lintoq.com Open in urlscan Pro
2606:4700:3034::6815:370  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfcbTsPsumB3mMRzxj2jNpyArvYQXultMyDnsS5TzhbXArwxbB-z5Iyd78aPeYtfweJsw9J HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfVAdC4xrIfRahBKLtay3NWhwRNnbJTiishgHJuttwUD66GEwk2zpIMXtfkPmmRYfQoXC4l&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-804321801%3A1695159924248198&theme=glif

Request Chain 18

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhcWcZIWDrW3JAsFJkZlkL4ST8u8NtIomeoOsR595jwzNZS1uLy7gwEylZwFGUJaHMxlbt6Fuw HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdw_a_560EEyUrktc6DSINEJIlj_Ik9EdNoWrp7sTtoBE82Z4lMfYFnVqXbYcqkWsEgRrApqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962675966%3A1695159924418306&theme=glif

Request Chain 45

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhf2kknzCzb2vkZaSPP8yCztz9SkFnKPYsshZTQaZVt_y7KJg52n_xCQT6LL7g5KujLNyDudqw HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdu3_HcpslpwRq7t1IOZ0y0CnW3eP8eWIBYbwATADAF1IKwKOpzq-ICqcnqSPDrcsY6aKowuA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1828896015%3A1695159924626902&theme=glif

Request Chain 49

• https://rtbrenab.com/banner/in/show/?mid=5375686697189540358&pid=0&site=22249&sc=DE&usage_type=DCH&subid=1750013967&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=lintoq.com&hostname=auc-banner-hz-10&site_id=0&spot_id=22249&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&pop_winurl=&ip=2001:ac8:20:3a00:1012:7ee9:f1c5:4375&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=269&skin_test=&verify_hash=&score=0.21529389410365019&ml=&tag_ab=b&v2=0&ttl=&space_id=1499&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D22249%26source%3D1750013967%26idzone%3D0%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D22249%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DView%252CLinks%252CLinToq%252CLintoq%252Cpaste%252Cearn%252Cpaste%252Cn%252Cearn%252Clink%252Cprotection%252Credirection%252Csecure%252Ckeep%252Clinks%252Cshorter%252Csocial%252Cnetwork%252CURL%252Cshare%252Cweb%252CCAPTCHA%252Cpassword%252Credirector%252Chidden%252Chide%252Cprotect%252C%252CLink-Split%252CProtect%252Cyour%252CMultiple%252Clinks%252Cby%252Chiding%252Cthem%252Cand%252Cshorten%252Cthe%252Curl%252CLinks%252Ccan%252Cbe%252Cprotected%252Cby%252Cpassword%252Cand%252Ccaptcha%2C%26spot_id%3D22249%26p%3Dhttps%253A%252F%252Flintoq.com%252Fview%252FYgPPT0rDtN%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D0.21529389410365019%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=View%2CLinks%2CLinToq%2CLintoq%2Cpaste%2Cearn%2Cpaste%2Cn%2Cearn%2Clink%2Cprotection%2Credirection%2Csecure%2Ckeep%2Clinks%2Cshorter%2Csocial%2Cnetwork%2CURL%2Cshare%2Cweb%2CCAPTCHA%2Cpassword%2Credirector%2Chidden%2Chide%2Cprotect%2C%2CLink-Split%2CProtect%2Cyour%2CMultiple%2Clinks%2Cby%2Chiding%2Cthem%2Cand%2Cshorten%2Cthe%2Curl%2CLinks%2Ccan%2Cbe%2Cprotected%2Cby%2Cpassword%2Cand%2Ccaptcha,&stratagem=&ssp=3758&refresh=1&priority=0&bb=0.0001&label_ids=&site_id64=0&container=ClickadillaTuple&original_bid_usd=0 HTTP 302
• https://btds.zog.link/in/912/?sid=22249&source=1750013967&idzone=0&w=300&h=250&mo=&ve=&site_id=22249&utm1=&utm2=&utm3=&utm4=&ad_tags=View%2CLinks%2CLinToq%2CLintoq%2Cpaste%2Cearn%2Cpaste%2Cn%2Cearn%2Clink%2Cprotection%2Credirection%2Csecure%2Ckeep%2Clinks%2Cshorter%2Csocial%2Cnetwork%2CURL%2Cshare%2Cweb%2CCAPTCHA%2Cpassword%2Credirector%2Chidden%2Chide%2Cprotect%2C%2CLink-Split%2CProtect%2Cyour%2CMultiple%2Clinks%2Cby%2Chiding%2Cthem%2Cand%2Cshorten%2Cthe%2Curl%2CLinks%2Ccan%2Cbe%2Cprotected%2Cby%2Cpassword%2Cand%2Ccaptcha,&spot_id=22249&p=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=0.21529389410365019&bf=0.0001 HTTP 302
• https://runative-syndicate.com/iframes2/264f9b86ab7e42e89dc44866327f8f86.html?subid=1750013967

Request Chain 51

• https://vdyflgjcyxnf.unicornpride123.com/l.php?p=c:m423ywjaaaibb9iy8&d=60d1da025ca790363d1288cb&s={adspot_id}&b={creative_id}&bid={cost}&pid={click_id}&cmp={campaign_id}&keyword={keywords} HTTP 302
• https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1

Request Chain 66

• https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MCwic3BhY2VpZCI6MCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlZpZXclMkNMaW5rcyUyQ0xpblRvcSUyQ0xpbnRvcSUyQ3Bhc3RlJTJDZWFybiUyQ3Bhc3RlJTJDbiUyQ2Vhcm4lMkNsaW5rJTJDcHJvdGVjdGlvbiUyQ3JlZGlyZWN0aW9uJTJDc2VjdXJlJTJDa2VlcCUyQ2xpbmtzJTJDc2hvcnRlciUyQ3NvY2lhbCUyQ25ldHdvcmslMkNVUkwlMkNzaGFyZSUyQ3dlYiUyQ0NBUFRDSEElMkNwYXNzd29yZCUyQ3JlZGlyZWN0b3IlMkNoaWRkZW4lMkNoaWRlJTJDcHJvdGVjdCUyQyUyQ0xpbmstU3BsaXQlMkNQcm90ZWN0JTJDeW91ciUyQ011bHRpcGxlJTJDbGlua3MlMkNieSUyQ2hpZGluZyUyQ3RoZW0lMkNhbmQlMkNzaG9ydGVuJTJDdGhlJTJDdXJsJTJDTGlua3MlMkNjYW4lMkNiZSUyQ3Byb3RlY3RlZCUyQ2J5JTJDcGFzc3dvcmQlMkNhbmQlMkNjYXB0Y2hhLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjUxNjAxNjg3MyIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEyMTA1LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEyMTA1IiwiY2F0IjpbIklBQjI0Il0sInBhZ2UiOiJodHRwczovL2xpbnRvcS5jb20vdmlldy9ZZ1BQVDByRHROIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjJiNGRjZjM3OGY1YzYwNTViZDY3YjA1YzM0ZmExMDUzIiwiZnAiOm51bGwsImZwX3N0ciI6IiIsInVhX2RhdGEiOnsiYXJjaGl0ZWN0dXJlIjoiIiwiYml0bmVzcyI6IiIsImJyYW5kcyI6W10sImZ1bGxWZXJzaW9uTGlzdCI6W10sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiIiLCJwbGF0Zm9ybVZlcnNpb24iOiIiLCJ1YUZ1bGxWZXJzaW9uIjoiIiwid293NjQiOmZhbHNlfX0sImV4dCI6eyJkdCI6MTY5NTE1OTkyNzUwMH19 HTTP 302
• https://rtbrenab.com/banner/in/show/?mid=4080263265386708468&pid=0&site=12105&sc=DE&usage_type=DCH&subid=516016873&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=lintoq.com&hostname=auc-banner-hz-3&site_id=0&spot_id=12105&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&pop_winurl=&ip=2001:ac8:20:3a00:1012:7ee9:f1c5:4375&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=1&ml=&tag_ab=b&v2=0&ttl=&space_id=0&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D12105%26source%3D516016873%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D12105%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DView%252CLinks%252CLinToq%252CLintoq%252Cpaste%252Cearn%252Cpaste%252Cn%252Cearn%252Clink%252Cprotection%252Credirection%252Csecure%252Ckeep%252Clinks%252Cshorter%252Csocial%252Cnetwork%252CURL%252Cshare%252Cweb%252CCAPTCHA%252Cpassword%252Credirector%252Chidden%252Chide%252Cprotect%252C%252CLink-Split%252CProtect%252Cyour%252CMultiple%252Clinks%252Cby%252Chiding%252Cthem%252Cand%252Cshorten%252Cthe%252Curl%252CLinks%252Ccan%252Cbe%252Cprotected%252Cby%252Cpassword%252Cand%252Ccaptcha%2C%26spot_id%3D12105%26p%3Dhttps%253A%252F%252Flintoq.com%252Fview%252FYgPPT0rDtN%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D1%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=View%2CLinks%2CLinToq%2CLintoq%2Cpaste%2Cearn%2Cpaste%2Cn%2Cearn%2Clink%2Cprotection%2Credirection%2Csecure%2Ckeep%2Clinks%2Cshorter%2Csocial%2Cnetwork%2CURL%2Cshare%2Cweb%2CCAPTCHA%2Cpassword%2Credirector%2Chidden%2Chide%2Cprotect%2C%2CLink-Split%2CProtect%2Cyour%2CMultiple%2Clinks%2Cby%2Chiding%2Cthem%2Cand%2Cshorten%2Cthe%2Curl%2CLinks%2Ccan%2Cbe%2Cprotected%2Cby%2Cpassword%2Cand%2Ccaptcha,&stratagem=&ssp=3972&refresh=1&priority=0&bb=0.0001&label_ids=&site_id64=0&container=ClickadillaTuple&original_bid_usd=0 HTTP 302
• https://btds.zog.link/in/912/?sid=12105&source=516016873&idzone=0&w=1&h=1&mo=&ve=&site_id=12105&utm1=&utm2=&utm3=&utm4=&ad_tags=View%2CLinks%2CLinToq%2CLintoq%2Cpaste%2Cearn%2Cpaste%2Cn%2Cearn%2Clink%2Cprotection%2Credirection%2Csecure%2Ckeep%2Clinks%2Cshorter%2Csocial%2Cnetwork%2CURL%2Cshare%2Cweb%2CCAPTCHA%2Cpassword%2Credirector%2Chidden%2Chide%2Cprotect%2C%2CLink-Split%2CProtect%2Cyour%2CMultiple%2Clinks%2Cby%2Chiding%2Cthem%2Cand%2Cshorten%2Cthe%2Curl%2CLinks%2Ccan%2Cbe%2Cprotected%2Cby%2Cpassword%2Cand%2Ccaptcha,&spot_id=12105&p=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&btype=0&score=1&bf=0.0001 HTTP 302
• https://cdn.1vag.com/1x1.png

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request YgPPT0rDtN Show response lintoq.com/view/	72 KB 24 KB	127ms 83ms	Document text/html	2606:4700:3034::6815:370 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:370 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a36a162c798c92062d86569d62813b471669fd10da929444a6ea7964b50e334 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 809503ef6cda03a6-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 21:45:23 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNLuXuo%2FTE4HPt0jZ9zTtf1IIvKfc5Ut78T1BMJzqKF2%2FPRQ3BH2cV6qVYfZB2Gth23gKhpeQXkajs9RAtSXHd%2Bomik0TVIGWiCITXp3Q7GIX0IFVPM2rL5hllXnrArk%2B0m1xuum1M7h"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	37ms 16ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700 Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 21:45:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 21:09:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 21:45:23 GMT
GET H2	200	main.css lintoq.com/style/	145 KB 27 KB	52ms 52ms	Stylesheet text/css	2606:4700:3034::6815:370 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lintoq.com/style/main.css Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:370 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21a47f42eb70dc3d8aca751cb232f9bc8579a2e62af7cd18f917014ad59d9342 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/view/YgPPT0rDtN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=149620 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Tue, 29 Dec 2020 16:33:45 GMT server cloudflare etag W/"24874-5feb5a69-2b995a;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJPKjcU5Tlo91yg2Uy%2FGr2ckxCJE9NQdvG595Yv6yBjhOqWwsvCdA89OJCl1bSFyudOtSitURqKELYIojMA7%2BFLuYFu9KHradSalbGVYQF03jZ7u1de3r3AM5Vh5tlEGwUb5Df0E6gZ8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 809503effd9603a6-FRA expires Tue, 05 Sep 2023 23:08:55 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	237 KB 83 KB	46ms 23ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QJYJ47YMD2 Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ac0c75c5b96e8a14b54c6656b74fb326d2a649ea15c229a14e084b4ed33a1822 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84975 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 19 Sep 2023 21:45:23 GMT
GET H2	200	/ Show response d1of5w8unlzqtg.cloudfront.net/	164 KB 54 KB	240ms 172ms	Script text/plain	2600:9000:20e1:d800:4:4c90:e100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1of5w8unlzqtg.cloudfront.net/?uwfod=918682 Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e1:d800:4:4c90:e100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 93e5e901a1f9f308761557a2509386877adb152a212935a084088b56418c14c7 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:23 GMT content-encoding gzip via 1.1 95e72d567a2ee997c0e6618089b105c6.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 54827 x-amz-cf-id P-chOAAXFHouLw33Y4bvrCWKQ68ZXaMGS8FBe7QVRGbrE29rrqkBHQ==
GET H/1.1	403 Forbidden	e189edbf5ee241971cc18677894125c5.js deplorablefaintest.com/e1/89/ed/	0 0	949ms 96ms	Script application/javascript	192.243.61.225 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://deplorablefaintest.com/e1/89/ed/e189edbf5ee241971cc18677894125c5.js Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 21:45:24 GMT Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	gsjCM7l.png i.imgur.com/	91 KB 91 KB	25ms 8ms	Image image/png	146.75.116.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/gsjCM7l.png Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2bc9507d1c31a8ba11034df4c34b5e6b4e9d2dc0a075652d408c7bac2e69206e Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD55-P2 age 4279550 x-cache Miss from cloudfront, HIT, HIT content-length 93111 x-served-by cache-iad-kiad7000096-IAD, cache-fra-eddf8230126-FRA last-modified Tue, 10 May 2022 15:53:39 GMT server cat factory 1.0 x-timer S1695159924.629384,VS0,VE1 etag "b8df5ba3daefa6be0b2338d4a7b04fe4" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id AxSkB6h_sCWrPqmNsxfRhSXxSuTcZhGjnl2G4ie_QJh2Jr57iK155g== x-cache-hits 350, 1
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	32ms 8ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 12:10:59 GMT content-encoding gzip x-content-type-options nosniff age 34464 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Sep 2024 12:10:59 GMT
GET H3	200	bootstrap.min.js Show response lintoq.com/script/	36 KB 10 KB	18ms 16ms	Script application/x-javascript	2606:4700:3034::6815:370 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lintoq.com/script/bootstrap.min.js Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:370 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/view/YgPPT0rDtN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT content-encoding br cf-cache-status HIT last-modified Mon, 03 Oct 2016 08:46:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 340749 etag W/"9004-57f21aca-2b964e;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJZkk4r1Qev51yswtHSgYMDxzXIVYYI9RMCs30IQcerdYf8fZUDESjG9SqUjJni0ZU8c6PLh%2F2WDtHvXqo23hJhhhUQEuhBSHrlpwIjKIo1%2B9VRG2msos2yN5OBtwIOstKYvjkObFcR1"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 cf-ray 809503f1fe4f9a12-FRA alt-svc h3=":443"; ma=86400 expires Fri, 22 Sep 2023 23:06:14 GMT
GET H3	200	main.js Show response lintoq.com/script/	196 B 682 B	15ms 15ms	Script application/x-javascript	2606:4700:3034::6815:370 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lintoq.com/script/main.js Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:370 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d73a7fac91c17681ce014675df9c9a5990a577eb07a8f27aebc2313073ba741d Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/view/YgPPT0rDtN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 534 cf-polished origSize=259 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 03 Oct 2016 08:46:02 GMT server cloudflare etag W/"103-57f21aca-2b964d;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mtv%2FHWUXinNu8tASod7sx8R1%2FO42JalXLlp8i5jB4gIiLgWxVI2dpak74hcGOtfRUVdQCLlj3cBFweDP5I%2Fx2B5Ve8gKdA84%2FdA44B88WUnGXoYiPLEKGjyoENp9A1QsoodbUmxP21f0"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 cf-ray 809503f21e659a12-FRA expires Tue, 05 Sep 2023 20:38:14 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	38ms 16ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 61626b9d08d675b1294b68015b2dc482e61405251a6deba6c06674d0619d6f77 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 835 x-xss-protection 1; mode=block expires Tue, 19 Sep 2023 21:45:23 GMT
HEAD H3	404	YgPPT0rDtN Show response lintoq.com/view/	0 512 B	46ms 46ms	XHR text/html	2606:4700:3034::6815:370 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lintoq.com/view/YgPPT0rDtN Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:370 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/view/YgPPT0rDtN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xNjJQUmfi0NEeUxu%2Bjj2pXXKa0ws8%2B%2BEAxd%2Bod9%2F79LEchC6bu7i4Oys%2BG5yPvpDqCQkyNveCdEeCW84OYeP5tf2oR%2FvZJLl0p6S1c2sdsa61Qc3jcByPkFCOwGPWfTe001x4%2BRV%2BhR"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 809503f0cd229a12-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	5872667 Show response gloaphoo.net/400/	89 KB 35 KB	70ms 28ms	Script application/javascript	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloaphoo.net/400/5872667 Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 19a772bdb575f1113048c9701bb153b175d5b793bbe6cf3bbf68fa7dd895f5e7 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id bf9684725f2851d271cea96508c51110 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	332ms 294ms	Fetch binary/octet-stream	172.64.107.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d1of5w8unlzqtg.cloudfront.net URL: https://d1of5w8unlzqtg.cloudfront.net/?uwfod=918682 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT cf-cache-status EXPIRED last-modified Tue, 19 Sep 2023 17:00:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://lintoq.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW%2BC4Ckt3Tdp9ORoY%2BEnCVBtXLsGPyyqa8akPIXywPxcXAQkYVhekuMK3%2F0h%2FJjycpAcytRRyUzPhfVK0%2FPA0%2BaK9t0C11EPVij5dLDos9hLwvA2n6ZF%2B63%2FtgW4J%2F6%2F"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 809503f1ff9c9ba6-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response pogothere.xyz/	27 B 610 B	146ms 109ms	Fetch text/plain	172.64.107.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d1of5w8unlzqtg.cloudfront.net URL: https://d1of5w8unlzqtg.cloudfront.net/?uwfod=918682 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eb629456784f4e0993fcdd2f065d7bfdb7d019b4f3887ae572331459a9c52c3 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21uJjx3uc%2FpcZjwv53u6htUYdEOacXbty72Y%2Bnb0nSoe1zoVdpiH8rZqb1P8PpUS3mGXQWk6y7NrKJlphugiByk0GMgB6jrU9i1FBI5p%2B4UWu2q2ojzqXEr5ZbNVFFtq"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://lintoq.com content-type text/plain access-control-allow-credentials true cf-ray 809503f1ff9d9ba6-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	204	utx Show response nanrumandbac.com/	0 534 B	134ms 97ms	XHR text/plain	18.239.36.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nanrumandbac.com/utx?cb=5lEAi7kESBRx&top=lintoq.com&tid=918682 Requested by Host: d1of5w8unlzqtg.cloudfront.net URL: https://d1of5w8unlzqtg.cloudfront.net/?uwfod=918682 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-76.ams58.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:23 GMT via 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop AMS58-P2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://lintoq.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id 7VtYkktcb3ROVIfMOXZoUJ1Vgcka5DUBSWhk2xjklecNN6MNHcofqA==
GET H2	204	cTJBR1FeDSI0bCVZMXQDGlp1JDojAiR0ZEdgchV0Q3QkD2gwUQk0dwVbJXpoQAp3f2NXQigjbEAUMjMwBUcyemBXWy8hPkwUN3pgXwF1aWJFHHFhJEwDZzMhEFV8dncBRjUrbEAEeHJgRAt4dWJFBXI asrntiljustetyerec.info/	0 414 B	143ms 111ms	Image text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asrntiljustetyerec.info/cTJBR1FeDSI0bCVZMXQDGlp1JDojAiR0ZEdgchV0Q3QkD2gwUQk0dwVbJXpoQAp3f2NXQigjbEAUMjMwBUcyemBXWy8hPkwUN3pgXwF1aWJFHHFhJEwDZzMhEFV8dncBRjUrbEAEeHJgRAt4dWJFBXI Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FntfhDx3rvrk6EZR%2BQb7h4hVDPLAmSDUund7V%2FKZyXn%2F0THKZ%2BtnQQ8wkzK%2Fz%2FVz2kTCy%2B2hU%2Fi6IfnzEqxvOhNYFsuJt%2FcMB6fEM2rWnzwPNT3j4dsG7nJyQUplP%2F64Z30qsRnBIA%2BPEA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 809503f3dd3bbb67-FRA alt-svc h3=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	188ms 174ms	Image text/html	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfcbTsPsumB3mMRzxj2jNpyArvYQXultMyDnsS5TzhbXArwxbB-z5Iyd78... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfVAdC4xrIfRahBKLtay3NWhwRNnbJTiishgHJuttwUD66GEwk2zpIMXtfkPmmRYfQoXC4l&passive=...	0 0	32ms 31ms	Image text/html	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfVAdC4xrIfRahBKLtay3NWhwRNnbJTiishgHJuttwUD66GEwk2zpIMXtfkPmmRYfQoXC4l&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-804321801%3A1695159924248198&theme=glif Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H3 Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Redirect headers date Tue, 19 Sep 2023 21:45:24 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-9Cfj0LJRyonaKzPrYKkUBQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 401 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfVAdC4xrIfRahBKLtay3NWhwRNnbJTiishgHJuttwUD66GEwk2zpIMXtfkPmmRYfQoXC4l&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-804321801%3A1695159924248198&theme=glif cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhcWcZIWDrW3JAsFJkZlkL4ST8u8NtIomeoOsR595jwzNZS1uLy7gwE... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdw_a_560EEyUrktc6DSINEJIlj_Ik9EdNoWrp7sTtoBE82Z4lMfYFnVqXbYcqkWsEgRrApqg&passi...	0 0	26ms 26ms	Image text/html	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdw_a_560EEyUrktc6DSINEJIlj_Ik9EdNoWrp7sTtoBE82Z4lMfYFnVqXbYcqkWsEgRrApqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962675966%3A1695159924418306&theme=glif Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H3 Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Redirect headers date Tue, 19 Sep 2023 21:45:24 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-IKfGwxOU9cpCe_0JV4mkYg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 408 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdw_a_560EEyUrktc6DSINEJIlj_Ik9EdNoWrp7sTtoBE82Z4lMfYFnVqXbYcqkWsEgRrApqg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1962675966%3A1695159924418306&theme=glif cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	popunder.gif asrntiljustetyerec.info/	35 B 431 B	22ms 22ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asrntiljustetyerec.info/popunder.gif Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma public date Tue, 19 Sep 2023 21:45:24 GMT cf-cache-status HIT last-modified Tue, 19 Sep 2023 21:02:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2556 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b5Ck16fIucl6wQC9qU7RALrxyA2RiSNA64Rm16kYYJHR%2FZK%2BSZE535IVJVDKjACwj%2BKB6CW6u%2Fr6e0W6b604ELjTj0KqSroQwGyr2OBuauXa%2FzdtSTG9Br7l7CkfwY01qHs7JVu4cfv1A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable cf-ray 809503f5ffa8bb67-FRA alt-svc h3=":443"; ma=86400
POST H2	204	collect region1.google-analytics.com/g/	0 250 B	35ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-QJYJ47YMD2&gtm=45je39i0&_p=2057805163&cid=531042722.1695159924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695159923&sct=1&seg=0&dl=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&dt=View%20Links%20-%20LinToq&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QJYJ47YMD2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lintoq.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	28ms 6ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://lintoq.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 13 Sep 2023 22:08:16 GMT x-content-type-options nosniff age 517027 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Sep 2024 22:08:16 GMT
HEAD H2	204	/ Show response qevtjrobrb.xyz/	0 435 B	65ms 21ms	XHR text/plain	139.45.197.162 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://qevtjrobrb.xyz/ Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-trace-id a32373eacb2a8c2d3a79f596e39c6fae pragma no-cache date Tue, 19 Sep 2023 21:45:23 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx vary Origin access-control-allow-origin https://lintoq.com access-control-expose-headers Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H3	200	fontawesome-webfont.woff2 lintoq.com/style/fonts/	70 KB 71 KB	15ms 15ms	Font font/woff2	2606:4700:3034::6815:370 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lintoq.com/style/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: lintoq.com URL: https://lintoq.com/style/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:370 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73 Request headers Referer https://lintoq.com/style/main.css Origin https://lintoq.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 535 alt-svc h3=":443"; ma=86400 content-length 71896 last-modified Mon, 03 Oct 2016 09:04:38 GMT server cloudflare etag "118d8-57f21f26-2b9948;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZO5%2F5nOr1UqDAOdhkg0DJIEuvohMohqtzXVFS4hNxk6ATpCAKOW51JSS3YXrIxYscoEuG0tnpSjjfUGuAF4rtlQzXFA45Eo8EYH4lwaG00Oiv9q7vOVMNxO9tmgOnS5HhGelCu0zQwb"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes cf-ray 809503f60b4a9a12-FRA expires Tue, 05 Sep 2023 20:38:15 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://lintoq.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:52:03 GMT x-content-type-options nosniff age 525201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Sep 2024 19:52:03 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/	455 KB 184 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3482cece5275f9eccfd54357831c2e622f64aa6e45361c16c83be621707fd150 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lintoq.com/ Origin https://lintoq.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:46:38 GMT content-encoding gzip x-content-type-options nosniff age 3526 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187512 x-xss-protection 0 last-modified Mon, 11 Sep 2023 18:47:28 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 20:46:38 GMT
GET H2	200	b29uVnIODQ07TQ5SDHAHHQNTc0ApSlwQFl4ACGMFVxoAOggeGwl4EQMAGzIUHQAAIlwBChpzQCk1IwAaXjpeBCEhFx1nF186FhMlWlYvETArDl0PKiIIN245BCkCEUAABQgRNC4pFgAdJBcjZzAHDB0SCAtaL2VGNSIHJiU1OSNkOQMlAgQ6OgM4AgImNVwcNCQtA... Show response nanrumandbac.com/ Frame A8DD	3 KB 2 KB	96ms 96ms	Document text/html	18.239.36.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nanrumandbac.com/b29uVnIODQ07TQ5SDHAHHQNTc0ApSlwQFl4ACGMFVxoAOggeGwl4EQMAGzIUHQAAIlwBChpzQCk1IwAaXjpeBCEhFx1nF186FhMlWlYvETArDl0PKiIIN245BCkCEUAABQgRNC4pFgAdJBcjZzAHDB0SCAtaL2VGNSIHJiU1OSNkOQMlAgQ6OgM4AgImNVwcNCQtAWIXOQQUFDEcAzYvASwmOh8qIz08Izk5WwceNlcAOx5DJyk2ExQOKSw+Fi0EGB42Xwg2P0ooCwAPMCEIKGQWCCkeBCpeXygRAVwLAA8wIxcZbxEIOVcEGikHL2QVITU2FysJOkMyGCU6Kzk1OzYUADYACiE8MzoOBBgfCxg0ZCACOQYXQAcLIRUKKSE8OkALASRvIF0iAQE2Ij4KOCstPxYXBSNeWy4nKCleAxguJz4VHjoJOzUkCz4sICVdIR8UNSkoD2QdJTYoFBoLKidjNxUmXAE6XicoDjcsDV8iFQwHDSIhKCUUFyUDITcOKycOKxgcCT4GJyA4Okg8AQABHmscVggjb0crPjclFAkt Requested by Host: d1of5w8unlzqtg.cloudfront.net URL: https://d1of5w8unlzqtg.cloudfront.net/?uwfod=918682 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-76.ams58.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash b9ca50847671fd1fee76c8d41b145a1773fd04ab79f156faab38bda1f997ac2d Request headers Referer https://lintoq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1252 content-type text/html date Tue, 19 Sep 2023 21:45:24 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 818c6aa3ba5cbb6c0be8757bc2002810.cloudfront.net (CloudFront) x-amz-cf-id o2LUsN1vSiJh2qOo_dSM12swxVpTvmT_VlFN7u8vr_rGxqLZhjz0KA== x-amz-cf-pop AMS58-P2 x-cache Miss from cloudfront
GET H2	200	62d56ea0f9871978341f35fc0871af25.js Show response 46496cf2ef.751685e7fa.com/	169 KB 58 KB	58ms 14ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 08a2d8ef4f82565e49ae55e5914d37e7a3198c61fa531041bdfee0a48cba6e97 Request headers Referer https://lintoq.com/ Origin https://lintoq.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Tue, 19 Sep 2023 21:50:24 GMT date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip last-modified Mon, 18 Sep 2023 15:06:58 GMT server nginx/1.18.0 etag W/"65086792-2a510" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	stattag.js Show response tzegilo.com/	19 KB 8 KB	61ms 17ms	Script application/javascript	2606:4700:e4::ac40:a112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tzegilo.com/stattag.js Requested by Host: gloaphoo.net URL: https://gloaphoo.net/400/5872667 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a112 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:24 GMT content-encoding br cf-cache-status HIT last-modified Thu, 07 Sep 2023 08:19:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1277 etag W/"64f987a8-4a4b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F5JtSTaIGt0%2FZHiOS43GBFfem5OQc%2BogRKJAD59UGeKfxwqDFWEWDgyxYCrqrNXqRdJ0LNsi1TtU5UpUt6YKopgdDP%2Bn0Ys8yl7L%2FeDPk5QJRzqwQfNE73LoHitWC1y%2FuuD0yA%2F7DhblQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 809503f69f623a84-FRA link <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin alt-svc h3=":443"; ma=86400
GET H2	200	count.html Show response cousinf.com/log/ Frame 02A7	882 B 890 B	64ms 22ms	Document text/html	2606:4700:e2::ac40:860e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cousinf.com/log/count.html Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:860e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2 Request headers Referer https://lintoq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 809503f72e221e45-FRA content-encoding br content-type text/html date Tue, 19 Sep 2023 21:45:24 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niXvAte2EZdRR52ouMHkj8LexGN6yxmzi9nEzGEaK%2BrWjKswL57HZH0G3SnY9m%2BF8P7Ce4mG97fRRbot3VHG6t9%2BZ45aGtozq8GAgpoF4oE0i35GW9ZcXhFxxJN%2BaFzHDO6IF6qg4PVptA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id 59ab3ebddc7e5abb374a16d7c281c032
GET H2	200	6431 Show response 46496cf2ef.751685e7fa.com/636b09ffd0f61abfd5aea08da5a5c76f/	4 KB 4 KB	84ms 83ms	XHR application/json	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://46496cf2ef.751685e7fa.com/636b09ffd0f61abfd5aea08da5a5c76f/6431?version_name=b Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 2ebb04209d23abbc18e9450917db50294b1957a5062c1753f072dd823d93ee63 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers access-control-allow-origin * date Tue, 19 Sep 2023 21:45:24 GMT cache-control max-age=300 x-proxy-cache MISS server nginx/1.18.0 content-type application/json expires Tue, 19 Sep 2023 21:50:24 GMT
GET H2	200	advertising.js Show response js.capndr.com/	0 238 B	52ms 14ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Tue, 19 Sep 2023 21:50:24 GMT date Tue, 19 Sep 2023 21:45:24 GMT last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 etag "64b105fd-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	200	ZMVh1U0RSNxs1e0UxEW59AGBDa3YXMgY8KkFlG2ojfGFAFxVoKxM1BhcsDzd5A34ZMipWZVM2KlJlRHUlVTpIZ2JFKBo4eVkzBCslXysCITIXLRRuKV4iHD8oUH1HFXEfaFBhdBkvHD0gXi8GdnYBNgF2dgFpRX10FGs3dnYBLxw9cgV9RhFhA2gNZXAYfU-djJUE... Show response d1of5w8unlzqtg.cloudfront.net/ Frame A8DD	861 B 903 B	171ms 171ms	Script text/plain	2600:9000:20e1:d800:4:4c90:e100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1of5w8unlzqtg.cloudfront.net/ZMVh1U0RSNxs1e0UxEW59AGBDa3YXMgY8KkFlG2ojfGFAFxVoKxM1BhcsDzd5A34ZMipWZVM2KlJlRHUlVTpIZ2JFKBo4eVkzBCslXysCITIXLRRuKV4iHD8oUH1HFXEfaFBhdBkvHD0gXi8GdnYBNgF2dgFpRX10FGs3dnYBLxw9cgV9RhFhA2gNZXAYfU-djJUEoGTYzVDoeOjAUajNmdwZ2RmVhA2hdOCxFNRl2dnJ9R2MoWDMQdnYBPxAwL15xUGF0UjAHPClUfUcVdQBvW2NqBGFGa2oJYFBhdEI5EzI2WH1HFXECb1tgchctSGJzAWlNYXYHaENnfQhqRWU Requested by Host: nanrumandbac.com URL: https://nanrumandbac.com/b29uVnIODQ07TQ5SDHAHHQNTc0ApSlwQFl4ACGMFVxoAOggeGwl4EQMAGzIUHQAAIlwBChpzQCk1IwAaXjpeBCEhFx1nF186FhMlWlYvETArDl0PKiIIN245BCkCEUAABQgRNC4pFgAdJBcjZzAHDB0SCAtaL2VGNSIHJiU1OSNkOQMlAgQ6OgM4AgImNVwcNCQtAWIXOQQUFDEcAzYvASwmOh8qIz08Izk5WwceNlcAOx5DJyk2ExQOKSw+Fi0EGB42Xwg2P0ooCwAPMCEIKGQWCCkeBCpeXygRAVwLAA8wIxcZbxEIOVcEGikHL2QVITU2FysJOkMyGCU6Kzk1OzYUADYACiE8MzoOBBgfCxg0ZCACOQYXQAcLIRUKKSE8OkALASRvIF0iAQE2Ij4KOCstPxYXBSNeWy4nKCleAxguJz4VHjoJOzUkCz4sICVdIR8UNSkoD2QdJTYoFBoLKidjNxUmXAE6XicoDjcsDV8iFQwHDSIhKCUUFyUDITcOKycOKxgcCT4GJyA4Okg8AQABHmscVggjb0crPjclFAkt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e1:d800:4:4c90:e100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4d2f2567a6345feee46f8f763175bb17acca8ef1d049a5a8397a009d364ebae8 Request headers accept-language de-DE,de;q=0.9 Referer https://nanrumandbac.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip via 1.1 95e72d567a2ee997c0e6618089b105c6.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-C2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 626 x-amz-cf-id QZjBMaZKfsUsFc1_PZNo9HOmF_Foz4u-84kyUU93-x3mEmmblBMU9g==
POST H/1.1	200 OK	add Show response fleraprt.com/log/	12 B 480 B	53ms 14ms	XHR application/json	139.45.195.254 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f Requested by Host: tzegilo.com URL: https://tzegilo.com/stattag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed Request headers Referer https://lintoq.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 19 Sep 2023 21:46:50 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://lintoq.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 12
GET H2	200	track Show response f5f9bec983.92d8d67482.com/in/	0 207 B	112ms 52ms	XHR text/plain	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://f5f9bec983.92d8d67482.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI5MDEyNzUxNzc0MjMwMjI1MDAwIiwidGltZXpvbmUiOjIsInZlciI6IjMuNzcuMCIsInRhZ19pZCI6NjQzMSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9CZXJsaW4iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xMywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiVmlldyUyQ0xpbmtzJTJDTGluVG9xJTJDTGludG9xJTJDcGFzdGUlMkNlYXJuJTJDcGFzdGUlMkNuJTJDZWFybiUyQ2xpbmslMkNwcm90ZWN0aW9uJTJDcmVkaXJlY3Rpb24lMkNzZWN1cmUlMkNrZWVwJTJDbGlua3MlMkNzaG9ydGVyJTJDc29jaWFsJTJDbmV0d29yayUyQ1VSTCUyQ3NoYXJlJTJDd2ViJTJDQ0FQVENIQSUyQ3Bhc3N3b3JkJTJDcmVkaXJlY3RvciUyQ2hpZGRlbiUyQ2hpZGUlMkNwcm90ZWN0JTJDJTJDTGluay1TcGxpdCUyQ1Byb3RlY3QlMkN5b3VyJTJDTXVsdGlwbGUlMkNsaW5rcyUyQ2J5JTJDaGlkaW5nJTJDdGhlbSUyQ2FuZCUyQ3Nob3J0ZW4lMkN0aGUlMkN1cmwlMkNMaW5rcyUyQ2NhbiUyQ2JlJTJDcHJvdGVjdGVkJTJDYnklMkNwYXNzd29yZCUyQ2FuZCUyQ2NhcHRjaGEifQ== Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:24 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	build.m.js Show response js.wpshsdk.com/extention/	19 KB 7 KB	51ms 16ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/extention/build.m.js Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 555d5195d9e6b6bbd648eccc1ec41fd5f018484a0ef5ef5c8f27753372f22942 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Tue, 19 Sep 2023 21:50:24 GMT date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip last-modified Wed, 06 Apr 2022 15:30:54 GMT server nginx/1.18.0 etag W/"624db22e-4da7" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	03d9c555b78e3a1c379c84eaa8251557.js Show response 46496cf2ef.751685e7fa.com/	42 KB 14 KB	45ms 17ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://46496cf2ef.751685e7fa.com/03d9c555b78e3a1c379c84eaa8251557.js Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 94ee8020d13f4b840586f66695a2e52ca21d1eb80090ec5cf44c21b8a32a0c05 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Tue, 19 Sep 2023 21:50:24 GMT date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip last-modified Thu, 31 Aug 2023 09:24:37 GMT server nginx/1.18.0 etag W/"64f05c55-a7d9" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	4630ed811b86e60a099ce56df0c47cdc.js Show response 46496cf2ef.751685e7fa.com/	534 KB 134 KB	57ms 30ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://46496cf2ef.751685e7fa.com/4630ed811b86e60a099ce56df0c47cdc.js Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 87ca3dad0d013b8e4e41955566880e13f6e2eabfcf4127588ecc099e0898bdd4 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Tue, 19 Sep 2023 21:50:24 GMT date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip last-modified Tue, 19 Sep 2023 12:02:15 GMT server nginx/1.18.0 etag W/"65098dc7-8572a" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	build.m.js Show response js.cabnnr.com/banner-admanager/	49 KB 17 KB	62ms 25ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.cabnnr.com/banner-admanager/build.m.js Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash cd63b6930625ba409a2c9aa8d7f8b7206b5ab550f82cd59c324656472244ff04 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Tue, 19 Sep 2023 21:50:24 GMT date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip last-modified Thu, 14 Sep 2023 13:54:24 GMT server nginx/1.18.0 etag W/"65031090-c4b1" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 540 B	54ms 14ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: gloaphoo.net URL: https://gloaphoo.net/400/5872667 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash fa7849b80677f7d9d770ec84ff1982da1bd08786995e8dc2d55e9d6985b72a6f Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:24 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://lintoq.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	123ms 10ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=6431 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lintoq.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://lintoq.com Connection keep-alive Date Tue, 19 Sep 2023 21:45:24 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	58 B 428 B	94ms 72ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=6431 Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/62d56ea0f9871978341f35fc0871af25.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 0d070e34f6ae7c98ddd1a0136bc7c037f0b10aeafa8dc2943420128f93529e92 Request headers Referer https://lintoq.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Tue, 19 Sep 2023 21:45:24 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://lintoq.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 58
GET H2	204	5872667 Show response gloaphoo.net/500/	0 579 B	21ms 21ms	XHR text/plain	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloaphoo.net/500/5872667?excludes=&oaid=67d42125b56c430b8f20170ece509e16&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=5&sw_version=v1.298.2 Requested by Host: gloaphoo.net URL: https://gloaphoo.net/400/5872667 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://lintoq.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type application/json Response headers x-trace-id 2d2be4179dc34bd3b3e51d42de896667 pragma no-cache date Tue, 19 Sep 2023 21:45:24 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 vary Origin access-control-allow-origin https://lintoq.com access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	200	5872667 gloaphoo.net/500/ Frame	0 0	37ms 12ms	Preflight	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gloaphoo.net/500/5872667?excludes=&oaid=67d42125b56c430b8f20170ece509e16&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=5&sw_version=v1.298.2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://lintoq.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://lintoq.com access-control-max-age 600 allow GET, OPTIONS content-length 0 date Tue, 19 Sep 2023 21:45:24 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H2	200	/ Show response rtbrenab.com/get/ Frame 4388	3 KB 2 KB	63ms 19ms	Document text/html	2a01:4f8:c0:33d8::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OSwic3BhY2VpZCI6MTQ5OSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlZpZXclMkNMaW5rcyUyQ0xpblRvcSUyQ0xpbnRvcSUyQ3Bhc3RlJTJDZWFybiUyQ3Bhc3RlJTJDbiUyQ2Vhcm4lMkNsaW5rJTJDcHJvdGVjdGlvbiUyQ3JlZGlyZWN0aW9uJTJDc2VjdXJlJTJDa2VlcCUyQ2xpbmtzJTJDc2hvcnRlciUyQ3NvY2lhbCUyQ25ldHdvcmslMkNVUkwlMkNzaGFyZSUyQ3dlYiUyQ0NBUFRDSEElMkNwYXNzd29yZCUyQ3JlZGlyZWN0b3IlMkNoaWRkZW4lMkNoaWRlJTJDcHJvdGVjdCUyQyUyQ0xpbmstU3BsaXQlMkNQcm90ZWN0JTJDeW91ciUyQ011bHRpcGxlJTJDbGlua3MlMkNieSUyQ2hpZGluZyUyQ3RoZW0lMkNhbmQlMkNzaG9ydGVuJTJDdGhlJTJDdXJsJTJDTGlua3MlMkNjYW4lMkNiZSUyQ3Byb3RlY3RlZCUyQ2J5JTJDcGFzc3dvcmQlMkNhbmQlMkNjYXB0Y2hhLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE3NTAwMTM5NjciLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyMjI0OSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjY5LCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyMjI0OSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9saW50b3EuY29tL3ZpZXcvWWdQUFQwckR0TiJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyYjRkY2YzNzhmNWM2MDU1YmQ2N2IwNWMzNGZhMTA1MyIsImZwIjpudWxsLCJmcF9zdHIiOiIiLCJ1YV9kYXRhIjp7ImFyY2hpdGVjdHVyZSI6IiIsImJpdG5lc3MiOiIiLCJicmFuZHMiOltdLCJmdWxsVmVyc2lvbkxpc3QiOltdLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiIiwicGxhdGZvcm1WZXJzaW9uIjoiIiwidWFGdWxsVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE2OTUxNTk5MjQ1MDB9fQ== Requested by Host: js.cabnnr.com URL: https://js.cabnnr.com/banner-admanager/build.m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:33d8::1 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash a42d6418e91b2408a9c1f2fb273413516616ed9f5576aaf9cdfe012b899c1ee5 Request headers Referer https://lintoq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Tue, 19 Sep 2023 21:45:24 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H3	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhf2kknzCzb2vkZaSPP8yCztz9SkFnKPYsshZTQaZVt_y7KJg52n_xCQT... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdu3_HcpslpwRq7t1IOZ0y0CnW3eP8eWIBYbwATADAF1IKwKOpzq-ICqcnqSPDrcsY6aKowuA&passive...	0 0	30ms 30ms	Image text/html	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdu3_HcpslpwRq7t1IOZ0y0CnW3eP8eWIBYbwATADAF1IKwKOpzq-ICqcnqSPDrcsY6aKowuA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1828896015%3A1695159924626902&theme=glif Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H3 Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Redirect headers date Tue, 19 Sep 2023 21:45:24 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-k205tJtY405QpdAjm1uMwA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 404 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdu3_HcpslpwRq7t1IOZ0y0CnW3eP8eWIBYbwATADAF1IKwKOpzq-ICqcnqSPDrcsY6aKowuA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1828896015%3A1695159924626902&theme=glif cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	multy e08409ce7e.e6460525b5.com/in/ Frame	0 0	171ms 10ms	Preflight	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://e08409ce7e.e6460525b5.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lintoq.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Tue, 19 Sep 2023 21:45:24 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	dip Show response nereserv.com/in/	0 201 B	54ms 14ms	XHR text/plain	157.90.84.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=0&event_id=7daf6f37-1ae8-468e-b2ef-bdaf8a82f40f&subid=1483209030&sid=241516103&spot_id=7126&created_at=2023-09-19&timezone=2&ver=8.97.0&is_native=1 Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/4630ed811b86e60a099ce56df0c47cdc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.246 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.246.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:24 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST H2	200	multy Show response e08409ce7e.e6460525b5.com/in/	28 KB 28 KB	1151ms 1150ms	XHR application/json	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://e08409ce7e.e6460525b5.com/in/multy Requested by Host: 46496cf2ef.751685e7fa.com URL: https://46496cf2ef.751685e7fa.com/4630ed811b86e60a099ce56df0c47cdc.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 72c2ffd375da7c385727fc5970b6d3887028f236c39503461f545d8fedd0dd4c Request headers Referer https://lintoq.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:25 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 28570
GET H2	200	264f9b86ab7e42e89dc44866327f8f86.html Show response runative-syndicate.com/iframes2/ Frame DB87 Redirect Chain https://rtbrenab.com/banner/in/show/?mid=5375686697189540358&pid=0&site=22249&sc=DE&usage_type=DCH&subid=1750013967&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=... https://btds.zog.link/in/912/?sid=22249&source=1750013967&idzone=0&w=300&h=250&mo=&ve=&site_id=22249&utm1=&utm2=&utm3=&utm4=&ad_tags=View%2CLinks%2CLinToq%2CLintoq%2Cpaste%2Cearn%2Cpaste%2Cn%2Cearn... https://runative-syndicate.com/iframes2/264f9b86ab7e42e89dc44866327f8f86.html?subid=1750013967	2 KB 2 KB	159ms 110ms	Document text/html	136.243.51.205 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://runative-syndicate.com/iframes2/264f9b86ab7e42e89dc44866327f8f86.html?subid=1750013967 Requested by Host: rtbrenab.com URL: https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OSwic3BhY2VpZCI6MTQ5OSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlZpZXclMkNMaW5rcyUyQ0xpblRvcSUyQ0xpbnRvcSUyQ3Bhc3RlJTJDZWFybiUyQ3Bhc3RlJTJDbiUyQ2Vhcm4lMkNsaW5rJTJDcHJvdGVjdGlvbiUyQ3JlZGlyZWN0aW9uJTJDc2VjdXJlJTJDa2VlcCUyQ2xpbmtzJTJDc2hvcnRlciUyQ3NvY2lhbCUyQ25ldHdvcmslMkNVUkwlMkNzaGFyZSUyQ3dlYiUyQ0NBUFRDSEElMkNwYXNzd29yZCUyQ3JlZGlyZWN0b3IlMkNoaWRkZW4lMkNoaWRlJTJDcHJvdGVjdCUyQyUyQ0xpbmstU3BsaXQlMkNQcm90ZWN0JTJDeW91ciUyQ011bHRpcGxlJTJDbGlua3MlMkNieSUyQ2hpZGluZyUyQ3RoZW0lMkNhbmQlMkNzaG9ydGVuJTJDdGhlJTJDdXJsJTJDTGlua3MlMkNjYW4lMkNiZSUyQ3Byb3RlY3RlZCUyQ2J5JTJDcGFzc3dvcmQlMkNhbmQlMkNjYXB0Y2hhLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE3NTAwMTM5NjciLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyMjI0OSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjY5LCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyMjI0OSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9saW50b3EuY29tL3ZpZXcvWWdQUFQwckR0TiJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyYjRkY2YzNzhmNWM2MDU1YmQ2N2IwNWMzNGZhMTA1MyIsImZwIjpudWxsLCJmcF9zdHIiOiIiLCJ1YV9kYXRhIjp7ImFyY2hpdGVjdHVyZSI6IiIsImJpdG5lc3MiOiIiLCJicmFuZHMiOltdLCJmdWxsVmVyc2lvbkxpc3QiOltdLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiIiwicGxhdGZvcm1WZXJzaW9uIjoiIiwidWFGdWxsVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE2OTUxNTk5MjQ1MDB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.51.205 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.205.51.243.136.clients.your-server.de Software nginx / Resource Hash 8066b5367b86b7af82050f3635f9a8360f1bd82fa738e7840d1eb1bc7f427616 Request headers Referer https://rtbrenab.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Sep 2023 21:45:24 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 6f5b3793e984527f x-robots-tag none noindex, nofollow Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 21:45:23 GMT location https://runative-syndicate.com/iframes2/264f9b86ab7e42e89dc44866327f8f86.html?subid=1750013967 pragma no-cache server nginx/1.20.1 vary *
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame DB87	8 KB 3 KB	44ms 7ms	Script application/javascript	67.27.158.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: rtbrenab.com URL: https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OSwic3BhY2VpZCI6MTQ5OSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlZpZXclMkNMaW5rcyUyQ0xpblRvcSUyQ0xpbnRvcSUyQ3Bhc3RlJTJDZWFybiUyQ3Bhc3RlJTJDbiUyQ2Vhcm4lMkNsaW5rJTJDcHJvdGVjdGlvbiUyQ3JlZGlyZWN0aW9uJTJDc2VjdXJlJTJDa2VlcCUyQ2xpbmtzJTJDc2hvcnRlciUyQ3NvY2lhbCUyQ25ldHdvcmslMkNVUkwlMkNzaGFyZSUyQ3dlYiUyQ0NBUFRDSEElMkNwYXNzd29yZCUyQ3JlZGlyZWN0b3IlMkNoaWRkZW4lMkNoaWRlJTJDcHJvdGVjdCUyQyUyQ0xpbmstU3BsaXQlMkNQcm90ZWN0JTJDeW91ciUyQ011bHRpcGxlJTJDbGlua3MlMkNieSUyQ2hpZGluZyUyQ3RoZW0lMkNhbmQlMkNzaG9ydGVuJTJDdGhlJTJDdXJsJTJDTGlua3MlMkNjYW4lMkNiZSUyQ3Byb3RlY3RlZCUyQ2J5JTJDcGFzc3dvcmQlMkNhbmQlMkNjYXB0Y2hhLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE3NTAwMTM5NjciLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoyMjI0OSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjY5LCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIyMjI0OSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9saW50b3EuY29tL3ZpZXcvWWdQUFQwckR0TiJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyYjRkY2YzNzhmNWM2MDU1YmQ2N2IwNWMzNGZhMTA1MyIsImZwIjpudWxsLCJmcF9zdHIiOiIiLCJ1YV9kYXRhIjp7ImFyY2hpdGVjdHVyZSI6IiIsImJpdG5lc3MiOiIiLCJicmFuZHMiOltdLCJmdWxsVmVyc2lvbkxpc3QiOltdLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiIiwicGxhdGZvcm1WZXJzaW9uIjoiIiwidWFGdWxsVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE2OTUxNTk5MjQ1MDB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.158.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash f391268a72ae9c70ecc1acc1b9ed392f58775af82bf011cf2b2293848cd5716c Request headers accept-language de-DE,de;q=0.9 Referer https://runative-syndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:24 GMT content-encoding gzip last-modified Thu, 03 Aug 2023 08:51:42 GMT server nginx age 4090821 etag W/"64cb6a9e-1f37" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2641
GET H2	200	/ Show response xxlej.gratifylngdates.com/ Frame 596C Redirect Chain https://vdyflgjcyxnf.unicornpride123.com/l.php?p=c:m423ywjaaaibb9iy8&d=60d1da025ca790363d1288cb&s={adspot_id}&b={creative_id}&bid={cost}&pid={click_id}&cmp={campaign_id}&keyword={keywords} https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1	19 KB 5 KB	306ms 43ms	Document text/html	52.19.101.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Requested by Host: runative-syndicate.com URL: https://runative-syndicate.com/iframes2/264f9b86ab7e42e89dc44866327f8f86.html?subid=1750013967 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.19.101.114 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-101-114.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 06a7c7b9cd398f541a83bd6b8a234123064df0f90bdefd46ff5eacfa57d6d417 Request headers Referer https://runative-syndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Tue, 19 Sep 2023 21:45:25 GMT server nginx Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Tue, 19 Sep 2023 21:45:24 GMT Location https://xxlej.gratifylngdates.com?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Raund smartlink Round 12ss9168po Server nginx
GET H/1.1	200 OK	css.css cdn-dimi.akamaized.net/landings/275825/1663071511/css/ Frame 596C	7 KB 2 KB	564ms 198ms	Stylesheet text/css	2.16.164.113 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512 Requested by Host: xxlej.gratifylngdates.com URL: https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.164.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-164-113.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 31a7b5754bd2c3d3da88275cfcbd6a6ce0f3a12025067a34af2c3f0bf06d9e9c Request headers accept-language de-DE,de;q=0.9 Referer https://xxlej.gratifylngdates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 21:45:25 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 12:50:39 GMT Server AmazonS3 x-amz-request-id RDQ25QCWQCGG21D3 ETag "d3c17ea89ffca6c5bc2dcb0effe43fbe" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 1895 x-amz-id-2 O7FrRDCGlSgyPQSKvBFaP0StAPZ9nkaYuqjm8voiKpclv6JrrPInrEN6kWgQCQUifh53GMSfScs=
GET H/1.1	200 OK	jquery-2.2.4.min.js Show response cdn-dimi.akamaized.net/landings/275825/1663071511/js/ Frame 596C	84 KB 30 KB	552ms 187ms	Script text/javascript	2.16.164.113 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-dimi.akamaized.net/landings/275825/1663071511/js/jquery-2.2.4.min.js?1663071512 Requested by Host: xxlej.gratifylngdates.com URL: https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.164.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-164-113.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers accept-language de-DE,de;q=0.9 Referer https://xxlej.gratifylngdates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 21:45:25 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 12:50:39 GMT Server AmazonS3 x-amz-request-id JQND9APPB5BY22XP ETag "2f6b11a7e914718e0290410e85366fe9" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 29855 x-amz-id-2 HWgW4o9UHUVHI6Jr14IpajWz+Olz0euCUH6e70Pdsq3HYl62zDKlc11aU9jK0IcdN9iOADmm2+Y=
GET H/1.1	200 OK	translate.js Show response cdn-dimi.akamaized.net/landings/275825/1663071511/js/ Frame 596C	47 KB 17 KB	578ms 212ms	Script text/javascript	2.16.164.113 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-dimi.akamaized.net/landings/275825/1663071511/js/translate.js?1663071512 Requested by Host: xxlej.gratifylngdates.com URL: https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.164.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-164-113.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash ba785899f21fa690ef480e108921ebe06efc3ae7d1cbff8b3f4849dd9fb094b0 Request headers accept-language de-DE,de;q=0.9 Referer https://xxlej.gratifylngdates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 21:45:25 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 12:50:39 GMT Server AmazonS3 x-amz-request-id T4KESS0GW0MSKG4B ETag "637b970eb3da7972f6d558bbda47e43b" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 16633 x-amz-id-2 zmVmy57+qltolgx5L7UKVlBP8lce63TJOV+SZd126OjyRjIag4VYLwRqnAK6t94GRegfVK44TQ4=
GET H2	200	css fonts.googleapis.com/ Frame 596C	13 KB 1006 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat|Open+Sans:300,400,700,800&display=swap&subset=cyrillic,greek,vietnamese Requested by Host: cdn-dimi.akamaized.net URL: https://cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d83f1662e91201fb0ea451a803da8f986dd0aebf06dc56ee9d7dfc08bfa5f510 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn-dimi.akamaized.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 21:45:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 20:40:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 21:45:25 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 596C	161 KB 59 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL Requested by Host: xxlej.gratifylngdates.com URL: https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5c4d9e447db0faa9fbbc4a7bddd36f8ececd75bda04d13cac1fe832e75fd467c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://xxlej.gratifylngdates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60247 x-xss-protection 0 last-modified Tue, 19 Sep 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 19 Sep 2023 21:45:25 GMT
GET H/1.1	200 OK	bg-mob-2.jpg cdn-dimi.akamaized.net/landings/275825/1663071511/images/ Frame 596C	86 KB 87 KB	262ms 261ms	Image image/jpeg	2.16.164.113 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-dimi.akamaized.net/landings/275825/1663071511/images/bg-mob-2.jpg Requested by Host: cdn-dimi.akamaized.net URL: https://cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.164.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-164-113.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f540844c457a6ef32b0e1bb5aae38d9fbdbd38191c1edcf7fc2e7525577d2192 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 21:45:26 GMT Last-Modified Tue, 13 Sep 2022 12:50:39 GMT Server AmazonS3 x-amz-request-id CV1BPYR4N9C9E5KE ETag "5330118ca965721b4b7c65e2f88a8412" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 88216 x-amz-id-2 5KrRKyMwQt9M9/pevh9jlLmbAVTBjeoMB8bz5Cz6Lp3MIKKW4YHKGqcJkO+YgJ5gRz/T9KoZIZo=
GET H2	200	a29e4033-f1e9-4244-ad9b-e100f20a3cc4 tsyndicate.com/api/v1/retargeting/set/ Frame 596C	43 B 460 B	57ms 11ms	Image image/gif	136.243.130.121 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tsyndicate.com/api/v1/retargeting/set/a29e4033-f1e9-4244-ad9b-e100f20a3cc4 Requested by Host: xxlej.gratifylngdates.com URL: https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.130.121 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.130.243.136.clients.your-server.de Software nginx / Resource Hash 42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb Request headers accept-language de-DE,de;q=0.9 Referer https://xxlej.gratifylngdates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:25 GMT server nginx x-api-version 1 vary * report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type image/gif cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow content-length 43 x-request-id 92806e552238401b expires 0
GET H/1.1	200 OK	ctrack ctrack.trafficjunky.net/ Frame 596C	35 B 1 KB	43ms 23ms	Image image/gif	66.254.114.89 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=im&cookiename=start&age=545600&maxcookiecount=10 Requested by Host: xxlej.gratifylngdates.com URL: https://xxlej.gratifylngdates.com/?utm_source=9f304076c96c3e84&s1=30779&s2=1698142&s3={adspot_id}&s5=&click_id=650a1674c99b1f55912fa2a2&j1=1&j9=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 66.254.114.89 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://xxlej.gratifylngdates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:25 GMT server openresty accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET,POST p3p CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 35 expires Sun, 22 Jan 1984 03:00:00 GMT
GET H2	200	IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp static.bookmsg.com/creatives/IN/	790 B 948 B	52ms 9ms	Image image/webp	88.198.186.112 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=0a12ed3c-45e5-4714-aaca-e2748d113207&pattern1=59&pattern2=0&pattern3=0&pattern4=0&pattern5=0&mlc=1&format=androidWhatsAppCompact-view-t_r-body Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.198.186.112 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-186-112.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:25 GMT last-modified Tue, 24 Nov 2020 14:20:43 GMT server nginx/1.18.0 etag "5fbd16bb-316" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 790
GET H2	200	IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp static.bookmsg.com/creatives/IN/	790 B 947 B	53ms 10ms	Image image/webp	88.198.186.112 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.198.186.112 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-186-112.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:25 GMT last-modified Tue, 24 Nov 2020 14:20:43 GMT server nginx/1.18.0 etag "5fbd16bb-316" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 790
GET H2	200	/ e08409ce7e.e6460525b5.com/in/show/	0 200 B	35ms 13ms	Image text/plain	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://e08409ce7e.e6460525b5.com/in/show/?tag_ab=b&site_id=317126&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&refdom=lintoq.com&auction_time=1695159924&subid=1483209030&sid=241516103&tcid=0&ver=8.97.0&ver_c=&spot_id=7126&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-09-19&iabcat=IAB24-24&keywords=&user_fp=1886622027507003715&score=31.242996223726422&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1483209030%26spot_id%3D7126%26is_adult%3D0%26p%3Dhttps%253A%252F%252Flintoq.com%252Fview%252FYgPPT0rDtN%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&url=http%3A%2F%2Fclick.junmediadirect1.com%2Fclick%3Fi%3DXK5wRCCe5NM_0&icons=rBINc9Y0McQ2vZVJkuJrKIT0PdLpk2viH8WV_xgzsQgOaQc9UFzXG0LOSDisL0e-lPvf71wy3oSQW3ouE0UqcXSYEfAC8lJRT_dVrt8idGX3Ylt1YLR7ZRXmoExE5Q3eZ9jzWrFliiF-2Rly5dyBetLOd2aNVWxL7hI1-d8QvROq6w1qGw&ext_cid=0&px_id=537126&min_cpm=0.005903939274253271&out_id=1&campaign_type=lq-pop&aid=188&cid=15764&uniq=7c6bacd8343dc2b487fa9f3f519b6eb1daf2ec5c291a33891153e89884ce1011&mid=8076981360536291286&skin_id=8&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.007388246907860635&cpm=0&verify_hash=a08424e3a2e3a29ca30a4907ff4d25bb&is_native=2&real_bid=0.00011251800084114072&original_bid_usd=0.000126&original_bid=0.000126&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F117.0.5938.88%20Safari%2F537.36&ip_mismatch=2001:ac8:20:3a00:1012:7ee9:f1c5:4375&geo=DE&carrier=-&label_ids=83,108,0,89&need_redirect_show=0&applied_features=empty%20ecpm%20test,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&site=native-push-mainstream&price=0.000126&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&mlf=1&cpa=dac9547c-5ca9-4574-8fb3-c6e77925cc58&pattern1=59&pattern2=0&pattern3=0&pattern4=0&pattern5=0&mlc=1&format=androidWhatsAppCompact-view-t_r-body Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:25 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzMxMDE0MS85ODRiNjdiMjIzNDFhZWU0M... s-img.adskeeper.com/g/11185930/492x328/-/ Frame 268F	23 KB 24 KB	49ms 23ms	Image image/webp	2606:4700:4400::6812:2396 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.com/g/11185930/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzMxMDE0MS85ODRiNjdiMjIzNDFhZWU0MWFmZTY4NDI4M2ViZTgzYS5qcGVn.webp?v=1695159924-GRvR-QLolVxySnxxjkt7kUbFkMHQ82CJgzWbKv48aSw Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a3ad6a224f2498fbe59e1d5c8a6368aa7a42063263eb0283d7ad9827b5f39c6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:25 GMT cf-cache-status HIT last-modified Thu, 11 Nov 2021 15:57:00 GMT x-mg-request-uuid ec423272-bb31-44da-92f4-b857af876f52 server cloudflare age 1515903 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 809504010dbdbb59-FRA content-length 23884 alt-svc h3=":443"; ma=86400
GET H2	200	c c.adskeeper.com/ Frame 268F	43 B 228 B	46ms 21ms	Image image/gif	2606:4700:4400::6812:2396 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.com/c?pv=2&v=0|0|0|WnTa9zai2gMJvZhpiAbbGp6tC8Dx2aqfDK8SRPkhHQmJv_aFJrY3IpwGYpqAUGiZAUvmXrRPKNlrJ9chaSP_sQ**&cid=1156384&f=1&h2=lhYiY_ofmgUB0niIDuRJV_fYWpOZ-FsbCKgJSHPDO1A*&rid=d71bc6a0-5735-11ee-b4f5-00620b2e3f90&psid=737126&cpa=dc394f2e-fa5e-413a-a450-e0efb16d77c2&pattern1=59&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=androidWhatsAppCompact-view-t_r-body Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:45:25 GMT cf-cache-status DYNAMIC x-mg-request-uuid 131d90eb-b02f-490b-9589-4d78c933ccb3 server cloudflare content-type image/gif cf-ray 809504010ebe9024-FRA alt-svc h3=":443"; ma=86400 content-length 43
GET H2	200	/ e08409ce7e.e6460525b5.com/in/show/	0 201 B	25ms 12ms	Image text/plain	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://e08409ce7e.e6460525b5.com/in/show/?tag_ab=b&site_id=317126&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Flintoq.com%2Fview%2FYgPPT0rDtN&refdom=lintoq.com&auction_time=1695159924&subid=1483209030&sid=241516103&tcid=0&ver=8.97.0&ver_c=&spot_id=7126&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-09-19&iabcat=IAB24-24&keywords=&user_fp=1886622027507003715&score=31.242996223726422&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1483209030%26spot_id%3D7126%26is_adult%3D0%26p%3Dhttps%253A%252F%252Flintoq.com%252Fview%252FYgPPT0rDtN%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=Zestradar&crtid=66c8f6d532179c81220cc8d386a58bcf&url=https%3A%2F%2Fclck.adskeeper.com%2Fghits%2F11185930%2Fi%2F57489772%2F2%2Fsrc%2F737126%2Fpp%2F1%2F1%3Fh%3DWnTa9zai2gMJvZhpiAbbGp6tC8Dx2aqfDK8SRPkhHQmJv_aFJrY3IpwGYpqAUGiZAUvmXrRPKNlrJ9chaSP_sQ%2A%2A%26rid%3Dd71bc6a0-5735-11ee-b4f5-00620b2e3f90%26tt%3DDirect%26att%3D3%26pubsrcid%3D737126%26cpm%3D1%26ct%3D1%26st%3D120%26h2%3DlhYiY_ofmgUB0niIDuRJV_fYWpOZ-FsbCKgJSHPDO1A%2A&icons=YbYQkwqFW6hw6Mh7012T96HKTzHGpKWLmsJclMin1MXztdecF3k5BWxFr3WAx5NNikwdicyb82drFqjWt89oUd6iBvx0zNmShdqqg6mZuSITx_fksjh4wR4M8yLvLMNykXqTzWFC5m1EDt2LL8BjZnTRMbH_O6PsL-a587Udz-KtxTRajCaJDiKPpz8P_byeLooGbqgzmFk6Tp8GoHQsDwYZPgxqf5Qu5j0aFsjZIPFzXTy-4NFYc4BGrWWswY6QRfuEGVbEFxoQF8ljZSfSn7FUZyV3sqlY34yfN3ZoSWyWE1IvvCiP64BNW5DZ7AECW6r_5tw_BX2p-vhiB12WXePsGCPjvibdYp992tBB55WZRjxdIRMed_I7ne8&ext_cid=0&px_id=737126&min_cpm=0.00620013025210084&out_id=0&campaign_type=hq&aid=62&cid=2749&uniq=&mid=8076981360536291286&skin_id=8&vertical_id=15&skin_test=0&from_cache=0&ecpm=0.07140772776605496&cpm=0&verify_hash=821f9f560526d848ae65fd2c161d92b2&is_native=1&real_bid=0.0010355400234460875&original_bid_usd=0.00165&original_bid=0.00165&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F117.0.5938.88%20Safari%2F537.36&ip_mismatch=2001:ac8:20:3a00:1012:7ee9:f1c5:4375&geo=DE&carrier=-&label_ids=76,81,83,90,93,15&need_redirect_show=0&applied_features=empty%20ecpm%20test,main-skins-settings&show_count=1&expiration_timestamp=1695195924&image_url=https%3A%2F%2Fs-img.adskeeper.com%2Fg%2F11185930%2F492x328%2F-%2FaHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzMxMDE0MS85ODRiNjdiMjIzNDFhZWU0MWFmZTY4NDI4M2ViZTgzYS5qcGVn.webp%3Fv%3D1695159924-GRvR-QLolVxySnxxjkt7kUbFkMHQ82CJgzWbKv48aSw&site=native-push-mainstream&price=0.00165&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&cpa=398d1aa6-53b0-445b-a89d-86ea80b69f35&pattern1=59&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=androidWhatsAppCompact-view-t_r-body Requested by Host: lintoq.com URL: https://lintoq.com/view/YgPPT0rDtN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://lintoq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 21:45:25 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	1x1.png Show response cdn.1vag.com/ Frame 77B3 Redirect Chain https://rtbrenab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MCwic3BhY2VpZCI6MCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiY... https://rtbrenab.com/banner/in/show/?mid=4080263265386708468&pid=0&site=12105&sc=DE&usage_type=DCH&subid=516016873&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&... https://btds.zog.link/in/912/?sid=12105&source=516016873&idzone=0&w=1&h=1&mo=&ve=&site_id=12105&utm1=&utm2=&utm3=&utm4=&ad_tags=View%2CLinks%2CLinToq%2CLintoq%2Cpaste%2Cearn%2Cpaste%2Cn%2Cearn%2Cli... https://cdn.1vag.com/1x1.png	68 B 334 B	43ms 6ms	Document image/png	45.133.44.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.1vag.com/1x1.png Requested by Host: js.cabnnr.com URL: https://js.cabnnr.com/banner-admanager/build.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Referer https://lintoq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=3600 content-length 68 content-type image/png date Tue, 19 Sep 2023 21:45:27 GMT etag "5e970c67-44" expires Tue, 19 Sep 2023 22:45:27 GMT last-modified Wed, 15 Apr 2020 13:30:15 GMT server nginx/1.20.1 x-proxy-cache HIT x-request-id a665828f4f47d522ee1b89fc7389f798 Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 21:45:26 GMT location https://cdn.1vag.com/1x1.png pragma no-cache server nginx/1.20.1 vary *