nitter.nixnet.services Open in urlscan Pro
2a01:4f9:3a:1f11::2  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://firsturl.de/zjH34uF Page URL
2. https://nitter.nixnet.services/search?q=%23livecasinodeutschland Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	zjH34uF Show response firsturl.de/	9 KB 3 KB	208ms 188ms	Document text/html	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firsturl.de/zjH34uF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 538e4fd40e94deb1a2ede968764898c594d38ac7bea988ce92b502023a228ccc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 08 Dec 2021 19:14:40 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyUsbtgDLMxZMqnCalDiXh0H0IaKREt%2BrHi%2FlIt2j%2BdlYSboIy8zAsCRLjXC4mDaxz%2FcLotXJ7pkHgnFsAVff6B770V004Hffx1%2FWCM0Yty9qQjMa8N0RoQmYLsS0k35u0opTCpaksYPIA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ba8516d1d7105c4-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	style.css firsturl.de/include/	2 KB 1 KB	25ms 24ms	Stylesheet text/css	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firsturl.de/include/style.css Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02fea9181433d073de2c559eeb99b916b4498124c46788b5cb9be0e692251104 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/zjH34uF User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT content-encoding br cf-cache-status HIT last-modified Thu, 26 Mar 2015 19:06:44 GMT server cloudflare age 5437 etag W/"7ec-51235b77ffd60-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIHZyVXUJaweFhniG6KH6PWSvYqEd0GUIadefIt3POrgx0PB2X1BOFPwmXc%2BxDbBAps5F2CQHz4CAsfk8EZVXhk%2BstR6%2BY4Rl0hS%2Fv%2FOrLyn0V86bOkG%2BrmdlOVr%2FtWeBLAW89CZ%2FQP55Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ba8516e687a05c4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 968 B	42ms 17ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Wed, 08 Dec 2021 19:14:41 GMT
GET H3	200	de.png firsturl.de/include/	612 B 1 KB	19ms 19ms	Image image/png	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firsturl.de/include/de.png Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6b1ee1113df9181d66452fe3899f280e9bd174ba6b3d277d6b93474e867d510 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/zjH34uF User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5437 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 612 last-modified Thu, 26 Mar 2015 19:06:42 GMT server cloudflare etag "264-51235b762d09f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn2M0V3jl%2F8iMrTnZBaqj5K2x3JIsNLRvI1fiycDsOnda6GAR3nH%2Fc6M%2BcwOf4Q%2BguqiOja4OJQntBK3g1mrqSOQACn5ITpAFdUDA4He9aRmvYtEuCmQAvKKoJDH09vhb08YUD4%2Btb2Caw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6ba8516ea8852c32-FRA
GET H3	200	en.png firsturl.de/include/	602 B 1 KB	46ms 46ms	Image image/png	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firsturl.de/include/en.png Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed6f77c097f0236a46fd7747f6665e7ae54f7ecc95e20f1b16db71affa3799d9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/zjH34uF User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5437 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 602 last-modified Thu, 26 Mar 2015 19:06:43 GMT server cloudflare etag "25a-51235b765dddf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBHKkIpT%2Bth4etvF4MucyWD7FjYQysroeCi90OEIEFql0gKTWbgoGCkkFzobZ2iieBUAT5leyv4IIc0mCka0DQ07HbD3gnn%2B0d0wQzmpq%2FUmfQGNjjuSJwHDpo2vq8ooTJiYxjfpFshILQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6ba8516ea88e2c32-FRA
GET H3	200	cookie-consent.js Show response firsturl.de/include/	108 KB 29 KB	61ms 60ms	Script application/javascript	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firsturl.de/include/cookie-consent.js Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c36672734eb354012ec579c10e879ecf0e25dbcb2c0281bad87a94ed332698d4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/zjH34uF User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT content-encoding br cf-cache-status HIT last-modified Fri, 08 Nov 2019 09:47:53 GMT server cloudflare age 3116 etag W/"1afe1-596d2ad01c9a8-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVarr6tR3P23J6%2F56isPyE7ARXVGeR6brD4lGXeIi4o576qdb67BqAK4OsOqvuBjSdCdzVucSWyYeD9VP2L1d7B3fEtTAnfktQ7RZ1rjN57YwILL%2BNb%2BGUGzJ7LzF9DCWve7YS8XORrs8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ba8516e88482c32-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	print.css firsturl.de/include/	265 B 784 B	16ms 16ms	Stylesheet text/css	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firsturl.de/include/print.css Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04c6b2d6f35c6fec594184f59a019a1611c7f179e94abb1535d11e4368ed5f29 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/zjH34uF User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT content-encoding br cf-cache-status HIT last-modified Thu, 26 Mar 2015 19:06:44 GMT server cloudflare age 5437 etag W/"109-51235b77ce080-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6bqKhTBMfrBN1gORuBQXI9c22m5XOqEdJqBA26c8hRFQncfpxcJkE1ybzG0Pd41JGAVOkjl%2FAlRJgWejrtPuWQ5saWa%2BXE9a8Q6RbXD3aBSdWG%2BEwwbcaa9PCRp%2BARqEjSW4ryk6%2FFptQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ba8516ea8932c32-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/	347 KB 136 KB	33ms 10ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://firsturl.de/ Origin https://firsturl.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 15:26:55 GMT content-encoding gzip x-content-type-options nosniff age 13666 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138691 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Thu, 08 Dec 2022 15:26:55 GMT
GET H3	200	bg.png firsturl.de/include/	205 B 794 B	45ms 45ms	Image image/png	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firsturl.de/include/bg.png Requested by Host: firsturl.de URL: https://firsturl.de/include/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 196dbd9bbb848910c88bc9a19a3bcc85fb3d97ae6d673a77f37a6ecbf398c868 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/include/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5436 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 205 last-modified Thu, 26 Mar 2015 19:06:42 GMT server cloudflare etag "cd-51235b75f753e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h54uh%2BbcZQBJOT8xZU8SvIGBq0eP6kPsXv%2BBDULe9k1E0rKT9j5Due%2B8iKdzlWB9UDGoo%2FC4udGNaUpGuyrU5Rel54mZiY1%2Fg2ykzgGBgMXldg0VlIQTcsLeZcxH3pwbD2Z82LgpePGcxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6ba8516ea8962c32-FRA
GET H3	200	header.png firsturl.de/include/	126 KB 127 KB	17ms 17ms	Image image/png	2606:4700:3037::ac43:ac1d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firsturl.de/include/header.png Requested by Host: firsturl.de URL: https://firsturl.de/include/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ac1d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d81c5fe0ec47980392218e611e2a8aa6f6046554387b40e0096acfad7d544651 Request headers Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/include/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5436 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 128878 last-modified Thu, 26 Mar 2015 19:06:43 GMT server cloudflare etag "1f76e-51235b773c85f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MXpUhgFiYKimT2t8S5vF8rEjV3XG7X4eLt%2FYPTGQiPlwBaAjxVm6BRi52iAPwLYhbs54Vylvf922Fu6Y4pmcJ6bRizpCQ4pUdZ%2FDl5BuKHEr2gKlBvPyCGiTBCUbhan1dmODRy%2BOSICIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6ba8516ea8972c32-FRA
GET H2	200	Primary Request search Show response nitter.nixnet.services/	15 KB 3 KB	467ms 335ms	Document text/html	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nitter.nixnet.services/search?q=%23livecasinodeutschland Requested by Host: firsturl.de URL: https://firsturl.de/zjH34uF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy Caddy / Resource Hash 604d17c946f44c9bbef120c84e74f91054566f520c53a7f584b13169f0938229 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://firsturl.de/ Response headers content-encoding gzip content-type text/html;charset=utf-8 date Wed, 08 Dec 2021 19:14:41 GMT onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/search server Caddy Caddy vary Accept-Encoding
GET H2	200	style.css nitter.nixnet.services/css/	31 KB 7 KB	48ms 47ms	Stylesheet text/css	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nitter.nixnet.services/css/style.css?v=3 Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 511554b0e23199b5413ead9b9dd45aef171d991a3672349601101ba833e042b7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT content-encoding gzip server Caddy, Caddy etag c0cc85aff52e85589d1ffa66c1cea283 vary Accept-Encoding onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/css/style.css content-type text/css
GET H2	200	fontello.css nitter.nixnet.services/css/	2 KB 845 B	29ms 28ms	Stylesheet text/css	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nitter.nixnet.services/css/fontello.css?v=2 Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 034330e72245a1e2b9b7cb28fc4e397e71a40bcf98964be24bead349bf136253 Request headers Accept-Language de-DE,de;q=0.9 Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT content-encoding gzip server Caddy, Caddy etag 58d3c079db712ee2dc99678a3ded4d98 vary Accept-Encoding onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/css/fontello.css content-type text/css content-length 723
GET H2	200	nitter.css nitter.nixnet.services/css/themes/	39 B 168 B	28ms 28ms	Stylesheet text/css	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nitter.nixnet.services/css/themes/nitter.css Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 4ba307f68a0bbcd1792a159b6821c01659c39f58c00bb1f2e81c13c8ffc722cb Request headers Accept-Language de-DE,de;q=0.9 Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT server Caddy, Caddy etag d4b9b0f8114d45d5dce715a6ec2e820c content-length 39 onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/css/themes/nitter.css content-type text/css
GET H2	200	fontello.woff2 nitter.nixnet.services/fonts/	5 KB 5 KB	28ms 27ms	Font font/woff2	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nitter.nixnet.services/fonts/fontello.woff2?21002321 Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 554419ffc747f420efc1cbd2ac6bd9c31253fce1f04c0890111e3592645ac57b Request headers Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland Origin https://nitter.nixnet.services Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT server Caddy, Caddy etag c7c6d67a9322dcab85f7214751ad977a content-length 4772 onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/fonts/fontello.woff2 content-type font/woff2
GET H2	200	logo.png nitter.nixnet.services/	2 KB 2 KB	28ms 28ms	Image image/png	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://nitter.nixnet.services/logo.png Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 5aac726182d2d8e9f49c79aab98fca87326e5cfdcdc23280c3808b5b588c83fa Request headers Accept-Language de-DE,de;q=0.9 Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT server Caddy, Caddy etag 648f414843409c1ec27b4888bdb3ac11 content-length 1865 onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/logo.png content-type image/png
GET H2	200	profile_images%2F1136396122526629888%2F2WwF3q0z_bigger.png nitter.nixnet.services/pic/	10 KB 10 KB	56ms 55ms	Image image/png	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://nitter.nixnet.services/pic/profile_images%2F1136396122526629888%2F2WwF3q0z_bigger.png Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 6e796cf67181bf52cbadc2d3870e9b51e2ae5e67615d06c33041b4664c648b5a Request headers Accept-Language de-DE,de;q=0.9 Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT cache-control max-age=604800 server Caddy, Caddy etag 632894461 content-length 10271 onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/pic/profile_images/1136396122526629888/2WwF3q0z_bigger.png content-type image/png
GET H2	200	card_img%2F1468061627396378633%2FnAw4VQ4C%3Fformat%3Djpg%26name%3D420x420_2 nitter.nixnet.services/pic/	22 KB 23 KB	64ms 64ms	Image image/jpeg	2a01:4f9:3a:1f11::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://nitter.nixnet.services/pic/card_img%2F1468061627396378633%2FnAw4VQ4C%3Fformat%3Djpg%26name%3D420x420_2 Requested by Host: nitter.nixnet.services URL: https://nitter.nixnet.services/search?q=%23livecasinodeutschland Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:3a:1f11::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Caddy, Caddy / Resource Hash 1bcf52ac8e2b9c566b169793dc3f3bc4e450e8a7de3177daaf57bdf062a947e8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://nitter.nixnet.services/search?q=%23livecasinodeutschland User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 19:14:41 GMT cache-control max-age=604800 server Caddy, Caddy etag 1960924779 content-length 22962 onion-location http://fyrq36pxze2sb3wiiwqw5v5wrc2b4f4kdjrdarml2mjrcn4oywivdlid.onion/pic/card_img/1468061627396378633/nAw4VQ4C?format=jpg&name=420x420_2 content-type image/jpeg
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			firsturl.de/	1970-01-20 00:45:47	Name: cookie_consent_level Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firsturl.de
nitter.nixnet.services
www.google.com
www.gstatic.com
2606:4700:3037::ac43:ac1d
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a01:4f9:3a:1f11::2
02fea9181433d073de2c559eeb99b916b4498124c46788b5cb9be0e692251104
034330e72245a1e2b9b7cb28fc4e397e71a40bcf98964be24bead349bf136253
04c6b2d6f35c6fec594184f59a019a1611c7f179e94abb1535d11e4368ed5f29
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
196dbd9bbb848910c88bc9a19a3bcc85fb3d97ae6d673a77f37a6ecbf398c868
1bcf52ac8e2b9c566b169793dc3f3bc4e450e8a7de3177daaf57bdf062a947e8
4ba307f68a0bbcd1792a159b6821c01659c39f58c00bb1f2e81c13c8ffc722cb
511554b0e23199b5413ead9b9dd45aef171d991a3672349601101ba833e042b7
538e4fd40e94deb1a2ede968764898c594d38ac7bea988ce92b502023a228ccc
554419ffc747f420efc1cbd2ac6bd9c31253fce1f04c0890111e3592645ac57b
5aac726182d2d8e9f49c79aab98fca87326e5cfdcdc23280c3808b5b588c83fa
604d17c946f44c9bbef120c84e74f91054566f520c53a7f584b13169f0938229
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6e796cf67181bf52cbadc2d3870e9b51e2ae5e67615d06c33041b4664c648b5a
c36672734eb354012ec579c10e879ecf0e25dbcb2c0281bad87a94ed332698d4
d6b1ee1113df9181d66452fe3899f280e9bd174ba6b3d277d6b93474e867d510
d81c5fe0ec47980392218e611e2a8aa6f6046554387b40e0096acfad7d544651
ed6f77c097f0236a46fd7747f6665e7ae54f7ecc95e20f1b16db71affa3799d9
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67