v115323.pi6p.com Open in urlscan Pro
162.55.4.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://krugermp3.org/cgi/202043/Finance/simplii
Effective URL:
https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7364822237716676673&pub=1314&pid=1314-24e31f9z&c=0&app=unkno...
Submission: On May 03 via api (May 3rd 2024, 5:11:48 pm UTC) from LU — Scanned from DE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 68 HTTP transactions. The main IP is 162.55.4.52, located in Mammelzen, Germany and belongs to HETZNER-AS, DE. The main domain is v115323.pi6p.com.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.

This is the only time v115323.pi6p.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	162.0.209.176 162.0.209.176	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	172.67.156.59 172.67.156.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
11	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.155.186.32 185.155.186.32	203639 (TEKNOLOGY) (TEKNOLOGY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	185.155.184.55 185.155.184.55	6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center)
1	108.178.23.118 108.178.23.118	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	162.55.4.52 162.55.4.52	24940 (HETZNER-AS) (HETZNER-AS)
68	17

27 162.0.209.176 (Lebanon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business92-2.web-hosting.com

krugermp3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.156.59 (United States)

ASN13335 (CLOUDFLARENET, US)

distie.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cascade.flanney.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.186.32 (Switzerland)

ASN203639 (TEKNOLOGY, CH)

bestextrabonuses.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.184.55 (Switzerland) 1 redirects

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)

t06k1tb.faykitturn.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.178.23.118 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

take.bestdealfor.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.4.52 (Mammelzen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.4.55.162.clients.your-server.de

v115323.pi6p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	krugermp3.org krugermp3.org	294 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	102 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	104 KB
4	gstatic.com fonts.gstatic.com	112 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	185 KB
2	faykitturn.live 1 redirects t06k1tb.faykitturn.live	2 KB
2	bestextrabonuses.life bestextrabonuses.life	62 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
2	distie.shop distie.shop	8 KB
1	pi6p.com v115323.pi6p.com	163 KB
1	bestdealfor.buzz take.bestdealfor.buzz	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	253 B
1	flanney.shop 1 redirects cascade.flanney.shop	752 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
68	16

	Domain	Requested by
27	krugermp3.org	krugermp3.org
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net krugermp3.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	securepubads.g.doubleclick.net	krugermp3.org securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com krugermp3.org
2	t06k1tb.faykitturn.live	1 redirects bestextrabonuses.life
2	4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	bestextrabonuses.life	distie.shop
2	connect.facebook.net	krugermp3.org connect.facebook.net
2	fonts.googleapis.com	krugermp3.org securepubads.g.doubleclick.net
2	distie.shop	krugermp3.org distie.shop
1	v115323.pi6p.com	take.bestdealfor.buzz
1	take.bestdealfor.buzz	t06k1tb.faykitturn.live
1	www.facebook.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cascade.flanney.shop	1 redirects
1	www.googletagmanager.com	krugermp3.org
68	18

This site contains no links.

Subject Issuer	Validity	Valid
krugermp3.org Sectigo RSA Domain Validation Secure Server CA	`2023-12-29` - `2024-12-29`	a year	crt.sh
distie.shop GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
bestextrabonuses.life R3	`2024-03-15` - `2024-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
faykitturn.live R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
take.bestdealfor.buzz R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
v115323.pi6p.com R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7364822237716676673&pub=1314&pid=1314-24e31f9z&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0
Frame ID: 3AF5727883D839FF1608A6F17FA1C8A1
Requests: 54 HTTP requests in this frame

Frame: https://4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D3FC0DE6B1B158FD0A9072C7F198EC3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 948B9788D67450BEF3F0529DFC3855E1
Requests: 1 HTTP requests in this frame

Frame: https://4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F295938E8AAC3E253B802FA0CA9D7E35
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404230718000/amp4ads-v0.mjs
Frame ID: 8B495A750CEACE91B94F883795B194CE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

know also its and thing

Page URL History Show full URLs

https://krugermp3.org/cgi/202043/Finance/simplii Page URL
https://cascade.flanney.shop/help/?31211711689554 HTTP 302
https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3 Page URL
https://t06k1tb.faykitturn.live/addsukud/?u=bt1k60t&o=xqt63qn&t=cid%3A10835&cid=10835-14239-2024050320114115... Page URL
https://t06k1tb.faykitturn.live/web/?sid=t3~razqk5sgjiwcqnklatqfmtaf HTTP 302
https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid... Page URL
https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7364822237716676673&pub=1314&pid=1314-24... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

53 %
IPv6

16
Domains

18
Subdomains

17
IPs

4
Countries

1208 kB
Transfer

3374 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://krugermp3.org/cgi/202043/Finance/simplii Page URL
https://cascade.flanney.shop/help/?31211711689554 HTTP 302
https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3 Page URL
https://t06k1tb.faykitturn.live/addsukud/?u=bt1k60t&o=xqt63qn&t=cid%3A10835&cid=10835-14239-2024050320114115e3&f=1&sid=t3~razqk5sgjiwcqnklatqfmtaf&fp=fvs%2BusbRmSdTgn1g64LkEA%3D%3D Page URL
https://t06k1tb.faykitturn.live/web/?sid=t3~razqk5sgjiwcqnklatqfmtaf HTTP 302
https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid=ad040c09-aedf-424d-821c-fae23b5681b8&np=1 Page URL
https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7364822237716676673&pub=1314&pid=1314-24e31f9z&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://cascade.flanney.shop/help/?31211711689554 HTTP 302
https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3

Request Chain 68

https://t06k1tb.faykitturn.live/web/?sid=t3~razqk5sgjiwcqnklatqfmtaf HTTP 302
https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid=ad040c09-aedf-424d-821c-fae23b5681b8&np=1

68 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 simplii Show response
krugermp3.org/cgi/202043/Finance/ 183 KB
47 KB 1415ms
1047ms Document
text/html 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 96fdf1a3a3aa5e38bec51303a9a753775f4e13f5cdbfa89c65c84d1a7ef883ec

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 17:11:39 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://krugermp3.org/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f52_HTTP.404,f52_404,f52_URL.505875b789c9697ad7fc208559de52be,f52_
x-nginx-cache: WordPress
x-turbo-charged-by: LiteSpeed

GET
H3 200 custom.js Show response
distie.shop/ 21 KB
7 KB 90ms
40ms Script
application/javascript 172.67.156.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distie.shop/custom.js?query=31211711689554
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.156.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea930684c61249d1a3cb518669ebe6c7dd088c8d446c44cc1515182f21856bc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 05:17:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2582
etag: W/"65700401-55f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBbMvBuDh2dCMx1J%2Fs55RilHknbcNYiZDlmd0RRdNjaohx2j5r5zAJPdk9Dre6lxz58IeuMGrg4IjDzd9MeJNGKrVCysr764jCPe29l1IQ1aKKuZo8IqSWNLWBDBGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87e1df1cd9a23723-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
krugermp3.org/wp-includes/css/dist/block-library/ 111 KB
14 KB 183ms
181ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 03 Apr 2024 02:23:36 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14071
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 styles.css
krugermp3.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 186ms
185ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 07:57:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 890
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 everest-forms.css
krugermp3.org/wp-content/plugins/everest-forms/assets/css/ 42 KB
6 KB 184ms
183ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=2.0.8.1
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 14b63e98a22804e04589b5e9f3454ba45c4014138564f4d4cec141c3eafbc343

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 12 Mar 2024 16:11:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5630
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 style.css
krugermp3.org/wp-content/plugins/wp-next-post-navi/ 3 KB
875 B 185ms
184ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/plugins/wp-next-post-navi/style.css?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: d1fcd163425a3b8147b9df0d77e5d88ec86a561983976e13aaff6d819480ee93

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 20 Feb 2024 00:07:25 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 603
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 bootstrap.min.css
krugermp3.org/wp-content/themes/chromenews/assets/bootstrap/css/ 118 KB
18 KB 187ms
186ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/bootstrap/css/bootstrap.min.css?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0f3ec94f68fb58550f35a8dc0fdb09f0b431982e285a722cbde2ce1481e69759

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sun, 13 Feb 2022 08:18:46 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 18226
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 style.css
krugermp3.org/wp-content/themes/chromenews/ 434 KB
53 KB 359ms
358ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/style.css?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1a2105a18979da59a1bafe6d69e6b5f9427c117ec8dd1b305ac418b0d86386d8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Fri, 22 Mar 2024 18:24:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 53635
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 style.css
krugermp3.org/wp-content/themes/chromegrid/ 2 KB
1 KB 363ms
361ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromegrid/style.css?ver=1.0.0
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: fc2073eae405547d136f05a39d7da9fe28dcbb7d72a337eb0df62263c1b38620

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 21 Feb 2024 10:48:12 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1048
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 style.css
krugermp3.org/wp-content/themes/chromenews/assets/icons/ 5 KB
1 KB 364ms
363ms Stylesheet
text/css 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/icons/style.css?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0c1c6b0e27c7f82f208472f6183eb25b81a455df6b1942ec6937ff06c92e241a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 16 Jan 2024 17:04:14 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1070
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 86ms
33ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700&subset=latin,latin-ext

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e6d91d5b79e0de32427a51ec957d4bb428c0421d8f9bf3a20153e144e1d9840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 17:09:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 17:11:40 GMT

GET
H2 200 jquery.min.js Show response
krugermp3.org/wp-includes/js/jquery/ 86 KB
29 KB 365ms
364ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Tue, 29 Aug 2023 02:44:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 29744

GET
H2 200 jquery-migrate.min.js Show response
krugermp3.org/wp-includes/js/jquery/ 13 KB
5 KB 365ms
364ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Fri, 09 Jun 2023 15:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4678

GET
H2 200 tracker.js Show response
krugermp3.org/wp-content/plugins/wp-statistics/assets/js/ 9 KB
3 KB 367ms
366ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 811896b153311b98ac3a0c4674ac679e6551716b27b728dd3813157a08d6137e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Wed, 14 Feb 2024 00:32:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3215

GET
H2 200 jquery.cookie.js Show response
krugermp3.org/wp-content/themes/chromenews/assets/ 3 KB
1 KB 368ms
368ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/jquery.cookie.js?ver=6.5.2
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Fri, 24 Jun 2022 09:54:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1238

GET
H2 200 js
www.googletagmanager.com/gtag/ 298 KB
100 KB 90ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-NCGSBD4

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101544
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 May 2024 17:11:40 GMT

GET
H3 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 94 KB
29 KB 109ms
64ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30128
x-xss-protection: 0
server: cafe
etag: 298 / 19846 / m202404300101 / config-hash: 3690112664830982337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 17:11:40 GMT

GET
H2 200 FBC1C012-4826-4520-8ABF-BDC168A68A51-scaled-1.webp
krugermp3.org/wp-content/uploads/2023/06/ 10 KB
10 KB 533ms
532ms Image
image/webp 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krugermp3.org/wp-content/uploads/2023/06/FBC1C012-4826-4520-8ABF-BDC168A68A51-scaled-1.webp
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Wed, 21 Feb 2024 10:41:23 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10380
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 cheap-auto-insurance-scaled-1.jpg
krugermp3.org/wp-content/uploads/2022/12/ 10 KB
10 KB 533ms
533ms Image
image/jpeg 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krugermp3.org/wp-content/uploads/2022/12/cheap-auto-insurance-scaled-1.jpg
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Wed, 21 Feb 2024 10:39:45 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9959
expires: Fri, 10 May 2024 17:11:40 GMT

GET submit.js
krugermp3.org/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/ 0
0

GET
H2 200 index.js
krugermp3.org/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 184ms
182ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sat, 02 Mar 2024 10:53:38 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3228

GET
H2 200 index.js
krugermp3.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 185ms
183ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sat, 02 Mar 2024 10:53:38 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3919

GET
H2 200 toggle-script.js
krugermp3.org/wp-content/themes/chromenews/assets/ 2 KB
619 B 186ms
184ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/toggle-script.js?ver=1.0.0
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Fri, 24 Jun 2022 09:54:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 395

GET
H2 200 navigation.js
krugermp3.org/wp-content/themes/chromenews/js/ 3 KB
1 KB 186ms
185ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/js/navigation.js?ver=20151215
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sun, 13 Feb 2022 08:18:46 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 951

GET
H2 200 skip-link-focus-fix.js
krugermp3.org/wp-content/themes/chromenews/js/ 685 B
556 B 187ms
186ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/js/skip-link-focus-fix.js?ver=1.0.0
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sun, 13 Feb 2022 08:18:46 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 332

GET
H2 200 script.js
krugermp3.org/wp-content/themes/chromenews/assets/ 38 KB
4 KB 188ms
187ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/script.js?ver=1.0.0
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Fri, 12 May 2023 12:19:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4056

GET
H2 200 jquery.matchHeight.min.js
krugermp3.org/wp-content/themes/chromenews/assets/jquery-match-height/ 3 KB
1 KB 189ms
188ms Script
text/javascript 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=1.0.0
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-nginx-cache: WordPress
last-modified: Sun, 13 Feb 2022 08:18:46 GMT
server: LiteSpeed
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/javascript
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1264

GET
H3 200 / Show response
distie.shop/ 51 B
509 B 362ms
322ms Fetch
text/html 172.67.156.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distie.shop/?t=json
Requested by: Host: distie.shop
URL: https://distie.shop/custom.js?query=31211711689554
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.156.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.18
Resource Hash: bc6abc654690e2d7c5a3f3a2f52e30267328cbbda8ab8e3e74d1a76b5bece39c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.18
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiX9thZlwLERp7JObEqTb0LNqHwOVFYpBNB33N8ikSoHjGahikvmTMLUG%2BWlBHCktZcMzvbTaobY5GTQOgnEs3p%2BldMz7VarI1fHD2Je4Z3Ybsl65k9O4fH%2Fc49bAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 87e1df1d9c8d3ca7-CDG
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 85eea033-ed75-42f5-9af6-42e863af51fc
https://krugermp3.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://krugermp3.org/85eea033-ed75-42f5-9af6-42e863af51fc
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 94 KB
0 110ms
110ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30128
x-xss-protection: 0
server: cafe
etag: 298 / 19846 / m202404300101 / config-hash: 3690112664830982337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 17:11:40 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 218 KB
59 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 May 2024 17:11:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57846
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: T10MmZI9gCY3bZUVK3Yh7uN53ileD8dg5x0eg3uHPhhz3px6yQaX0JDJKRm+K5QBxIwIqub7ooJVeCP44enllQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd1795c7d8b38c15570fb6aa4c5299ccb2db3cb2cb94a64fe0dafe7e2cc57d1c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 26 KB
27 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://krugermp3.org
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 29 Apr 2024 20:44:48 GMT
x-content-type-options: nosniff
age: 332812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26620
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 20:44:48 GMT

GET
H2 200 aft-icons.ttf
krugermp3.org/wp-content/themes/chromenews/assets/icons/fonts/ 19 KB
19 KB 182ms
181ms Font
font/ttf 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://krugermp3.org/wp-content/themes/chromenews/assets/icons/fonts/aft-icons.ttf?e3nek0
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/wp-content/themes/chromenews/assets/icons/style.css?ver=6.5.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://krugermp3.org/wp-content/themes/chromenews/assets/icons/style.css?ver=6.5.2
Origin: https://krugermp3.org
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Fri, 22 Mar 2024 18:24:22 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: font/ttf
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 19272
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 95ms
43ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://krugermp3.org
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 29 Apr 2024 21:05:26 GMT
x-content-type-options: nosniff
age: 331574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 21:05:26 GMT

GET
H2 200 92zatBhPNqw73oDd4iYl.woff2
fonts.gstatic.com/s/jost/v15/ 10 KB
10 KB 110ms
58ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oDd4iYl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://krugermp3.org
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 08:27:55 GMT
x-content-type-options: nosniff
age: 290625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10156
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:43:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 08:27:55 GMT

GET
H2 200 What-Is-Hazard-Insurance-for-Homeowners3-scaled-1.webp
krugermp3.org/wp-content/uploads/2023/03/ 11 KB
11 KB 182ms
181ms Image
image/webp 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krugermp3.org/wp-content/uploads/2023/03/What-Is-Hazard-Insurance-for-Homeowners3-scaled-1.webp
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Wed, 21 Feb 2024 10:40:05 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10872
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 manual-virus-removal-300x225.jpg
krugermp3.org/wp-content/uploads/2024/01/ 16 KB
17 KB 182ms
182ms Image
image/jpeg 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krugermp3.org/wp-content/uploads/2024/01/manual-virus-removal-300x225.jpg
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Wed, 31 Jan 2024 14:32:03 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16648
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 beginner-SEO-success-300x225.jpg
krugermp3.org/wp-content/uploads/2024/01/ 19 KB
19 KB 183ms
183ms Image
image/jpeg 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krugermp3.org/wp-content/uploads/2024/01/beginner-SEO-success-300x225.jpg
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Wed, 31 Jan 2024 11:30:53 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 19192
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H2 200 WB23-scaled-1.jpg
krugermp3.org/wp-content/uploads/2023/05/ 12 KB
12 KB 185ms
184ms Image
image/jpeg 162.0.209.176
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krugermp3.org/wp-content/uploads/2023/05/WB23-scaled-1.jpg
Requested by: Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.176 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: business92-2.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
x-nginx-cache: WordPress
last-modified: Wed, 21 Feb 2024 10:40:41 GMT
server: LiteSpeed
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12356
expires: Fri, 10 May 2024 17:11:40 GMT

GET
H/1.1

200
OK

/ Show response
bestextrabonuses.life//
Redirect Chain

https://cascade.flanney.shop/help/?31211711689554
https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3

61 KB
62 KB

372ms
109ms

Document
text/html

185.155.186.32
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3
Requested by: Host: distie.shop
URL: https://distie.shop/custom.js?query=31211711689554
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.186.32 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software: nginx /
Resource Hash: a95559b7c9841129d87633211d05d56964cd9702f01471f1d0cea56f1767e37d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/cgi/202043/Finance/simplii
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 62694
Content-Type: text/html
Date: Fri, 03 May 2024 17:11:41 GMT
Server: nginx
cache-control: private

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 87e1df2008db694c-FRA
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 17:11:41 GMT
expires: Thu, 21 Jul 1977 07:30:00 GMT
last-modified: Fri, 03 May 2024 17:11:41 GMT
location: https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJSetpzBz3OM4AWywXyKmYRCEVaGfqeme%2FpATghglZ8RDDpw%2Bz9bJOgJL3YWSFBBWKaeeyUaYelvNdTYZXOgq8%2BcbbfHD8oZX%2BW4hd7QmMDzTvPdIwWAJODU0tOqkdSmwCViRBzKvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33

GET
H2 200 3342793022685079
connect.facebook.net/signals/config/ 56 KB
12 KB 150ms
150ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3342793022685079?v=2.9.155&r=stable&domain=krugermp3.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 May 2024 17:11:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=64, mss=1294, tbw=63309, tp=-1, tpl=-1, uplat=128, ullat=1
pragma: public
x-fb-debug: rdIN3KyRwU6V2WCei5klJtTnvXYrjmOUvsBcitDK3RGR1FXYjroiDv/Afz53vVILKljmkyATa/OVIig9B+3Kow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/ 452 KB
141 KB 22ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 10:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22561
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144216
x-xss-protection: 0
server: cafe
etag: 9149044719003253135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 May 2025 10:55:39 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 86ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K0YJVXE0HB&gtm=45Pe4510v9177427388za200&_p=1714756300613&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1673925666.1714756301&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1714756300&sct=1&seg=0&dl=https%3A%2F%2Fkrugermp3.org%2Fcgi%2F202043%2FFinance%2Fsimplii&dt=Page%20not%20found%20%E2%80%93%20Krugermp3&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1966
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-NCGSBD4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 May 2024 17:11:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krugermp3.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 114ms
67ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12350
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/gampad/ 61 KB
13 KB 667ms
628ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2250462522439093&correlator=2770340512660985&output=ldjh&gdfp_req=1&vrg=202404300101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23055235577%2CDISPLAY3A&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C336x280%7C300x250&fluid=height&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1714756300841&lmt=1714756300&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkrugermp3.org%2Fcgi%2F202043%2FFinance%2Fsimplii&vis=1&psz=1600x1421&msz=1600x250&fws=0&ohw=0&dlt=1714756300232&idt=592&adks=3710443251&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13761
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://krugermp3.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/gampad/ 35 KB
15 KB 387ms
348ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2250462522439093&correlator=2770340512660985&output=ldjh&gdfp_req=1&vrg=202404300101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23055235577%2CBOTTOM_ANCHOR1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=1&sc=1&abxe=1&dt=1714756300846&lmt=1714756300&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkrugermp3.org%2Fcgi%2F202043%2FFinance%2Fsimplii&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&dlt=1714756300232&idt=592&adks=1738994300&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15201
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://krugermp3.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D3F 0
0 121ms
31ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 17:11:40 GMT
expires: Sat, 03 May 2025 17:11:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/ 47 KB
15 KB 22ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 12:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17493
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15045
x-xss-protection: 0
server: cafe
etag: 17974295199248676343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 May 2025 12:20:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 69ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3342793022685079&ev=PageView&dl=https%3A%2F%2Fkrugermp3.org%2Fcgi%2F202043%2FFinance%2Fsimplii&rl=&if=false&ts=1714756300901&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1714756300901.1864312582&ler=empty&cdl=API_unavailable&it=1714756300742&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=2757, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 May 2024 17:11:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 126ms
69ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 17:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 May 2024 17:11:41 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 948B 0
0 73ms
23ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ranges: bytes
age: 31425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 08:27:56 GMT
expires: Sat, 03 May 2025 08:27:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F295 0
0 0ms
0ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 17:11:40 GMT
expires: Sat, 03 May 2025 17:11:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404230718000/ Frame 8B49 196 KB
56 KB 111ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404230718000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 08:07:56 GMT
age: 291825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56196
x-xss-protection: 0
server: sffe
etag: "7bea3e8347065cd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 08:07:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404230718000/v0/ Frame 8B49 15 KB
5 KB 145ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404230718000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 19:10:05 GMT
age: 338496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5221
x-xss-protection: 0
server: sffe
etag: "30969918670d7a5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Apr 2025 19:10:05 GMT

GET
H2 200 amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404230718000/v0/ Frame 8B49 95 KB
28 KB 154ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404230718000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 19:10:05 GMT
age: 338496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29067
x-xss-protection: 0
server: sffe
etag: "6dc8fca3f78bd516"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Apr 2025 19:10:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404230718000/v0/ Frame 8B49 5 KB
2 KB 153ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404230718000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 08:10:39 GMT
age: 291662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f9133a509bef80fb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Apr 2025 08:10:39 GMT

GET
H2 200 amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404230718000/v0/ Frame 8B49 40 KB
13 KB 147ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404230718000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 19:10:05 GMT
age: 338496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "a98cc7549d2a36eb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Apr 2025 19:10:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B49 18 KB
2 KB 35ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 17:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 17:05:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 17:11:41 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17858462851418629047/ Frame 8B49 52 KB
52 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17858462851418629047/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

expires: Sat, 03 May 2025 16:39:57 GMT
date: Fri, 03 May 2024 16:39:57 GMT
x-content-type-options: nosniff
age: 1904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52746
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 10:14:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 8B49 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8B49 2 KB
2 KB 71ms
24ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 07:53:36 GMT
x-content-type-options: nosniff
server: cafe
age: 33485
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 May 2024 07:53:36 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8B49 295 B
319 B 69ms
22ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 02 May 2024 23:33:02 GMT
x-content-type-options: nosniff
server: cafe
age: 63519
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 03 May 2024 23:33:02 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ Frame 8B49 33 KB
34 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://krugermp3.org
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 07:48:12 GMT
x-content-type-options: nosniff
age: 293009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 23:36:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:48:12 GMT

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8B49 2 KB
0 0ms
0ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Fri, 03 May 2024 07:53:36 GMT
x-content-type-options: nosniff
server: cafe
age: 33485
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 May 2024 07:53:36 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8B49 295 B
0 1ms
1ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: krugermp3.org
URL: https://krugermp3.org/cgi/202043/Finance/simplii

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://krugermp3.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Thu, 02 May 2024 23:33:02 GMT
x-content-type-options: nosniff
server: cafe
age: 63519
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 03 May 2024 23:33:02 GMT

GET
H/1.1 204
No Content favicon.ico
bestextrabonuses.life/ 0
132 B 33ms
33ms Other
text/plain 185.155.186.32
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://bestextrabonuses.life/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.186.32 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Fri, 03 May 2024 17:11:41 GMT
Cache-Control: no-transform
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK /
t06k1tb.faykitturn.live/addsukud/ 1 KB
2 KB 197ms
110ms Document
text/html 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://t06k1tb.faykitturn.live/addsukud/?u=bt1k60t&o=xqt63qn&t=cid%3A10835&cid=10835-14239-2024050320114115e3&f=1&sid=t3~razqk5sgjiwcqnklatqfmtaf&fp=fvs%2BusbRmSdTgn1g64LkEA%3D%3D
Requested by: Host: bestextrabonuses.life
URL: https://bestextrabonuses.life//?u=bt1k60t&o=xqt63qn&t=cid:10835&cid=10835-14239-2024050320114115e3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bestextrabonuses.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 1398
Content-Type: text/html
Date: Fri, 03 May 2024 17:11:42 GMT
Server: openresty
cache-control: private

GET
H2

200

/ Show response
take.bestdealfor.buzz/
Redirect Chain

https://t06k1tb.faykitturn.live/web/?sid=t3~razqk5sgjiwcqnklatqfmtaf
https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid=ad040c09-aedf-424d-821c-fae23b5681b8&np=1

7 KB
2 KB

422ms
139ms

Document
text/html

108.178.23.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid=ad040c09-aedf-424d-821c-fae23b5681b8&np=1

Requested by

Host: t06k1tb.faykitturn.live
URL: https://t06k1tb.faykitturn.live/addsukud/?u=bt1k60t&o=xqt63qn&t=cid%3A10835&cid=10835-14239-2024050320114115e3&f=1&sid=t3~razqk5sgjiwcqnklatqfmtaf&fp=fvs%2BusbRmSdTgn1g64LkEA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.178.23.118 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

ba01c1efe6d03786539d104f86b79ca11895eb44a37e2a3e6d5e712ce38f068f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://t06k1tb.faykitturn.live/addsukud/?u=bt1k60t&o=xqt63qn&t=cid%3A10835&cid=10835-14239-2024050320114115e3&f=1&sid=t3~razqk5sgjiwcqnklatqfmtaf&fp=fvs%2BusbRmSdTgn1g64LkEA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc: h3=":443"; ma=604800; persist=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 17:11:42 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 277
Content-Type: text/html; charset=utf-8
Date: Fri, 03 May 2024 17:11:42 GMT
Server: openresty
location: https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid=ad040c09-aedf-424d-821c-fae23b5681b8&np=1
referrer-policy: no-referrer

GET
H/1.1 302
Found Primary Request go.php Show response
v115323.pi6p.com/ 162 KB
163 KB 427ms
329ms Document
text/html 162.55.4.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://v115323.pi6p.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7364822237716676673&pub=1314&pid=1314-24e31f9z&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0

Requested by

Host: take.bestdealfor.buzz
URL: https://take.bestdealfor.buzz/?utm_medium=328f04fbc911d0ef90a27bee3b65bc74311fdc8b&utm_campaign=newmob&cid=ad040c09-aedf-424d-821c-fae23b5681b8&np=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

162.55.4.52 Mammelzen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.52.4.55.162.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

6c40ee96005dad73d4534320d41e700578cc3274b882dfd83741f6a710a93204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://take.bestdealfor.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 May 2024 17:11:43 GMT
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: krugermp3.org
URL: https://krugermp3.org/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1703863182

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krugermp3.org/	1970-01-21 05:55:16	Name: _ga_K0YJVXE0HB Value: GS1.1.1714756300.1.0.1714756300.0.0.0
.krugermp3.org/	1970-01-21 05:55:16	Name: _ga Value: GA1.1.1673925666.1714756301
.krugermp3.org/	1970-01-20 22:28:52	Name: _fbp Value: fb.1.1714756300901.1864312582
.cascade.flanney.shop/	1970-01-20 21:03:54	Name: 00831 Value: %7B%22streams%22%3A%7B%2214239%22%3A1714756301%7D%2C%22campaigns%22%3A%7B%2210835%22%3A1714756301%7D%2C%22time%22%3A1714756301%7D
.krugermp3.org/	1970-01-21 00:38:28	Name: __eoi Value: ID=5f03e22e6dda6604:T=1714756300:RT=1714756300:S=AA-AfjbNjloW_LPk3UKPSaggyOmr
bestextrabonuses.life/	1969-12-31 23:59:59	Name: sid Value: t3~razqk5sgjiwcqnklatqfmtaf
bestextrabonuses.life/	1969-12-31 23:59:59	Name: p1 Value: https://faykitturn.live/addsukud/
bestextrabonuses.life/	1969-12-31 23:59:59	Name: s1 Value: yh26dlvbtawg0zmu

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://krugermp3.org/cgi/202043/Finance/simplii Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://connect.facebook.net/signals/config/3342793022685079?v=2.9.155&r=stable&domain=krugermp3.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f031e6df867701a1499e9880e781192.safeframe.googlesyndication.com
bestextrabonuses.life
cascade.flanney.shop
cdn.ampproject.org
connect.facebook.net
distie.shop
fonts.googleapis.com
fonts.gstatic.com
krugermp3.org
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
t06k1tb.faykitturn.live
take.bestdealfor.buzz
tpc.googlesyndication.com
v115323.pi6p.com
www.facebook.com
www.googletagmanager.com
krugermp3.org
108.178.23.118
142.250.185.130
162.0.209.176
162.55.4.52
172.67.156.59
185.155.184.55
185.155.186.32
188.114.97.3
2001:4860:4802:34::36
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2001
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
0c1c6b0e27c7f82f208472f6183eb25b81a455df6b1942ec6937ff06c92e241a
0f3ec94f68fb58550f35a8dc0fdb09f0b431982e285a722cbde2ce1481e69759
14b63e98a22804e04589b5e9f3454ba45c4014138564f4d4cec141c3eafbc343
1a2105a18979da59a1bafe6d69e6b5f9427c117ec8dd1b305ac418b0d86386d8
4e6d91d5b79e0de32427a51ec957d4bb428c0421d8f9bf3a20153e144e1d9840
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7
6c40ee96005dad73d4534320d41e700578cc3274b882dfd83741f6a710a93204
811896b153311b98ac3a0c4674ac679e6551716b27b728dd3813157a08d6137e
96fdf1a3a3aa5e38bec51303a9a753775f4e13f5cdbfa89c65c84d1a7ef883ec
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a95559b7c9841129d87633211d05d56964cd9702f01471f1d0cea56f1767e37d
ba01c1efe6d03786539d104f86b79ca11895eb44a37e2a3e6d5e712ce38f068f
bc6abc654690e2d7c5a3f3a2f52e30267328cbbda8ab8e3e74d1a76b5bece39c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd1795c7d8b38c15570fb6aa4c5299ccb2db3cb2cb94a64fe0dafe7e2cc57d1c
d1fcd163425a3b8147b9df0d77e5d88ec86a561983976e13aaff6d819480ee93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc2073eae405547d136f05a39d7da9fe28dcbb7d72a337eb0df62263c1b38620
fea930684c61249d1a3cb518669ebe6c7dd088c8d446c44cc1515182f21856bc

v115323.pi6p.com Open in urlscan Pro 162.55.4.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

53 %IPv6

16 Domains

18 Subdomains

17 IPs

4 Countries

1208 kBTransfer

3374 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

v115323.pi6p.com Open in urlscan Pro
162.55.4.52 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

53 %
IPv6

16
Domains

18
Subdomains

17
IPs

4
Countries

1208 kB
Transfer

3374 kB
Size

8
Cookies

68 HTTP transactions
2 data transactions