 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 324
Expires: Wed, 29 Mar 2017 00:34:28 GMT

GET
H/1.1 200
OK aol.css
nadihartanah.com/work/gdoc/images/ 3 KB
994 B 229ms
131ms Stylesheet
text/css 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to

Full URL: http://nadihartanah.com/work/gdoc/images/aol.css
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 0b699d1cd4b57c03b8d1365007a8eacf22780f2685f81c4861f2410dd2ffd982

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Mar 2014 02:25:24 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 994
Expires: Wed, 29 Mar 2017 00:34:28 GMT

GET
H/1.1 200
OK google_logo_41.png
nadihartanah.com/work/gdoc/images/ 6 KB
6 KB 589ms
589ms Image
image/png 104.152.168.36
CrocWeb

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nadihartanah.com/work/gdoc/images/google_logo_41.png
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/
Protocol: HTTP/1.1
Server: 104.152.168.36 , Canada, ASN63068 (CROCWEB - CrocWeb, CA),
Reverse DNS: server36.hostwhitelabel.com
Software: LiteSpeed /
Resource Hash: 2991102bf5c783ea6f018731a8939ee97a4d7562a76e8188775447e3c6e0876f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: nadihartanah.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:29 GMT
Last-Modified: Wed, 19 Mar 2014 02:04:36 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6321
Expires: Wed, 29 Mar 2017 00:34:29 GMT

GET aol.jpg
nadihartanah.com/work/gdoc/images/ 0
0

GET GmailTransparent1.png
nadihartanah.com/work/gdoc/images/ 0
0

GET hotmail.png
nadihartanah.com/work/gdoc/images/ 0
0

GET yahoo.jpg
nadihartanah.com/work/gdoc/images/ 0
0

GET outlook.png
nadihartanah.com/work/gdoc/images/ 0
0

GET drive-icons.png
nadihartanah.com/work/gdoc/images/ 0
0

GET universal_language_settings-21.png
nadihartanah.com/work/gdoc/images/ 0
0

GET
H/1.1 200
OK jquery.js Show response
134.249.116.78/ 3 KB
3 KB 54ms
27ms Script
application/javascript 134.249.116.78
KSNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://134.249.116.78/jquery.js
Requested by: Host: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/jquery.min.js
Protocol: HTTP/1.1
Server: 134.249.116.78 Lviv, Ukraine, ASN15895 (KSNET-AS, UA),
Reverse DNS: 134-249-116-78.broadband.kyivstar.net
Software: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23 /
Resource Hash: f9e5338e0d4f75e9a271641bb4baefb1882b29a6452fc3c9298591c814ad5848

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: 134.249.116.78
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept: */*
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 22 Mar 2017 00:34:28 GMT
Last-Modified: Mon, 27 Feb 2017 15:12:50 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.23
ETag: "c08-54984833f060a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3080

GET

afu.php
go.padsdel.com/
Redirect Chain

https://go.ad2up.com/afu.php?id=979282
https://go.padsdel.com/afu.php?id=979282

0
0

GET
H/1.1 200
OK Cookie set afu.php Show response
go.padsdel.com/ Frame 3182 10 KB
4 KB 108ms
57ms Document
text/html 188.42.162.218
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://go.padsdel.com/afu.php?id=979282

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

188.42.162.218 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

c752128259e84c58ebd792c4662d7f92627e805edfd11208abd9b0526c663531

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: go.padsdel.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://nadihartanah.com/work/gdoc/
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://nadihartanah.com/work/gdoc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Mar 2017 00:34:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=1
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Set-Cookie: SeenToday=1; expires=Thu, 23-Mar-2017 00:34:29 GMT; path=/ OAGEOf586f=4%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; expires=Thu, 23-Mar-2017 00:34:29 GMT; path=/ OAID=32ec182c8a121a85315b29fb85a9506d; expires=Thu, 22-Mar-2018 00:34:29 GMT; path=/ OAID=32ec182c8a121a85315b29fb85a9506d; expires=Thu, 22-Mar-2018 00:34:29 GMT; path=/ pbk2=6713f539be25b350e4debe68828322506400114889854734740; expires=Wed, 22-Mar-2017 00:44:29 GMT
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK Cookie set img.gif
my.rtmark.net/ Frame 3182 0
0 28ms
6ms Other
image/gif 35.157.30.97
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://my.rtmark.net/img.gif?f=merge&oaid=32ec182c8a121a85315b29fb85a9506d&domain=5
Requested by: Host: go.padsdel.com
URL: https://go.padsdel.com/afu.php?id=979282
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.30.97 Ann Arbor, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-30-97.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.1 /
Resource Hash

Request headers

Pragma: no-cache
Origin: https://go.padsdel.com
Accept-Encoding: gzip, deflate, br
Host: my.rtmark.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: max-age=0
Referer: https://go.padsdel.com/afu.php?id=979282
Connection: keep-alive
Content-Length: 0
Cache-Control: max-age=0
Origin: https://go.padsdel.com
Referer: https://go.padsdel.com/afu.php?id=979282
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Set-Cookie: ID=0e8a214772de4becb18ac8cd0c0600e7; expires=Thu, 22 Mar 2018 00:34:29 GMT
Date: Wed, 22 Mar 2017 00:34:29 GMT
Server: nginx/1.10.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET

clk1.php
lvmobi.com/jump/ Frame 3182
Redirect Chain

http://lvmobi.com/click.php?c=3287&key=jl9iqom234uupohpn6s5k1f5&c1=979282&c2=300349941265&drf=http://nadihartanah.com/work/gdoc/
http://lvmobi.com/jump/clk1.php?jl=82952506

0
0

GET
H/1.1 204
No Content favicon.ico
go.padsdel.com/ Frame 3182 0
0 61ms
13ms Other
text/plain 188.42.162.213
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://go.padsdel.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 188.42.162.213 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: go.padsdel.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://go.padsdel.com/afu.php?id=979282
Cookie: SeenToday=1; OAGEOf586f=4%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; OAID=32ec182c8a121a85315b29fb85a9506d; pbk2=6713f539be25b350e4debe68828322506400114889854734740
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.padsdel.com/afu.php?id=979282
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 22 Mar 2017 00:34:29 GMT
Cache-Control: max-age=315360000 public, must-revalidate, proxy-revalidate
Server: nginx
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK clk1.php Show response
lvmobi.com/jump/ Frame 3185 382 B
239 B 264ms
135ms Document
text/html 50.28.63.60
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://lvmobi.com/jump/clk1.php?jl=82952506
Protocol: HTTP/1.1
Server: 50.28.63.60 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS
Software: LiteSpeed / PHP/5.6.17
Resource Hash: 98005870e92a5cbabac090dd72e67c48e8afa33b9e9d9afb77214004a6dc5a56

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: lvmobi.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Cookie: offerLink=H7dIDUk1IrA%2FAnot944UlQ%3D%3DSzsA74%2FHvIVC%2BXqM2sTOP16GfwPlIMs1fBI0yuSipug%3D; IMT1490142870253=%2BZFPZLxJKl%2BUhuXKqMKEGQ%3D%3D%2B%2F65ago0qAMZ6lVmR2iB31PHdqZ4B4%2FQwZJWtpB40oQ%3D
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:30 GMT
Content-Encoding: gzip
Server: LiteSpeed
P3P: CP="This site does not have a p3p policy."
X-Powered-By: PHP/5.6.17
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 239

GET
H/1.1 200
OK Cookie set / Show response
lvmobi.com/jump/ Frame 3185 361 B
224 B 266ms
138ms Document
text/html 50.28.63.60
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://lvmobi.com/jump/?jl=82952506
Protocol: HTTP/1.1
Server: 50.28.63.60 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS
Software: LiteSpeed / PHP/5.6.17
Resource Hash: 2fb556cd3df5f6c2a1f43689df216fc43071fe30e162a02c4a0a74898a90d30c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: lvmobi.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://lvmobi.com/jump/clk1.php?jl=82952506
Cookie: offerLink=H7dIDUk1IrA%2FAnot944UlQ%3D%3DSzsA74%2FHvIVC%2BXqM2sTOP16GfwPlIMs1fBI0yuSipug%3D; IMT1490142870253=%2BZFPZLxJKl%2BUhuXKqMKEGQ%3D%3D%2B%2F65ago0qAMZ6lVmR2iB31PHdqZ4B4%2FQwZJWtpB40oQ%3D
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://lvmobi.com/jump/clk1.php?jl=82952506
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:30 GMT
Content-Encoding: gzip
Server: LiteSpeed
P3P: CP="This site does not have a p3p policy."
X-Powered-By: PHP/5.6.17
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: offerLink=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=lvmobi.com
Connection: close
Accept-Ranges: bytes
Content-Length: 224

GET
H/1.1 200
OK favicon.ico
lvmobi.com/ Frame 3185 1 KB
1 KB 260ms
131ms Other
image/x-icon 50.28.63.60
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://lvmobi.com/favicon.ico
Protocol: HTTP/1.1
Server: 50.28.63.60 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: lvmobi.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://lvmobi.com/jump/clk1.php?jl=82952506
Cookie: offerLink=H7dIDUk1IrA%2FAnot944UlQ%3D%3DSzsA74%2FHvIVC%2BXqM2sTOP16GfwPlIMs1fBI0yuSipug%3D; IMT1490142870253=%2BZFPZLxJKl%2BUhuXKqMKEGQ%3D%3D%2B%2F65ago0qAMZ6lVmR2iB31PHdqZ4B4%2FQwZJWtpB40oQ%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://lvmobi.com/jump/clk1.php?jl=82952506
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:30 GMT
Last-Modified: Thu, 31 Jan 2013 19:19:30 GMT
Server: LiteSpeed
ETag: "47e-510ac3c2-9c0e8681ec5e4e9"
Content-Type: image/x-icon
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1150

GET /
www.freie-auswahl.de/ Frame 3185 0
0

GET
H/1.1 200
OK / Show response
www.freie-auswahl.de/ Frame 3188 14 KB
4 KB 341ms
201ms Document
text/html 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8fc6c4042afddc19cc9af2e793095359ca968205aeb06c4d5c598110c283748d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://lvmobi.com/jump/?jl=82952506
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://lvmobi.com/jump/?jl=82952506
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Server: nginx
X-Map-Context: de
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
X-FIRSTPAGE: 1
Transfer-Encoding: chunked
Connection: keep-alive
X-PAGE: pregame
Keep-Alive: timeout=60
X-Served-By: a-01

GET
H/1.1 200
OK reset.css
www.freie-auswahl.de/_global/css/ Frame 3188 989 B
989 B 8ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/css/reset.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6129a37b8b72fc3d2b5ba6976a67954c8892c94b9db4471130ab90471db72ab7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Thu, 18 Aug 2016 09:53:03 GMT
Server: nginx
X-Map-Context: de
ETag: "57b5857f-3dd"
X-Served-By: a-02
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 989
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK basic.css
www.freie-auswahl.de/_global/css/ Frame 3188 3 KB
1 KB 16ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/css/basic.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8416a63a81e4c8f3a3f75c3382252faca68195c7356d3eae9abe7572306f4f22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2015 07:56:11 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK global.css
www.freie-auswahl.de/_global/css/ Frame 3188 466 B
466 B 15ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/css/global.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: bdd3d7e2fb74ea8396205482a039ee0f6cb3fcecb699c1091d0469edf2c2a873

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Fri, 03 Mar 2017 09:39:32 GMT
Server: nginx
X-Map-Context: de
ETag: "58b939d4-1d2"
X-Served-By: a-03
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 466
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK global_mobile.css
www.freie-auswahl.de/_global/css/ Frame 3188 516 B
516 B 15ms
6ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/css/global_mobile.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: dc676394bcfb1a4cd84897bc653fc6ad10cea67946950f33c19d8e7afc1c7069

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Wed, 04 May 2016 11:25:31 GMT
Server: nginx
X-Map-Context: de
ETag: "5729dc2b-204"
X-Served-By: a-02
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 516
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.freie-auswahl.de/_global/fonts/font-awesome-4.6.3/css/ Frame 3188 28 KB
7 KB 16ms
9ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Aug 2016 09:52:51 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-01
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK series.css
www.freie-auswahl.de/_global/wingame/62/css/ Frame 3188 23 KB
4 KB 16ms
9ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/wingame/62/css/series.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: dd7d924a2faee3eb57be49e5b55993428c22650b23b07c88d6b797f95cc95cb3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2017 11:21:41 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK sweepstake.css
www.freie-auswahl.de/wingame/126/css/ Frame 3188 7 KB
2 KB 15ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/wingame/126/css/sweepstake.css?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: f5e979a5851964cf26178b7ec6080004416260850b01d33bd77785a6d06ef8eb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2017 09:43:57 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK MooTools-Core-1.6.0-compat-compressed.js Show response
www.freie-auswahl.de/_global/js/framework/ Frame 3188 94 KB
29 KB 29ms
14ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/js/framework/MooTools-Core-1.6.0-compat-compressed.js?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: b3a63f0519b1f294a32b45d19c09a7d1c8dc3d8d4ff368b97a5296363ff13493

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Aug 2016 09:53:03 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-03
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK moolidator.js Show response
www.freie-auswahl.de/_global/js/ Frame 3188 34 KB
5 KB 24ms
9ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/js/moolidator.js
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 76a1457b904203e909edb4d72e1f4fe512799612fba041622a575bf432d47946

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Mar 2017 10:54:24 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-01
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK moolidator_rules.js Show response
www.freie-auswahl.de/_global/js/ Frame 3188 24 KB
3 KB 25ms
10ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/js/moolidator_rules.js
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: b678c259cf1e6ff8502e862a7ebaea908a0bbac636e4804be60dc2e28d575e17

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Mar 2017 10:01:55 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK scripts.js Show response
www.freie-auswahl.de/_global/js/ Frame 3188 42 KB
10 KB 34ms
17ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/js/scripts.js?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5085fea934666738af3f25fcc589e374633087ee428a249af84af67f69f0f764

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2017 12:07:25 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK global.js Show response
www.freie-auswahl.de/wingame/global/js/ Frame 3188 26 KB
6 KB 27ms
11ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/wingame/global/js/global.js?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: d92ff6b0c6639e89dae4e1cfd15611929532d895e88508b3841c44f71ef73b7c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Dec 2016 10:00:39 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK series.js Show response
www.freie-auswahl.de/_global/wingame/62/js/ Frame 3188 16 KB
4 KB 31ms
10ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/wingame/62/js/series.js?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7bd3d68986d84d1fb9121ce90a61bb022729635bc14a63c1b1258addf8e1b76f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Oct 2016 09:03:04 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK sweepstake.js Show response
www.freie-auswahl.de/wingame/126/js/ Frame 3188 5 KB
1 KB 32ms
7ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/wingame/126/js/sweepstake.js?170801317372726727
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: b87cb852f16af3b4f4a5da495fabdc6a2007deb4bfb7b23d81bb10f2e22ae769

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2016 08:19:13 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-03
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK sponsoren_iframe_tabs.css
www.freie-auswahl.de/_global/css/ Frame 3188 4 KB
1 KB 21ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/css/sponsoren_iframe_tabs.css
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: fe54a4cd856d2c6c730c3d8c45957485edbc451c7d7bcc766040f24340bbb3d6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2016 09:57:11 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_337.png
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 566 B
566 B 7ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_337.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 061a65ff4a29d4836ee23ecfa0bf5e25c67787bd7fe377c8fa52c20fe5b8de50

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Fri, 09 Sep 2016 12:07:47 GMT
Server: nginx
X-Map-Context: de
ETag: "57d2a613-236"
X-Served-By: a-04
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 566
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_340_1481031561.png
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 95 B
95 B 7ms
6ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_340_1481031561.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 13:39:21 GMT
Server: nginx
X-Map-Context: de
ETag: "5846bf89-5f"
X-Served-By: a-02
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 95
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_342.png
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 566 B
566 B 7ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_342.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 061a65ff4a29d4836ee23ecfa0bf5e25c67787bd7fe377c8fa52c20fe5b8de50

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Fri, 09 Sep 2016 12:07:51 GMT
Server: nginx
X-Map-Context: de
ETag: "57d2a617-236"
X-Served-By: a-04
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 566
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_364_1481025235.jpeg
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 24 KB
24 KB 7ms
7ms Image
image/jpeg 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_364_1481025235.jpeg
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: a6ff805dc358ed24bc7bd2cd3e68b9a40929fcae0d38c758d92ff29a34da01a3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 11:53:55 GMT
Server: nginx
X-Map-Context: de
ETag: "5846a6d3-602c"
X-Served-By: a-02
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 24620
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_61_363.png
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 135 B
135 B 7ms
6ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_61_363.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: b34b0d1539fe38800f105dd9705bebdbb0ed5b69c8ce0d4b603b91f7f843246d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Mon, 07 Mar 2016 14:15:27 GMT
Server: nginx
X-Map-Context: de
ETag: "56dd8cff-87"
X-Served-By: a-04
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 135
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_355_1481025210.jpeg
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 2 KB
2 KB 7ms
6ms Image
image/jpeg 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_355_1481025210.jpeg
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: da1b4b400af3453d871d353a8c0b8ddc6cbf24d8cdb80c65c03dd91e8004ecc0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 11:53:30 GMT
Server: nginx
X-Map-Context: de
ETag: "5846a6ba-61e"
X-Served-By: a-02
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1566
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_358_1481025217.jpeg
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 2 KB
2 KB 7ms
6ms Image
image/jpeg 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_358_1481025217.jpeg
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3e0f639915bf5c9255a65e6c6e3fb25b08fb37f65c1ff1795f184507321957e2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 11:53:37 GMT
Server: nginx
X-Map-Context: de
ETag: "5846a6c1-6b1"
X-Served-By: a-04
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1713
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK image_119_360_1481025223.jpeg
www.freie-auswahl.de/files/web/freetest/_images/ Frame 3188 3 KB
3 KB 7ms
7ms Image
image/jpeg 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/files/web/freetest/_images/image_119_360_1481025223.jpeg
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: c5d149a4a4f45803d0cd6348f58a7c2ead1fc97fec91b3478380b31d2dcc17f0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 11:53:43 GMT
Server: nginx
X-Map-Context: de
ETag: "5846a6c7-ce2"
X-Served-By: a-01
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3298
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK close.png
www.freie-auswahl.de/_global/wingame/default/bba/images/ Frame 3188 1 KB
1 KB 7ms
6ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/_global/wingame/default/bba/images/close.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 13:05:32 GMT
Server: nginx
X-Map-Context: de
ETag: "5846b79c-4dd"
X-Served-By: a-02
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1245
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK 20159413288_bba-logo.png
www.freie-auswahl.de/_global/wingame/default/bba/images/ Frame 3188 4 KB
4 KB 8ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/_global/wingame/default/bba/images/20159413288_bba-logo.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 08 Dec 2015 14:28:55 GMT
Server: nginx
X-Map-Context: de
ETag: "5666e927-e71"
X-Served-By: a-02
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3697
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK country_flag_de.png
www.freie-auswahl.de/wingame/default/language_selection/images/ Frame 3188 282 B
282 B 8ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/wingame/default/language_selection/images/country_flag_de.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: b347a336409f760206398f133f60e8fb8fb5a45c7ed1118cc8ef66d94ca086e8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 13:08:44 GMT
Server: nginx
X-Map-Context: de
ETag: "5846b85c-11a"
X-Served-By: a-03
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 282
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK country_flag_uk.png
www.freie-auswahl.de/wingame/default/language_selection/images/ Frame 3188 618 B
618 B 7ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freie-auswahl.de/wingame/default/language_selection/images/country_flag_uk.png
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: e4273e7e7d5c182a1f0be5cc349f8514a2860015a0380d3b1ed7cede14f60231

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Tue, 06 Dec 2016 13:08:44 GMT
Server: nginx
X-Map-Context: de
ETag: "5846b85c-26a"
X-Served-By: a-04
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 618
Expires: Thu, 23 Mar 2017 00:34:31 GMT

GET
H/1.1 200
OK Roboto-300.woff2
www.freie-auswahl.de/_global/wingame/62/fonts/roboto/ Frame 3188 10 KB
10 KB 7ms
7ms Font
application/octet-stream 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/wingame/62/fonts/roboto/Roboto-300.woff2
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/_global/js/framework/MooTools-Core-1.6.0-compat-compressed.js?170801317372726727
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 61fe7189590814dd84fd3ab4b3aaf1c36cc4b754acec65d70b54738cd724cbd0

Request headers

Pragma: no-cache
Origin: http://www.freie-auswahl.de
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/_global/wingame/62/css/series.css?170801317372726727
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://www.freie-auswahl.de/_global/wingame/62/css/series.css?170801317372726727
Origin: http://www.freie-auswahl.de

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Thu, 18 Aug 2016 12:47:15 GMT
Server: nginx
X-Map-Context: de
ETag: "57b5ae53-2854"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 10324
X-Served-By: a-02

GET
H/1.1 200
OK Roboto-500.woff2
www.freie-auswahl.de/_global/wingame/62/fonts/roboto/ Frame 3188 10 KB
10 KB 7ms
7ms Font
application/octet-stream 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/wingame/62/fonts/roboto/Roboto-500.woff2
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/_global/js/framework/MooTools-Core-1.6.0-compat-compressed.js?170801317372726727
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6f79f64a58642bbf7c71fba9f42fcdd561da4749c204e1936e46507714762a87

Request headers

Pragma: no-cache
Origin: http://www.freie-auswahl.de
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/_global/wingame/62/css/series.css?170801317372726727
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://www.freie-auswahl.de/_global/wingame/62/css/series.css?170801317372726727
Origin: http://www.freie-auswahl.de

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Thu, 18 Aug 2016 12:47:15 GMT
Server: nginx
X-Map-Context: de
ETag: "57b5ae53-2808"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 10248
X-Served-By: a-01

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.freie-auswahl.de/_global/fonts/font-awesome-4.6.3/fonts/ Frame 3188 70 KB
70 KB 8ms
7ms Font
application/octet-stream 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/_global/fonts/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/_global/js/framework/MooTools-Core-1.6.0-compat-compressed.js?170801317372726727
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma: no-cache
Origin: http://www.freie-auswahl.de
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://www.freie-auswahl.de/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?170801317372726727
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Referer: http://www.freie-auswahl.de/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?170801317372726727
Origin: http://www.freie-auswahl.de

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Thu, 18 Aug 2016 09:52:51 GMT
Server: nginx
X-Map-Context: de
ETag: "57b58573-118d8"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 71896
X-Served-By: a-02

GET
H/1.1 200
OK favicon.ico
www.freie-auswahl.de/ Frame 3188 4 KB
4 KB 7ms
7ms Other
image/x-icon 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freie-auswahl.de/favicon.ico
Protocol: HTTP/1.1
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: cfcbfb5eaecbd33f2a41c62af52149e05a38606716e556d49d06edd286628162

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.freie-auswahl.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.freie-auswahl.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freie-auswahl.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Wed, 22 Mar 2017 00:34:31 GMT
Last-Modified: Fri, 14 Oct 2016 11:24:33 GMT
Server: nginx
X-Map-Context: de
ETag: "5800c071-10be"
X-Served-By: a-04
Content-Type: image/x-icon
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 4286
Expires: Thu, 23 Mar 2017 00:34:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/aol.jpg

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/GmailTransparent1.png

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/hotmail.png

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/yahoo.jpg

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/outlook.png

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/drive-icons.png

Domain: nadihartanah.com
URL: http://nadihartanah.com/work/gdoc/images/universal_language_settings-21.png

Domain: go.padsdel.com
URL: https://go.padsdel.com/afu.php?id=979282

Domain: lvmobi.com
URL: http://lvmobi.com/jump/clk1.php?jl=82952506

Domain: www.freie-auswahl.de
URL: http://www.freie-auswahl.de/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.padsdel.com
lvmobi.com
my.rtmark.net
nadihartanah.com
www.freie-auswahl.de
go.padsdel.com
lvmobi.com
nadihartanah.com
www.freie-auswahl.de
104.152.168.36
134.249.116.78
185.3.185.94
188.42.162.213
188.42.162.218
35.157.30.97
50.28.63.60
061a65ff4a29d4836ee23ecfa0bf5e25c67787bd7fe377c8fa52c20fe5b8de50
0b699d1cd4b57c03b8d1365007a8eacf22780f2685f81c4861f2410dd2ffd982
0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
2991102bf5c783ea6f018731a8939ee97a4d7562a76e8188775447e3c6e0876f
2fb556cd3df5f6c2a1f43689df216fc43071fe30e162a02c4a0a74898a90d30c
3e0f639915bf5c9255a65e6c6e3fb25b08fb37f65c1ff1795f184507321957e2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4ff2d30f1fcf3653e1f72f64cacc0883041a9cd0554974c620910f1794fe9e13
5085fea934666738af3f25fcc589e374633087ee428a249af84af67f69f0f764
6129a37b8b72fc3d2b5ba6976a67954c8892c94b9db4471130ab90471db72ab7
61fe7189590814dd84fd3ab4b3aaf1c36cc4b754acec65d70b54738cd724cbd0
6403df2f8a80e11e0ce3ebc07994ee3d0c444200ec9cf08f0325508801ddc5d9
6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d
6f79f64a58642bbf7c71fba9f42fcdd561da4749c204e1936e46507714762a87
73c37bdf590324de38f67e4790d6b420c131631bdda14aafa7cf468926ea63fa
76a1457b904203e909edb4d72e1f4fe512799612fba041622a575bf432d47946
7bd3d68986d84d1fb9121ce90a61bb022729635bc14a63c1b1258addf8e1b76f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
809e23b0208305e20b0893c82cc655d2d38d44121488ee71a9cb044d9b918592
8416a63a81e4c8f3a3f75c3382252faca68195c7356d3eae9abe7572306f4f22
8fc6c4042afddc19cc9af2e793095359ca968205aeb06c4d5c598110c283748d
98005870e92a5cbabac090dd72e67c48e8afa33b9e9d9afb77214004a6dc5a56
a0e483abebf13d85ea118f468a19c56f0706848631a4b9a6c4f3773c93c6ab5e
a6ff805dc358ed24bc7bd2cd3e68b9a40929fcae0d38c758d92ff29a34da01a3
b347a336409f760206398f133f60e8fb8fb5a45c7ed1118cc8ef66d94ca086e8
b34b0d1539fe38800f105dd9705bebdbb0ed5b69c8ce0d4b603b91f7f843246d
b3a63f0519b1f294a32b45d19c09a7d1c8dc3d8d4ff368b97a5296363ff13493
b678c259cf1e6ff8502e862a7ebaea908a0bbac636e4804be60dc2e28d575e17
b87cb852f16af3b4f4a5da495fabdc6a2007deb4bfb7b23d81bb10f2e22ae769
bdd3d7e2fb74ea8396205482a039ee0f6cb3fcecb699c1091d0469edf2c2a873
c5d149a4a4f45803d0cd6348f58a7c2ead1fc97fec91b3478380b31d2dcc17f0
c752128259e84c58ebd792c4662d7f92627e805edfd11208abd9b0526c663531
cd1b493e6a71fabd543b6df3c2522eb83aadc71ecefda20192a164685ab73972
cfcbfb5eaecbd33f2a41c62af52149e05a38606716e556d49d06edd286628162
d92ff6b0c6639e89dae4e1cfd15611929532d895e88508b3841c44f71ef73b7c
da1b4b400af3453d871d353a8c0b8ddc6cbf24d8cdb80c65c03dd91e8004ecc0
dc676394bcfb1a4cd84897bc653fc6ad10cea67946950f33c19d8e7afc1c7069
dd7d924a2faee3eb57be49e5b55993428c22650b23b07c88d6b797f95cc95cb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4273e7e7d5c182a1f0be5cc349f8514a2860015a0380d3b1ed7cede14f60231
f5e979a5851964cf26178b7ec6080004416260850b01d33bd77785a6d06ef8eb
f9e5338e0d4f75e9a271641bb4baefb1882b29a6452fc3c9298591c814ad5848
fe54a4cd856d2c6c730c3d8c45957485edbc451c7d7bcc766040f24340bbb3d6

nadihartanah.com Open in urlscan Pro 104.152.168.36 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

57 Requests

5 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

8 IPs

5 Countries

279 kBTransfer

740 kBSize

0 Cookies

1 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nadihartanah.com Open in urlscan Pro
104.152.168.36 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

5 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

8
IPs

5
Countries

279 kB
Transfer

740 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!