URL: https://attention-8304654536637110.cf/
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 28 IPs in 3 countries across 25 domains to perform 77 HTTP transactions. The main IP is 190.92.189.155, located in United States and belongs to A2HOSTING, US. The main domain is attention-8304654536637110.cf.
TLS certificate: Issued by R3 on November 18th 2022. Valid for: 3 months.
This is the only time attention-8304654536637110.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 190.92.189.155 55293 (A2HOSTING)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.186.249.72 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 52.73.201.133 14618 (AMAZON-AES)
1 151.101.194.137 54113 (FASTLY)
2 162.247.241.2 23467 (NEWRELIC-...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.136.157 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a04:4e42:600... 54113 (FASTLY)
1 54.81.151.51 14618 (AMAZON-AES)
1 151.101.1.140 54113 (FASTLY)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
1 2a03:2880:f11... 32934 (FACEBOOK)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
77 28
Apex Domain
Subdomains
Transfer
17 nc-img.com
static.nc-img.com — Cisco Umbrella Rank: 150942
483 KB
14 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
183 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
114 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1662
35 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5922
692 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
3 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4753
www.google.com — Cisco Umbrella Rank: 2
985 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
12 KB
2 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1781
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 attention-8304654536637110.cf
attention-8304654536637110.cf
341 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 690
314 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
185 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 528
725 B
1 t.co
t.co — Cisco Umbrella Rank: 475
377 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1504
157 B
1 quora.com
q.quora.com — Cisco Umbrella Rank: 2962
419 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1398
8 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 603
15 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 334
16 KB
1 loggly.com
logs-01.loggly.com — Cisco Umbrella Rank: 9324
1 engagement.ai
cdn.engagement.ai — Cisco Umbrella Rank: 262300
chat.engagement.ai Failed
1 KB
1 impactradius-event.com
d.impactradius-event.com — Cisco Umbrella Rank: 2770
13 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 976
45 KB
77 25
Domain Requested by
17 static.nc-img.com attention-8304654536637110.cf
static.nc-img.com
14 www.googletagmanager.com attention-8304654536637110.cf
www.googletagmanager.com
6 cdn.cookielaw.org attention-8304654536637110.cf
4 script.crazyegg.com attention-8304654536637110.cf
script.crazyegg.com
4 www.google.de attention-8304654536637110.cf
3 bat.bing.com attention-8304654536637110.cf
3 www.google.com attention-8304654536637110.cf
2 googleads.g.doubleclick.net attention-8304654536637110.cf
2 bam-cell.nr-data.net attention-8304654536637110.cf
2 stats.g.doubleclick.net www.googletagmanager.com
attention-8304654536637110.cf
2 www.google-analytics.com www.googletagmanager.com
attention-8304654536637110.cf
2 attention-8304654536637110.cf attention-8304654536637110.cf
1 geolocation.onetrust.com attention-8304654536637110.cf
1 www.facebook.com
1 analytics.twitter.com
1 t.co
1 alb.reddit.com
1 q.quora.com
1 www.redditstatic.com attention-8304654536637110.cf
1 connect.facebook.net attention-8304654536637110.cf
1 static.ads-twitter.com attention-8304654536637110.cf
1 js-agent.newrelic.com attention-8304654536637110.cf
1 logs-01.loggly.com attention-8304654536637110.cf
1 cdn.engagement.ai attention-8304654536637110.cf
1 d.impactradius-event.com attention-8304654536637110.cf
1 region1.analytics.google.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
0 chat.engagement.ai Failed attention-8304654536637110.cf
77 28
Subject Issuer Validity Valid
attention-8304654536637110.cf
R3
2022-11-18 -
2023-02-16
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-23 -
2023-07-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
www.google.de
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.impactradius-event.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-10 -
2023-01-06
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.c3po.team
Amazon
2022-08-07 -
2023-09-05
a year crt.sh
logs-01.loggly.com
Starfield Secure Certificate Authority - G2
2022-03-23 -
2023-04-24
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2022-09-03 -
2023-03-03
6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-08-27 -
2022-11-25
3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-05-15
6 months crt.sh
*.quora.com
R3
2022-11-13 -
2023-02-11
3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-05-14
6 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh

This page contains 2 frames:

Primary Page: https://attention-8304654536637110.cf/
Frame ID: CC34B10001CD32CE2D98F88FCCA15796
Requests: 80 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0043/5670/site/attention-8304654536637110.cf.json?t=1
Frame ID: 70BEE5D01DAFC8BA55659D3470640797
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Buy a domain name - Register cheap domain names from $0.99 - Namecheap

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • d\.impactradius-event\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

77
Requests

99 %
HTTPS

63 %
IPv6

25
Domains

28
Subdomains

28
IPs

3
Countries

1298 kB
Transfer

3585 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
attention-8304654536637110.cf/
338 KB
341 KB
Document
General
Full URL
https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.92.189.155 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.heker.com
Software
Apache /
Resource Hash
bab81d41a29d90d3d40ac4e2af066373bc2f0caed7332890a474a2d7ce9c8311
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 18 Nov 2022 13:14:24 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/
470 KB
112 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-544JFM
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c532ec7c5e22f7d8d4f4efbc1a5821dce20b7e7f804bb837fb038eddefd03383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114225
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 13:14:25 GMT
optimize.js
www.googleoptimize.com/
118 KB
45 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WZ7KK93
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-544JFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2dcadfc245c3ebca3935a2f35efa443aaeba80e7fc46d14846610e8d307485e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45932
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 13:14:25 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-544JFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 11:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7111
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 13:15:54 GMT
js
www.googletagmanager.com/gtag/
200 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7DMJMG20P8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-544JFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18f7309d4b9022bc339dd50fc7015ead66a0966019b2a36ec00e95e560d90cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72482
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 13:14:25 GMT
museo-sans-300-webfont.96dd56ebb50aa0150f6630360d8d69cf.woff2
static.nc-img.com/pp/nc-ui-globalenv/
20 KB
20 KB
Font
General
Full URL
https://static.nc-img.com/pp/nc-ui-globalenv/museo-sans-300-webfont.96dd56ebb50aa0150f6630360d8d69cf.woff2
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93467f75842330c3502fc0268a7a62151f3744221ca7ffa6dc5057dac4a64cee

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 11:52:30 GMT
server
cloudflare
etag
"63206efe-5170"
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
76c0f8155ee4bb89-FRA
content-length
20848
museo-sans-500-webfont.5d9883d92e2eaa724e4e6beb0ef6728a.woff2
static.nc-img.com/pp/nc-ui-globalenv/
20 KB
21 KB
Font
General
Full URL
https://static.nc-img.com/pp/nc-ui-globalenv/museo-sans-500-webfont.5d9883d92e2eaa724e4e6beb0ef6728a.woff2
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0749dc1deb3275e1846a462c0dcb83df2b5fec30112eacdf5530fa51e3160f

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 11:52:30 GMT
server
cloudflare
etag
"63206efe-51b8"
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
76c0f8155eeabb89-FRA
content-length
20920
museo-sans-700-webfont.b125dc012841fa8a23b98c37499ca5e8.woff2
static.nc-img.com/pp/nc-ui-globalenv/
18 KB
18 KB
Font
General
Full URL
https://static.nc-img.com/pp/nc-ui-globalenv/museo-sans-700-webfont.b125dc012841fa8a23b98c37499ca5e8.woff2
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177c4f2826cbc2cc24a9d8018e6c9848ed73178a76fd3aabe99b44ee9458514c

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 11:52:30 GMT
server
cloudflare
etag
"63206efe-46d0"
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
76c0f8155eecbb89-FRA
content-length
18128
mainLite.d9d203ec0e2a6c8546b58debe510db6a.css
static.nc-img.com/pp/nc-ui-globalenv/
79 KB
9 KB
Stylesheet
General
Full URL
https://static.nc-img.com/pp/nc-ui-globalenv/mainLite.d9d203ec0e2a6c8546b58debe510db6a.css
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cbb8836de1432c76eec02d6ef797f5f3919162cb1e7ce0e285d6bfe2d4983c9

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 11:52:30 GMT
server
cloudflare
etag
W/"63206efe-13c62"
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f8155ee1bb89-FRA
app.e9cbf8720790fdcdf586.css
static.nc-img.com/uilayout2/
36 KB
6 KB
Stylesheet
General
Full URL
https://static.nc-img.com/uilayout2/app.e9cbf8720790fdcdf586.css
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec3b6a2f4a969f031a4ab29115bda1626fb603121ba04a5eb7f0d35fd91e9b5

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Aug 2022 14:20:25 GMT
server
cloudflare
etag
W/"630f6e29-8e27"
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f8155ee2bb89-FRA
app.b4a938d6ed850df85251.js
static.nc-img.com/uilayout2/
294 KB
92 KB
Script
General
Full URL
https://static.nc-img.com/uilayout2/app.b4a938d6ed850df85251.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dced66f2421ac79565d5012d3c0900a0a7eae3c388b8f386940c0a12ea323ab9

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Aug 2022 14:20:30 GMT
server
cloudflare
etag
W/"630f6e2e-49875"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f8155ee8bb89-FRA
index.7b395bb7.css
static.nc-img.com/pp/home-page/client/assets/styles/
46 KB
8 KB
Stylesheet
General
Full URL
https://static.nc-img.com/pp/home-page/client/assets/styles/index.7b395bb7.css
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca693180414738890b117d4921301f568d393ef7e5a5fb951c4d2674b557db03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Dec 2021 11:02:08 GMT
server
cloudflare
age
25679902
etag
W/"61b9cb30-b6ea"
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f81559f590d6-FRA
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
621ee038a4db1e4a1ea7cf5450320ca77e63f9edc1c451edb56a9a5934c1e05a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1529692301&t=pageview&_s=1&dl=https%3A%2F%2Fattention-8304654536637110.cf%2F&ul=en-us&de=UTF-8&dt=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=0v79hQXUR6i0IP_FO4eTSQ.&_u=YGBACEABRAAAACgEK~&jid=1559533843&gjid=1012093303&cid=508996096.1668777266&uid=&tid=UA-69192-32&_gid=41409325.1668777266&_r=1&gtm=2wgb90544JFM&cd1=Unknown&cd2=&cd3=&cd6=2022-11-18T13%3A14%3A25.347%2B00%3A00&cd7=1668777265348.bigarodi&cd8=%2F&cd9=291ab5e67228c020ca82e2f6228a5c84875f38bb8dd7a09710831bf8f487bccd&cd13=142f485445b8781a9eca5495035c3afa0a8835c82775ed39a323376f33969a9d&cd14=&cd4=508996096.1668777266&cd10=508996096.1668777266&cd17=pageview&z=1514033185
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://attention-8304654536637110.cf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://attention-8304654536637110.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
356 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7DMJMG20P8&gtm=2oeb90&_p=1529692301&_gaz=1&cid=508996096.1668777266&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668777265&sct=1&seg=0&dl=https%3A%2F%2Fattention-8304654536637110.cf%2F&dt=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&en=page_view&_fv=2&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true&ep.userId=&ep.provider=291ab5e67228c020ca82e2f6228a5c84875f38bb8dd7a09710831bf8f487bccd&ep.timestamp=2022-11-18T13%3A14%3A25.346%2B00%3A00&ep.sessionId=1668777265346.dhlxh6e&up.userId=&up.cid=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7DMJMG20P8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://attention-8304654536637110.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7DMJMG20P8&cid=508996096.1668777266&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7DMJMG20P8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://attention-8304654536637110.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAIA&h=Ag&tc=17&dl=attention-8304654536637110.cf%2F&tdp=G-7DMJMG20P8;72047880;1;2;0&z=0
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/
0
15 B
Image
General
Full URL
https://www.googletagmanager.com/td?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAIA&h=Ag&tc=17&dl=attention-8304654536637110.cf%2F&tdp=G-7DMJMG20P8;72047880;1;2;0&z=0
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAIA&h=Ag&tc=17&tr=1ogtcrossdomain.1ogtreferralexclusion.1ogtsessiontimeout.1ogtipmark.1ogtipmark.1ogtipmark.1ogtipmark.1ogtipmark.1ogtipmark.1setproductsettings.1ogtgooglesignals.1ogteventcreate.1ccdconversionmarking.1ccdempageview.1ccdemsitesearch.1ccdgaregscope&ti=2ogtcrossdomain.2ogtreferralexclusion.2ogtsessiontimeout.2ogtipmark.2ogtipmark.2ogtipmark.2ogtipmark.2ogtipmark.2ogtipmark.2setproductsettings.2ogtgooglesignals.2ogteventcreate.2ccdconversionmarking.2ccdempageview.2ccdemsitesearch.2ccdgaregscope&z=0
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=*&eid=1&u=AAAAAAAAAAAAAAAAAIA&h=Ag&tc=17&z=0
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7DMJMG20P8&cid=508996096.1668777266&gtm=2oeb90&aip=1&z=1879355484
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=gtm.js&eid=2&u=AAAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&tr=1gct&epr=1G.2G&ti=1gct&z=0
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&e=gtm.init&eid=0&u=AAAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&tr=5ogtcrossdomain.5ogtreferralexclusion.5ogtsessiontimeout.5ogtipmark.5ogtipmark.5ogtipmark.5ogtipmark.5ogtipmark.5ogtipmark.5setproductsettings.5ogtgooglesignals.5ogteventcreate.5ccdconversionmarking.5ccdempageview.5ccdemsitesearch.5ccdgaregscope&ti=2ogtcrossdomain.2ogtreferralexclusion.2ogtsessiontimeout.2ogtipmark.2ogtipmark.2ogtipmark.2ogtipmark.2ogtipmark.2ogtipmark.2setproductsettings.2ogtgooglesignals.2ogteventcreate.2ccdconversionmarking.2ccdempageview.2ccdemsitesearch.2ccdgaregscope&z=0
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
A399624-ff72-45a8-a0cf-ef5b35995f131.js
d.impactradius-event.com/
42 KB
13 KB
Script
General
Full URL
https://d.impactradius-event.com/A399624-ff72-45a8-a0cf-ef5b35995f131.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
573bfaeebc3190c4e7962d487a321a3bde6f7cca3494e93b450efa489e092038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:10:09 GMT
content-encoding
gzip
age
256
x-guploader-uploadid
ADPycdvIw0SiJcOwSiS4Mt_n6Zz7cFwfOaXiue1w-MY7al10fsKT6uArTJTnGbgNhkzfKu5zLWvdGQhcxdZSX1SA0KhKmw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13129
last-modified
Wed, 20 Jul 2022 16:27:32 GMT
server
UploadServer
etag
"fda23d4233caa53029a86d8c1d35fc1b"
vary
Accept-Encoding
x-goog-generation
1658334452529208
x-goog-hash
crc32c=Pvxucw==, md5=/aI9QjPKpTApqG2MHTX8Gw==
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13129
accept-ranges
bytes
expires
Fri, 18 Nov 2022 13:15:09 GMT
5670.js
script.crazyegg.com/pages/scripts/0043/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0043/5670.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4e8c2d57f23bca0b9ab7556d19277d458521782202788c76463050a29b0a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
gzip
cf-cache-status
HIT
age
66985
cf-polished
origSize=6088
ce-version
11.4.40
cf-bgj
minify
last-modified
Thu, 17 Nov 2022 18:38:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
76c0f815d81bbb97-FRA
collect
stats.g.doubleclick.net/j/
4 B
451 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-69192-32&cid=508996096.1668777266&jid=1559533843&gjid=1012093303&_gid=41409325.1668777266&_u=YGBACEAARAAAACgEK~&z=1677723913
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://attention-8304654536637110.cf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Nov 2022 13:14:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://attention-8304654536637110.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
34735a65a0c63bd007fa4c32f67dab4c.svg
static.nc-img.com/uilayout2/
34 KB
26 KB
Image
General
Full URL
https://static.nc-img.com/uilayout2/34735a65a0c63bd007fa4c32f67dab4c.svg
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34311dfae964eb6e93b632ce3d73fecadf341a6e4bbbc7abfc75801dfe2d58b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Feb 2022 10:42:52 GMT
server
cloudflare
age
22818563
etag
W/"621b55ac-8980"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f815eb5790d6-FRA
hero-decor-img.06dcfaf8204e4cc4aa57944471a7f167.svg
static.nc-img.com/pp/cms/home-reskinned-alternate/images/
47 KB
11 KB
Image
General
Full URL
https://static.nc-img.com/pp/cms/home-reskinned-alternate/images/hero-decor-img.06dcfaf8204e4cc4aa57944471a7f167.svg
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b153e3509e8de1c52db5e3492831ca1a0b841f4ae86f0b699d9fda049ccc457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 04:11:03 GMT
server
cloudflare
age
3142860
etag
W/"63478fd7-bbed"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f815eb6090d6-FRA
hero-animation-placeholder.345cbb9c7c07f9981e008971b9e8b65d.svg
static.nc-img.com/pp/cms/home-reskinned-alternate/images/
16 KB
4 KB
Image
General
Full URL
https://static.nc-img.com/pp/cms/home-reskinned-alternate/images/hero-animation-placeholder.345cbb9c7c07f9981e008971b9e8b65d.svg
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04052a4c95da89d4dbfa4ae57098ffc6107ae95e891913c649a37e6b262cdbf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 06:08:21 GMT
server
cloudflare
age
25679902
etag
W/"61ef93d5-41dd"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f815eb6490d6-FRA
attention-8304654536637110.cf.json
script.crazyegg.com/pages/data-scripts/0043/5670/site/ Frame 70BE
14 KB
3 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0043/5670/site/attention-8304654536637110.cf.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0043/5670.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c082e060fb5ef970a66f3eb8e08d6e78bd55e0c2d5b2256938d3e2fe57abfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 18 Nov 2022 13:14:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.4.40
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76c0f8166dc1690d-FRA
content-length
2444
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69192-32&cid=508996096.1668777266&jid=1559533843&_u=YGBACEAARAAAACgEK~&z=597327095
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69192-32&cid=508996096.1668777266&jid=1559533843&_u=YGBACEAARAAAACgEK~&z=597327095
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors_5feae52b1e038b28d546.js
static.nc-img.com/uilayout2/libs/
355 KB
102 KB
Script
General
Full URL
https://static.nc-img.com/uilayout2/libs/vendors_5feae52b1e038b28d546.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0484ee0068a9101782242608a4d6b514d54e349d4bfd4a04ea867fbe6c46b3c

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Aug 2022 14:20:25 GMT
server
cloudflare
etag
W/"630f6e29-58c23"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f816a99bbb89-FRA
gb-icon-font.7c4d55ac808077a72e2414d4709b6095.woff2
static.nc-img.com/pp/nc-ui-globalenv/
23 KB
23 KB
Font
General
Full URL
https://static.nc-img.com/pp/nc-ui-globalenv/gb-icon-font.7c4d55ac808077a72e2414d4709b6095.woff2
Requested by
Host: static.nc-img.com
URL: https://static.nc-img.com/pp/nc-ui-globalenv/mainLite.d9d203ec0e2a6c8546b58debe510db6a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fbb988e97f8e8d890b55ef883e7cac1a23baf35cbaf8e53cb18b0715bc1ba5

Request headers

Referer
https://static.nc-img.com/pp/nc-ui-globalenv/mainLite.d9d203ec0e2a6c8546b58debe510db6a.css
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 11:52:30 GMT
server
cloudflare
etag
"63206efe-5d90"
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
76c0f816b9d0bb89-FRA
content-length
23952
secondary.c1bba11efcc932b4e856.js
static.nc-img.com/pp/home-page/client/
427 KB
90 KB
Script
General
Full URL
https://static.nc-img.com/pp/home-page/client/secondary.c1bba11efcc932b4e856.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0044ffb8c1d54b612ed6ae64f5261d6480854e0c3550f5fe5527e45bbff33d2

Request headers

Referer
https://attention-8304654536637110.cf/
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 27 Apr 2022 12:18:47 GMT
server
cloudflare
etag
W/"626934a7-6ab15"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f8172ae8bb89-FRA
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75d912d55ed3d2e3dabac3a1d43965c088d774cb48ffed3e82ff529a08c7bf2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
b09bde70a3dc86bf3272330f81cd8fb7.png
static.nc-img.com/api/fragment/uilayout2/
13 KB
14 KB
Image
General
Full URL
https://static.nc-img.com/api/fragment/uilayout2/b09bde70a3dc86bf3272330f81cd8fb7.png
Requested by
Host: static.nc-img.com
URL: https://static.nc-img.com/uilayout2/app.e9cbf8720790fdcdf586.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970b9acc47e2a6658424ac8cd127f2c4d62bc8e23bc43c4e2f3b53f9861bc8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.nc-img.com/uilayout2/app.e9cbf8720790fdcdf586.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
cf-cache-status
HIT
last-modified
Sun, 27 Feb 2022 11:36:53 GMT
server
cloudflare
age
22722815
etag
"621b6255-359c"
vary
Origin, Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
76c0f8174e8990d6-FRA
content-length
13724
museo-sans-300-italic-webfont.1ec5d6b46fb910b7438691a06f535727.woff2
static.nc-img.com/pp/nc-ui-globalenv/
23 KB
23 KB
Font
General
Full URL
https://static.nc-img.com/pp/nc-ui-globalenv/museo-sans-300-italic-webfont.1ec5d6b46fb910b7438691a06f535727.woff2
Requested by
Host: static.nc-img.com
URL: https://static.nc-img.com/pp/nc-ui-globalenv/mainLite.d9d203ec0e2a6c8546b58debe510db6a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ade34e775f3e1ad5250788fb41e395d83926300e5c97d5424316c29434b54b

Request headers

Referer
https://static.nc-img.com/pp/nc-ui-globalenv/mainLite.d9d203ec0e2a6c8546b58debe510db6a.css
Origin
https://attention-8304654536637110.cf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:26 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Sep 2022 11:52:30 GMT
server
cloudflare
etag
"63206efe-5ca8"
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
76c0f8174b4dbb89-FRA
content-length
23720
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d20d607ea7c505bb4ff456c57eb4b605599349bf3a6407a06e2a1b5eb6ff699

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
chatLoader.v3.js
cdn.engagement.ai/production/static/js/loader/
2 KB
1 KB
Script
General
Full URL
https://cdn.engagement.ai/production/static/js/loader/chatLoader.v3.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:bc00:9:f769:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
356c916fb002d314a7370ce1872f248c54eeed5081397045fb740c65a81d285b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:00:34 GMT
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 18:00:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
69239
etag
W/"2f04497c46e62d90bbbdc5a8d46033b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,public
x-amz-cf-id
k_buKrQKtq1NiF5v_0ghh_wWoGTteHkPcp8gzLDPgpthrAhCULGZmw==
dcc9a1fbfa71e970c45301eb49f6db43.js
script.crazyegg.com/pages/versioned/common-scripts/
88 KB
29 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86101207df129391876782752e5f1bbe09da6b1468fb91f12901fedf4f0885a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 10:37:18 GMT
server
cloudflare
age
66991
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76c0f8176b5bbb97-FRA
content-length
29947
discover
chat.engagement.ai/api/v2/widget/
0
0

1*1.gif
logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/
0
0
Image
General
Full URL
https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?ver=U55&acid=A399624-ff72-45a8-a0cf-ef5b35995f131&type=UTT&msg=No%20campaign%20for%20landing%20page%3A%20https%3A%2F%2Fattention-8304654536637110.cf%2F&event=identify()%20exit&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.201.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-201-133.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

attention-8304654536637110.cf.json
script.crazyegg.com/pages/data-scripts/0043/5670/sampling/ Frame 70BE
813 B
410 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0043/5670/sampling/attention-8304654536637110.cf.json?t=463549
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/dcc9a1fbfa71e970c45301eb49f6db43.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4cd0156af0178024b71b2585c6d1bc26dd05ba402c3dd5574e561fc7b8ba451

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 18 Nov 2022 13:14:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.4.40
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76c0f817b892690d-FRA
content-length
301
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caf8b4759c92821bd3f33e6c313ced4777b82e64613678e137719afbf0ac8720

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
hedgy.905e7df6.json
static.nc-img.com/pp/home-page/client/assets/animations/
124 KB
14 KB
Fetch
General
Full URL
https://static.nc-img.com/pp/home-page/client/assets/animations/hedgy.905e7df6.json
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d958a4bc579e70f75af2e5a13c14ad03f4fda3f72f89b8ef85c005e49278f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Apr 2022 12:18:47 GMT
server
cloudflare
etag
W/"626934a7-1ef28"
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f81c7f9ebb89-FRA
promo-card.c67c499a3540cb12834b2f3beb13d4af.svg
static.nc-img.com/pp/cms/home-reskinned-alternate/images/
1 KB
594 B
Image
General
Full URL
https://static.nc-img.com/pp/cms/home-reskinned-alternate/images/promo-card.c67c499a3540cb12834b2f3beb13d4af.svg
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672fcbd12dbf9186dd254ac0554653445fd758f68a187095a618da47c6dc8d3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 06:08:21 GMT
server
cloudflare
age
25679430
etag
W/"61ef93d5-43a"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
76c0f81c8a0990d6-FRA
SessionHandler.ashx
attention-8304654536637110.cf/cart/ajax/
315 B
391 B
Fetch
General
Full URL
https://attention-8304654536637110.cf/cart/ajax/SessionHandler.ashx
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.92.189.155 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
server.heker.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

pragma
no-cache
tracestate
729718@nr=0-1-2572021-532697052-0ca87f275b5b1ff9----1668777266976
traceparent
00-61ba174e5d8a55324f30ecc982f10ac0-0ca87f275b5b1ff9-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI1NzIwMjEiLCJhcCI6IjUzMjY5NzA1MiIsImlkIjoiMGNhODdmMjc1YjViMWZmOSIsInRyIjoiNjFiYTE3NGU1ZDhhNTUzMjRmMzBlY2M5ODJmMTBhYzAiLCJ0aSI6MTY2ODc3NzI2Njk3NiwidGsiOiI3Mjk3MTgifX0=
x-ncpl-rcsrf
a4715e657f61485da60ee92e2067bb68
cache-control
no-cache
Referer
https://attention-8304654536637110.cf/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
date
Fri, 18 Nov 2022 13:14:27 GMT
x-content-type-options
nosniff
server
Apache
content-length
315
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
nr-spa-1210.min.js
js-agent.newrelic.com/
41 KB
16 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 13:14:27 GMT
x-amz-request-id
1V3KMEYBZKEJJ14B
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15563
x-amz-id-2
OvL7Jg6i5ulyvs+MykwoY58sU0HOsSfcOm277KOezXQf+JwXS9OAY5Q2ujYuuf9MmucqNQuqjqw=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 22 Jun 2021 22:47:08 GMT
server
AmazonS3
x-timer
S1668777267.001016,VS0,VE0
etag
"d5eff122d09ab2c851fb1780f0287cbf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
319
NRJS-cf3d03e8590870dd0ff
bam-cell.nr-data.net/1/
49 B
949 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/NRJS-cf3d03e8590870dd0ff?a=532697052&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=2677&ck=1&ref=https://attention-8304654536637110.cf/&be=1112&fe=2649&dc=2281&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668777264335,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:33,%22c%22:33,%22s%22:182,%22ce%22:344,%22rq%22:344,%22rp%22:797,%22rpe%22:1400,%22dl%22:805,%22di%22:1516,%22ds%22:2281,%22de%22:2283,%22dc%22:2648,%22l%22:2648,%22le%22:2649%7D,%22navigation%22:%7B%7D%7D&fp=1413&fcp=1413&jsonp=NREUM.setToken
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 13:14:27 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K2n6sqGHVZ9dHFdUMLR8cM63QOoXFCm20r4bZsd7hKNYIKm%2Ff74y%2FkWxIWsiUJUh7vbxlAcJWAtfQtgzjy9iSaId138Vd3qPL3%2FnbM9%2FGu1nLSwnavmh%2F5fiWgVL2vQieYqRF2k"}],"group":"cf-nel","max_age":604800}
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
76c0f81efafb9119-FRA
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=gtm.load&eid=20&u=AgAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:27 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
NRJS-cf3d03e8590870dd0ff
bam-cell.nr-data.net/events/1/
24 B
755 B
XHR
General
Full URL
https://bam-cell.nr-data.net/events/1/NRJS-cf3d03e8590870dd0ff?a=532697052&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=3249&ck=1&ref=https://attention-8304654536637110.cf/
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://attention-8304654536637110.cf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

Date
Fri, 18 Nov 2022 13:14:27 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://attention-8304654536637110.cf
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB7Q62ijZBK0gunm%2FGf%2BH%2BU8dbBbPe4YZEHJRPqgQwwyuyRTdJkAkx1Gf82R1Wfi%2FNSfHmaVBV74l85EEjyY0I0tp%2B7Zi1qshZajYAS5XAvIlQnP%2BJyyqI5s2kDX99Tw5U%2BEomL0"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
76c0f82269b89119-FRA
Content-Length
24
bat.js
bat.bing.com/
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 18 Nov 2022 13:14:28 GMT
last-modified
Wed, 09 Nov 2022 21:23:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C5BE0DDF6A0460FB81098B204B5C30A Ref B: FRAEDGE1720 Ref C: 2022-11-18T13:14:28Z
etag
"077538f81f4d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11430
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:28 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-hhn11563-HHN
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/934751624/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934751624/?random=1668777268491&cv=11&fst=1668777268491&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fattention-8304654536637110.cf%2F&tiba=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&auid=674759854.1668777265&uaw=0&rfmt=3&fmt=4
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e46765638850a443c4c98c58a4f7df9bf6513e4b6ad00c4d0b5eeceb8b6a2c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
897
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019575149/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019575149/?random=1668777268494&cv=11&fst=1668777268494&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fattention-8304654536637110.cf%2F&tiba=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&auid=674759854.1668777265&uaw=0&rfmt=3&fmt=4
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15fa875d6b40e3660ac84b0912eb557663d78a4061d7692a644842e72da1435a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
900
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbds.js
connect.facebook.net/en_US/
4 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93874f983cee09ec7f31d625f579b9312e194fc04577443a874c049a0000b05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 13:14:28 GMT
content-md5
BSx2rl/PlFbZLk1KJa20pA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2165
x-fb-rlafr
0
x-fb-debug
kCp/rWX7OjSmUu1VkbnRjwD0hpgIhSkHRcHH72z464pYZzA9yLiK8wjYYw/UCpJFRlX/T6Ddlw2wSF7czPmnCQ==
x-fb-trip-id
917726464
x-fb-content-md5
8d87d93633bd3787bd6f3c91c78f3f7b
cross-origin-opener-policy
same-origin-allow-popups
etag
"c473a5a771632c0ae0e7e690e8d77f58"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 18 Nov 2022 13:33:26 GMT
pixel.js
www.redditstatic.com/ads/
25 KB
8 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 07 Nov 2022 16:45:46 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"3528fd00b652f61a266eb584d96f4fcc"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7722
pixel
q.quora.com/_/ad/4c16f555c46346f69b10fdbaeafa6b7b/
43 B
419 B
Image
General
Full URL
https://q.quora.com/_/ad/4c16f555c46346f69b10fdbaeafa6b7b/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fattention-8304654536637110.cf%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.151.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-151-51.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 13:14:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,de6e93d39d1d180d47689d6ae4fedddf,10.0.0.249,36506,37.58.57.3,,78577188610,1,1668777268.832,0.002,,.,0,0,0.004,0.004,-,0,0,197,334,167,10,35796,,,,,,-,
Content-Type
image/gif
rp.gif
alb.reddit.com/
42 B
157 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1668777268533&id=t2_2rhi1pdt&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8ea3d70b-7b10-4ceb-84d0-42f3ff4d439d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:28 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
adsct
t.co/1/i/
43 B
377 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=8c8b02c5-0164-417e-b2aa-36779352a098&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=858f712f-8883-411a-b24c-136c225b21cb&tw_document_href=https%3A%2F%2Fattention-8304654536637110.cf%2F&tw_iframe_status=0&txn_id=nv8s8&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
116
date
Fri, 18 Nov 2022 13:14:28 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d9f16cf8e624c951
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
0a0c835ef1d87cfbc17ca1b0a4ffc234db07ee21e78af5ba82322e5e7395294c
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
725 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=8c8b02c5-0164-417e-b2aa-36779352a098&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=858f712f-8883-411a-b24c-136c225b21cb&tw_document_href=https%3A%2F%2Fattention-8304654536637110.cf%2F&tw_iframe_status=0&txn_id=nv8s8&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
111
date
Fri, 18 Nov 2022 13:14:28 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
7fa21d8cfec25ba7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
b7d333c4281bccd9426b49b8c0b50a0c8b29b2ce51458f783b58aabc66c8cb87
content-length
43
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1420159808240413&ev=PixelInitialized&dl=https%3A%2F%2Fattention-8304654536637110.cf%2F&rl=&if=false&ts=1668777268579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 18 Nov 2022 13:14:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
5220469.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/5220469.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 18 Nov 2022 13:14:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B9955DEEF0E64247A0D5ADA30D9E022B Ref B: FRAEDGE1720 Ref C: 2022-11-18T13:14:28Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
174 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5220469&tm=gtm002&Ver=2&mid=96ca70ad-ddd6-499d-9df9-ebafd23d13c6&sid=ee896690674211edb37349208587ff8c&vid=ee897630674211edbd3ff77e19542ca7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&p=https%3A%2F%2Fattention-8304654536637110.cf%2F&r=&lt=2649&evt=pageLoad&sv=1&rn=91378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 18 Nov 2022 13:14:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 32041C6BF7AC48628288A511AEC16F71 Ref B: FRAEDGE1720 Ref C: 2022-11-18T13:14:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/934751624/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/934751624/?random=1668777268491&cv=11&fst=1668776400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fattention-8304654536637110.cf%2F&tiba=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&fmt=3&is_vtc=1&random=3654591323&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/934751624/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/934751624/?random=1668777268491&cv=11&fst=1668776400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fattention-8304654536637110.cf%2F&tiba=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&fmt=3&is_vtc=1&random=3654591323&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1019575149/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1019575149/?random=1668777268494&cv=11&fst=1668776400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fattention-8304654536637110.cf%2F&tiba=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&fmt=3&is_vtc=1&random=3936688143&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1019575149/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1019575149/?random=1668777268494&cv=11&fst=1668776400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fattention-8304654536637110.cf%2F&tiba=Buy%20a%20domain%20name%20-%20Register%20cheap%20domain%20names%20from%20%240.99%20-%20Namecheap&fmt=3&is_vtc=1&random=3936688143&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 13:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HNx4bdEmRgn5g09KulPi7w==
age
49922
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Wed, 16 Nov 2022 03:30:08 GMT
server
cloudflare
etag
0x8DAC782DC96F3AF
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a6a8bb9a-001e-017b-7619-faf503000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76c0f82b4b4a9bdd-FRA
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=gtm.mktg_timer&eid=21&u=AgAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:29 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
b1960cb7-b316-4c11-b5de-7b632670221f.json
cdn.cookielaw.org/consent/b1960cb7-b316-4c11-b5de-7b632670221f/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/b1960cb7-b316-4c11-b5de-7b632670221f/b1960cb7-b316-4c11-b5de-7b632670221f.json
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81d9905600b3e7161b811df82b185da458367049c3c5db544f1d57206bf1ee15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
HezBJ4tv1R8+UnRPUyhWTA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1471
x-ms-lease-status
unlocked
last-modified
Wed, 20 Apr 2022 10:34:28 GMT
server
cloudflare
etag
0x8DA22B9594C8F5E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
21db7e31-901e-00bd-434f-fbce6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76c0f82b9e519ba6-FRA
expires
Sat, 19 Nov 2022 13:14:29 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
76 B
314 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751e95dfdb17c61920e29decb3f17a1d2b9e38e71b7f1f86261459239427a2e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://attention-8304654536637110.cf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
76c0f82c29a05c50-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.24.0/
317 KB
76 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
V5hcbF1dEgrls6P2M61C9g==
age
49904
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
77260
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:37 GMT
server
cloudflare
etag
0x8D983BB67EEBDFE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84b3820c-c01e-0129-6edf-11e8f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76c0f82c6dbf9bdd-FRA
en.json
cdn.cookielaw.org/consent/b1960cb7-b316-4c11-b5de-7b632670221f/5898b248-804d-4f12-a6eb-dfa86a80669e/
124 KB
22 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/b1960cb7-b316-4c11-b5de-7b632670221f/5898b248-804d-4f12-a6eb-dfa86a80669e/en.json
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd014f204fb51fda38bfb000a0303df890290b835d8c96ce32beb01785ff31da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
KTRnPxMZrzjasPj9QUHzEA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
21962
x-ms-lease-status
unlocked
last-modified
Wed, 20 Apr 2022 10:34:31 GMT
server
cloudflare
etag
0x8DA22B95B03C6CC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
26f6a25e-401e-00fb-344f-fb10fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76c0f82c987a9ba6-FRA
expires
Sat, 19 Nov 2022 13:14:29 GMT
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.24.0/assets/
10 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFloatingFlat.json
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 13:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
9rK3Ikd9KsAnky96tLlwvw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2675
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:28 GMT
server
cloudflare
etag
0x8D983BB62C7DDA4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4f9a4253-001e-0116-634f-fb5f2d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76c0f82f0d6e9ba6-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.24.0/assets/
20 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css
Requested by
Host: attention-8304654536637110.cf
URL: https://attention-8304654536637110.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 13:14:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
Ye6OeZcNyuFoWog7CYs00A==
x-ms-lease-status
unlocked
last-modified
Thu, 30 Sep 2021 02:38:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
35b48a10-e01e-0171-514f-fbec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
76c0f82f1d749ba6-FRA
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=*&eid=22&u=AgAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:29 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=*&eid=23&u=AgAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:29 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=*&eid=24&u=AgAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:30 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=G-7DMJMG20P8&cv=14&v=3&t=t&pid=1580507890&rv=b90&es=1&e=*&eid=25&u=AgAAAAAIAAAAACAAAIA&ut=Ag&h=Ag&tc=17&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://attention-8304654536637110.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:14:30 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
chat.engagement.ai
URL
https://chat.engagement.ai/api/v2/widget/discover

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| userAllowedScripsProcessor object| actionsTracker object| entryTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| NREUM object| newrelic function| __nr_require object| nc_mainLite object| core object| __core-js_shared__ object| nc_scriptLoader object| ncScriptLoader object| google_optimize object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask string| ire_o function| ire string| CE_SNAPSHOT_NAME boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| __PRODUCT_PLATFORM_HP_CLIENT_CONFIG__ object| Base64 object| __PRODUCT_PLATFORM_HP_CLIENT_SHARED_ENTITIES__ string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| ImpactRadiusEvent object| irEvent function| isValidHostname function| isSessionSupported object| CE2BH function| CE_URL_FINGERPRINT object| webpackChunkCE2 object| regeneratorRuntime function| vendors_5feae52b1e038b28d546 number| __mobxInstanceCount object| __mobxGlobals object| nc_uilayout2 function| twq object| GooglebQhCsO string| qp object| _fbq function| rdt object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| twttr function| UET function| UET_init function| UET_push object| ueto_e554b8051a object| uetq object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

18 Cookies

Domain/Path Name / Value
.attention-8304654536637110.cf/ Name: _gcl_au
Value: 1.1.674759854.1668777265
.attention-8304654536637110.cf/ Name: _gid
Value: GA1.2.41409325.1668777266
.attention-8304654536637110.cf/ Name: _gat_UA-69192-32
Value: 1
.attention-8304654536637110.cf/ Name: _ga_7DMJMG20P8
Value: GS1.1.1668777265.1.0.1668777265.60.0.0
.attention-8304654536637110.cf/ Name: _ga
Value: GA1.1.508996096.1668777266
.attention-8304654536637110.cf/ Name: cebs
Value: 1
.attention-8304654536637110.cf/ Name: _ce.s
Value: v~15e59902d7a11b8f842924a982268d82e427a9a9~vpv~0
.nr-data.net/ Name: JSESSIONID
Value: 9624767d824c2db8
.attention-8304654536637110.cf/ Name: _rdt_uuid
Value: 1668777268532.8ea3d70b-7b10-4ceb-84d0-42f3ff4d439d
.bing.com/ Name: MUID
Value: 0C0C4BC329656590330559A3286564F5
.attention-8304654536637110.cf/ Name: _uetsid
Value: ee896690674211edb37349208587ff8c
.attention-8304654536637110.cf/ Name: _uetvid
Value: ee897630674211edbd3ff77e19542ca7
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.twitter.com/ Name: guest_id_marketing
Value: v1%3A166877726860952824
.twitter.com/ Name: guest_id_ads
Value: v1%3A166877726860952824
.twitter.com/ Name: personalization_id
Value: "v1_DTk/C2PGRr0b/VJpNoTsIw=="
.twitter.com/ Name: guest_id
Value: v1%3A166877726860952824
.t.co/ Name: muc_ads
Value: a04028d8-58b1-444b-9c0f-25e6f8ee0780

3 Console Messages

Source Level URL
Text
javascript error URL: https://attention-8304654536637110.cf/
Message:
Access to XMLHttpRequest at 'https://chat.engagement.ai/api/v2/widget/discover' from origin 'https://attention-8304654536637110.cf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://chat.engagement.ai/api/v2/widget/discover
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://attention-8304654536637110.cf/cart/ajax/SessionHandler.ashx
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.twitter.com
attention-8304654536637110.cf
bam-cell.nr-data.net
bat.bing.com
cdn.cookielaw.org
cdn.engagement.ai
chat.engagement.ai
connect.facebook.net
d.impactradius-event.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
logs-01.loggly.com
q.quora.com
region1.analytics.google.com
script.crazyegg.com
static.ads-twitter.com
static.nc-img.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.redditstatic.com
chat.engagement.ai
104.244.42.131
104.244.42.133
151.101.1.140
151.101.194.137
162.247.241.2
190.92.189.155
199.232.136.157
2001:4860:4802:34::36
2600:9000:2057:bc00:9:f769:84c0:93a1
2606:4700::6810:9440
2606:4700::6811:b734
2606:4700::6812:1a55
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::396
35.186.249.72
52.73.201.133
54.81.151.51
04052a4c95da89d4dbfa4ae57098ffc6107ae95e891913c649a37e6b262cdbf8
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cbb8836de1432c76eec02d6ef797f5f3919162cb1e7ce0e285d6bfe2d4983c9
15fa875d6b40e3660ac84b0912eb557663d78a4061d7692a644842e72da1435a
177c4f2826cbc2cc24a9d8018e6c9848ed73178a76fd3aabe99b44ee9458514c
18f7309d4b9022bc339dd50fc7015ead66a0966019b2a36ec00e95e560d90cd4
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2dcadfc245c3ebca3935a2f35efa443aaeba80e7fc46d14846610e8d307485e3
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
31d958a4bc579e70f75af2e5a13c14ad03f4fda3f72f89b8ef85c005e49278f2
34311dfae964eb6e93b632ce3d73fecadf341a6e4bbbc7abfc75801dfe2d58b9
356c916fb002d314a7370ce1872f248c54eeed5081397045fb740c65a81d285b
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573bfaeebc3190c4e7962d487a321a3bde6f7cca3494e93b450efa489e092038
621ee038a4db1e4a1ea7cf5450320ca77e63f9edc1c451edb56a9a5934c1e05a
672fcbd12dbf9186dd254ac0554653445fd758f68a187095a618da47c6dc8d3a
751e95dfdb17c61920e29decb3f17a1d2b9e38e71b7f1f86261459239427a2e7
75d912d55ed3d2e3dabac3a1d43965c088d774cb48ffed3e82ff529a08c7bf2c
81d9905600b3e7161b811df82b185da458367049c3c5db544f1d57206bf1ee15
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fbb988e97f8e8d890b55ef883e7cac1a23baf35cbaf8e53cb18b0715bc1ba5
86101207df129391876782752e5f1bbe09da6b1468fb91f12901fedf4f0885a6
8b153e3509e8de1c52db5e3492831ca1a0b841f4ae86f0b699d9fda049ccc457
8d20d607ea7c505bb4ff456c57eb4b605599349bf3a6407a06e2a1b5eb6ff699
93467f75842330c3502fc0268a7a62151f3744221ca7ffa6dc5057dac4a64cee
93874f983cee09ec7f31d625f579b9312e194fc04577443a874c049a0000b05c
970b9acc47e2a6658424ac8cd127f2c4d62bc8e23bc43c4e2f3b53f9861bc8d6
9c0749dc1deb3275e1846a462c0dcb83df2b5fec30112eacdf5530fa51e3160f
aa4e8c2d57f23bca0b9ab7556d19277d458521782202788c76463050a29b0a6c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4cd0156af0178024b71b2585c6d1bc26dd05ba402c3dd5574e561fc7b8ba451
bab81d41a29d90d3d40ac4e2af066373bc2f0caed7332890a474a2d7ce9c8311
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c0484ee0068a9101782242608a4d6b514d54e349d4bfd4a04ea867fbe6c46b3c
c4c082e060fb5ef970a66f3eb8e08d6e78bd55e0c2d5b2256938d3e2fe57abfb
c532ec7c5e22f7d8d4f4efbc1a5821dce20b7e7f804bb837fb038eddefd03383
ca693180414738890b117d4921301f568d393ef7e5a5fb951c4d2674b557db03
caf8b4759c92821bd3f33e6c313ced4777b82e64613678e137719afbf0ac8720
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dced66f2421ac79565d5012d3c0900a0a7eae3c388b8f386940c0a12ea323ab9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0044ffb8c1d54b612ed6ae64f5261d6480854e0c3550f5fe5527e45bbff33d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46765638850a443c4c98c58a4f7df9bf6513e4b6ad00c4d0b5eeceb8b6a2c88
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ade34e775f3e1ad5250788fb41e395d83926300e5c97d5424316c29434b54b
fd014f204fb51fda38bfb000a0303df890290b835d8c96ce32beb01785ff31da
fec3b6a2f4a969f031a4ab29115bda1626fb603121ba04a5eb7f0d35fd91e9b5