Submitted URL: http://www.rohrkopf.de/impressum.html
Effective URL: https://www.rohrkopf.de/impressum.html
Submission: On September 21 via manual from DE — Scanned from DE

Summary

This website contacted 20 IPs in 7 countries across 21 domains to perform 55 HTTP transactions. The main IP is 85.13.161.133, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.rohrkopf.de.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.
This is the only time www.rohrkopf.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 85.13.161.133 34788 (NMM-AS D)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a01:4f9:4b:1... 24940 (HETZNER-AS)
4 195.201.169.184 24940 (HETZNER-AS)
1 2 2a01:4f8:10b:... 24940 (HETZNER-AS)
2 2a01:4f8:212:... 24940 (HETZNER-AS)
2 94.130.9.175 24940 (HETZNER-AS)
2 148.251.1.246 24940 (HETZNER-AS)
1 1 52.214.100.223 16509 (AMAZON-02)
1 178.33.221.216 16276 (OVH)
1 1 2a01:4f8:c17:... 24940 (HETZNER-AS)
1 85.10.246.93 24940 (HETZNER-AS)
1 107.189.11.145 53667 (PONYNET)
1 107.189.31.238 53667 (PONYNET)
1 162.19.154.224 16276 (OVH)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3.11.195.34 16509 (AMAZON-02)
1 18.66.147.52 16509 (AMAZON-02)
3 18.66.147.89 16509 (AMAZON-02)
6 18.135.86.50 16509 (AMAZON-02)
55 20
Apex Domain
Subdomains
Transfer
12 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2111
as.ad4m.at — Cisco Umbrella Rank: 27692
assets.ad4m.at — Cisco Umbrella Rank: 34810
643 KB
7 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 23027
api.webgains.io — Cisco Umbrella Rank: 59421
86 KB
6 rohrkopf.de
www.rohrkopf.de
49 KB
4 cdnplus.de
ref.cdnplus.de — Cisco Umbrella Rank: 390735
lux-c128.cdnplus.de — Cisco Umbrella Rank: 935737
de-c114.cdnplus.de — Cisco Umbrella Rank: 479397
39 KB
4 fastcounter.de
www.fastcounter.de — Cisco Umbrella Rank: 402218
2 KB
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591
96 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48798
6 KB
3 zuppelzockt.com
zuppelzockt.com — Cisco Umbrella Rank: 704404
2 KB
2 openstream.co
listen.openstream.co — Cisco Umbrella Rank: 410911
str3.openstream.co — Cisco Umbrella Rank: 858755
455 B
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 38459
static.a-ads.com — Cisco Umbrella Rank: 52686
615 KB
2 hubu.link
tool.hubu.link — Cisco Umbrella Rank: 782532
25 KB
1 misaglam.com
deli.misaglam.com — Cisco Umbrella Rank: 753892
444 B
1 aninter.net
thisis.aninter.net — Cisco Umbrella Rank: 474317
171 B
1 wongsong.cn
vip.wongsong.cn — Cisco Umbrella Rank: 688103
1 radiohost.de
radioearn-stream24.radiohost.de
1 radioearn.com
listen.radioearn.com — Cisco Umbrella Rank: 904551
656 B
1 s5qj82thv3dw.de
s5qj82thv3dw.de — Cisco Umbrella Rank: 809392
1018 B
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
ajax.googleapis.com Failed
fonts.googleapis.com — Cisco Umbrella Rank: 40
1 KB
0 instabooster.pro Failed
www.instabooster.pro Failed
0 rohrex.de Failed
www.rohrex.de Failed
55 21
Domain Requested by
6 api.webgains.io analytics.webgains.io
6 assets.ad4m.at as.ad4m.at
6 www.rohrkopf.de 1 redirects www.rohrkopf.de
4 ad4m.at deli.misaglam.com
ad4m.at
4 www.fastcounter.de www.rohrkopf.de
www.fastcounter.de
3 cdn.track.production.webgains.team as.ad4m.at
3 track.webgains.com as.ad4m.at
3 zuppelzockt.com www.fastcounter.de
zuppelzockt.com
2 as.ad4m.at ad4m.at
as.ad4m.at
2 ref.cdnplus.de s5qj82thv3dw.de
ref.cdnplus.de
2 tool.hubu.link www.rohrkopf.de
tool.hubu.link
1 analytics.webgains.io track.webgains.com
1 static.a-ads.com ad.a-ads.com
1 deli.misaglam.com zuppelzockt.com
1 de-c114.cdnplus.de www.fastcounter.de
1 thisis.aninter.net 1 redirects
1 vip.wongsong.cn www.fastcounter.de
1 lux-c128.cdnplus.de www.fastcounter.de
1 radioearn-stream24.radiohost.de www.fastcounter.de
1 listen.radioearn.com 1 redirects
1 str3.openstream.co www.fastcounter.de
1 listen.openstream.co 1 redirects
1 ad.a-ads.com s5qj82thv3dw.de
1 s5qj82thv3dw.de www.fastcounter.de
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.rohrkopf.de
0 www.instabooster.pro Failed s5qj82thv3dw.de
0 www.rohrex.de Failed www.rohrkopf.de
0 ajax.googleapis.com Failed www.rohrkopf.de
55 29

This site contains links to these domains. Also see Links.

Domain
creativecommons.org
Subject Issuer Validity Valid
rohrkopf.de
R3
2022-08-02 -
2022-10-31
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
www.fastcounter.de
R3
2022-08-18 -
2022-11-16
3 months crt.sh
zuppelzockt.com
R3
2022-09-13 -
2022-12-12
3 months crt.sh
s5qj82thv3dw.de
R3
2022-08-30 -
2022-11-28
3 months crt.sh
tool.hubu.link
R3
2022-09-19 -
2022-12-18
3 months crt.sh
ref.cdnplus.de
R3
2022-08-30 -
2022-11-28
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2021-12-08 -
2023-01-08
a year crt.sh
lux-c128.cdnplus.de
R3
2022-08-12 -
2022-11-10
3 months crt.sh
vip.wongsong.cn
R3
2022-07-26 -
2022-10-24
3 months crt.sh
deli.misaglam.com
R3
2022-08-23 -
2022-11-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-07 -
2023-06-06
a year crt.sh
*.webgains.com
Amazon
2022-06-14 -
2023-07-13
a year crt.sh
*.webgains.io
Amazon
2022-08-23 -
2023-09-21
a year crt.sh
cdn.track.production.webgains.team
Amazon
2022-08-08 -
2023-09-06
a year crt.sh

This page contains 10 frames:

Primary Page: https://www.rohrkopf.de/impressum.html
Frame ID: 5F6D31FF69A158F0CFB09CFB547887C2
Requests: 12 HTTP requests in this frame

Frame: https://www.fastcounter.de/b.php
Frame ID: 3AC6E3088E3F5B3C501890DDAC1E4E33
Requests: 10 HTTP requests in this frame

Frame: https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Frame ID: 4ACF5B5ACC32210D8F81F26C28327109
Requests: 1 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: 672823146E3138B1588E873A4FEFE245
Requests: 2 HTTP requests in this frame

Frame: https://www.instabooster.pro/
Frame ID: 4F43EA4AAEF2D483C1C80F2C24E22884
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: 2549AA88A64944AF46E4DE366DF79D00
Requests: 2 HTTP requests in this frame

Frame: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Frame ID: 9FD118F81C98CE4152667A1677E36D2E
Requests: 1 HTTP requests in this frame

Frame: https://deli.misaglam.com/influ/6.html
Frame ID: F48C4706B558D9E16BD1E24408B9064B
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7CAB7CBD657C840BEE26602F065E225A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Frame ID: 0AE945C575FC611A57A10CDD88B0183A
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Rohrreinigungs Vermittlung | Impressum (Anbieterkennzeichnung)

Page URL History Show full URLs

  1. http://www.rohrkopf.de/impressum.html HTTP 301
    https://www.rohrkopf.de/impressum.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

89 %
HTTPS

33 %
IPv6

21
Domains

29
Subdomains

20
IPs

7
Countries

1576 kB
Transfer

2440 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.rohrkopf.de/impressum.html HTTP 301
    https://www.rohrkopf.de/impressum.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.blyatflix.de/nora/?t=1663753888 HTTP 302
  • https://www.instabooster.pro/
Request Chain 19
  • https://listen.openstream.co/6262/audio HTTP 302
  • https://str3.openstream.co/1247?aw_0_1st.collectionid%3D6262%26stationId%3D6262%26publisherId%3D1271%26k%3D1663753888%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%2C%22FR%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Top40%5C%2FHits+-+Pop%22%2C%22Rock%22%2C%22News%22%5D
Request Chain 20
  • https://listen.radioearn.com/radioearn-dance/mp3-128 HTTP 302
  • https://radioearn-stream24.radiohost.de/radioearn-dance_mp3-128
Request Chain 23
  • https://thisis.aninter.net/ HTTP 302
  • https://de-c114.cdnplus.de/antibot.mp3

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request impressum.html
www.rohrkopf.de/
Redirect Chain
  • http://www.rohrkopf.de/impressum.html
  • https://www.rohrkopf.de/impressum.html
9 KB
3 KB
Document
General
Full URL
https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
67e49f83ef6c4e47d66c8f1339d1cdb8c1204b62b116267b4874afb3142cebe7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html
date
Wed, 21 Sep 2022 09:51:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
246
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 21 Sep 2022 09:51:27 GMT
Keep-Alive
timeout=2, max=1000
Location
https://www.rohrkopf.de/impressum.html
Server
Apache
style.css
www.rohrkopf.de/
21 KB
5 KB
Stylesheet
General
Full URL
https://www.rohrkopf.de/style.css
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
c48acea38c6404ad95e7a8ff30e719a0f1fa8690b4abc4e78b5750907881f361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/impressum.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:27 GMT
content-encoding
br
last-modified
Mon, 28 May 2018 15:02:06 GMT
server
Apache
etag
"53d1-56d4566b2d049-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
4504
expires
Wed, 28 Sep 2022 09:51:27 GMT
klempner-service.jpg
www.rohrkopf.de/img/
38 KB
38 KB
Image
General
Full URL
https://www.rohrkopf.de/img/klempner-service.jpg
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
831b30b60bc7a350910382e3c3ffe2259a1fa5deb49b0500e2db51938a6ee74f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/impressum.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:27 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
etag
"96e8-56d4566ee3333"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
38632
expires
Wed, 28 Sep 2022 09:51:27 GMT
main.js
www.rohrkopf.de/js/
3 KB
1 KB
Script
General
Full URL
https://www.rohrkopf.de/js/main.js
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
a1974d6b97c684387f83b6ec14b0ba4e61acc8fab0d23696b9d62b2420fca4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/impressum.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:27 GMT
content-encoding
br
last-modified
Mon, 28 May 2018 15:02:14 GMT
server
Apache
etag
"dfd-56d456723c9c3-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1242
expires
Wed, 28 Sep 2022 09:51:27 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
0
0

css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:30:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 21 Sep 2022 09:51:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Sep 2022 09:51:28 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rohrkopf.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 05:41:25 GMT
x-content-type-options
nosniff
age
533403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 05:41:25 GMT
flaticon.woff
www.rohrkopf.de/font/
1 KB
1 KB
Font
General
Full URL
https://www.rohrkopf.de/font/flaticon.woff
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
1f5ff409b6fef6cb00a33cd2314536ac300e7d0eac9692707d9deb5e6df44016

Request headers

Referer
https://www.rohrkopf.de/style.css
Origin
https://www.rohrkopf.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"490-56d4566e6a1ba"
content-length
1168
content-type
font/woff
api.php
www.rohrex.de/
0
0

fcount.php
www.fastcounter.de/
1 KB
647 B
Script
General
Full URL
https://www.fastcounter.de/fcount.php?rnd=70843209690
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
69c9534a930be87ec33642d7f15c5b25b77f84304debca63a48bf45d769fc73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:51:28 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx/1.18.0
content-encoding
gzip
content-type
text/html; charset=UTF-8
fcounter.php
www.fastcounter.de/
851 B
933 B
Script
General
Full URL
https://www.fastcounter.de/fcounter.php?test=1&rnd=91869757&s=trans&id=7&l=en-US&u=&w=1600&h=1200
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcount.php?rnd=70843209690
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f6e95d01ff8b7193fc073bd4a39439318ebbe3c73089e46f775ca29a3ced1476

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx/1.18.0
content-length
851
content-type
text/javascript;charset=UTF-8
b.php
www.fastcounter.de/ Frame 3AC6
372 B
363 B
Document
General
Full URL
https://www.fastcounter.de/b.php
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=91869757&s=trans&id=7&l=en-US&u=&w=1600&h=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1e1765425bf31c0785495522edde2337cae8158430848fd49114aab1253eecde

Request headers

Referer
https://www.rohrkopf.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx/1.18.0
fastcounter-banner-blue.gif
www.fastcounter.de/CIncludes/img/
167 B
292 B
Image
General
Full URL
https://www.fastcounter.de/CIncludes/img/fastcounter-banner-blue.gif
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
last-modified
Tue, 09 Sep 2014 14:37:31 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"540f10ab-a7"
content-length
167
content-type
image/gif
jquery.php
zuppelzockt.com/ Frame 3AC6
756 B
636 B
Script
General
Full URL
https://zuppelzockt.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
1251712f44660a51792f50bcbf799d25bfefee0fff3957aaeecbc81e95553194
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 21 Sep 2022 09:51:28 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
jw.js
s5qj82thv3dw.de/ Frame 3AC6
4 KB
1018 B
Script
General
Full URL
https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
2dff3833a243afb438eccc333a7f514000da47594f9b4c7716a55e40a04ccd79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/javascript;charset=utf-8
b2.php
zuppelzockt.com/ Frame 4ACF
692 B
575 B
Document
General
Full URL
https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9b4e21734188f38fcdbd418ac5180dda4fb59dd4a1b1df1538ad77970f68ba55
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
matomo.js
tool.hubu.link/ Frame 3AC6
66 KB
25 KB
Script
General
Full URL
https://tool.hubu.link/matomo.js
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/impressum.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 00:09:31 GMT
server
nginx
etag
W/"62ec5fbb-107b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Sep 2023 09:51:28 GMT
/
ref.cdnplus.de/ Frame 6728
805 B
762 B
Document
General
Full URL
https://ref.cdnplus.de/
Requested by
Host: s5qj82thv3dw.de
URL: https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f749becd6d1ab0c2f95c33e738746cfe541e235ec7bd8a724c0cb5a7d2eaf326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
www.instabooster.pro/ Frame 4F43
Redirect Chain
  • https://c.blyatflix.de/nora/?t=1663753888
  • https://www.instabooster.pro/
0
0

1616084
ad.a-ads.com/ Frame 2549
12 KB
5 KB
Document
General
Full URL
https://ad.a-ads.com/1616084?size=300x250
Requested by
Host: s5qj82thv3dw.de
URL: https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
e53963fbc3f8980d3bc594891ecb121a2a122897a8fa92c0fa9e3c88485932e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
1247
str3.openstream.co/ Frame 3AC6
Redirect Chain
  • https://listen.openstream.co/6262/audio
  • https://str3.openstream.co/1247?aw_0_1st.collectionid%3D6262%26stationId%3D6262%26publisherId%3D1271%26k%3D1663753888%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%2C%22FR%22%5D%26aw_0_azn.planguage...
128 KB
0
Media
General
Full URL
https://str3.openstream.co/1247?aw_0_1st.collectionid%3D6262%26stationId%3D6262%26publisherId%3D1271%26k%3D1663753888%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%2C%22FR%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Top40%5C%2FHits+-+Pop%22%2C%22Rock%22%2C%22News%22%5D
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
178.33.221.216 , France, ASN16276 (OVH, FR),
Reverse DNS
ip216.ip-178-33-221.eu
Software
Icecast 2.3.3 kh11 8.4.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

icy-genre
Misc
Pragma
no-cache
icy-name
Hubu.FM - Radio Hunteburg
Server
Icecast 2.3.3 kh11 8.4.0
icy-br
128
icy-url
https://hubu.fm
Instance-id
ae1885a71d379d6bc9758c94ebbf1513
Cache-Control
no-cache
icy-pub
1
Connection
close
Content-Type
audio/mpeg
icy-metaint
0
icy-description
24/7 beste Musik, Nachrichten, Wetter, Sport und vieles mehr! Dabei auch noch werbefrei.
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 21 Sep 2022 09:51:28 GMT
server
Apache/2.4.38 (Debian)
os-server-ip
172.17.0.2
access-control-allow-origin
*
location
https://str3.openstream.co/1247?aw_0_1st.collectionid%3D6262%26stationId%3D6262%26publisherId%3D1271%26k%3D1663753888%26aw_0_azn.pcountry%3D%5B%22DE%22%2C%22US%22%2C%22FR%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Top40%5C%2FHits+-+Pop%22%2C%22Rock%22%2C%22News%22%5D
x-powered-by
PHP/7.4.23
access-control-max-age
1000
content-type
text/html; charset=UTF-8
os-server-name
listen.openstream.co
os-server-id
ecs-ec2
access-control-allow-headers
*
content-length
0
radioearn-dance_mp3-128
radioearn-stream24.radiohost.de/ Frame 3AC6
Redirect Chain
  • https://listen.radioearn.com/radioearn-dance/mp3-128
  • https://radioearn-stream24.radiohost.de/radioearn-dance_mp3-128?
112 KB
0
Media
General
Full URL
https://radioearn-stream24.radiohost.de/radioearn-dance_mp3-128?
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
85.10.246.93 Durrlauingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
radioearn-stream24.radiohost.de
Software
Radiohost.de - radioearn-stream24.radiohost.de 9.0.7 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

icy-url
icy-name
radioearn-dance
icy-description
Unspecified description
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Instance-id
e2ea0c2bee98bf5ec8473aa332e128fa
Connection
close
Cache-Control
no-cache
X-Loudness
-16.005267
Pragma
no-cache
Server
Radiohost.de - radioearn-stream24.radiohost.de 9.0.7
icy-br
128
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
icy-genre
various
icy-pub
0
icy-audio-info
channels=2;samplerate=44100;bitrate=128
icy-metaint
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Sep 2022 09:51:28 GMT
Server
nginx/1.14.2
Location
https://radioearn-stream24.radiohost.de/radioearn-dance_mp3-128?
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sun, 01 Jan 2014 00:00:00 GMT
;0.mp3
lux-c128.cdnplus.de/ Frame 3AC6
130 KB
0
Media
General
Full URL
https://lux-c128.cdnplus.de:8700/;0.mp3
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.189.11.145 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
h128.hubuhost.com
Software
/
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

icy-name
BLACKBEATS.FM RADIO - Finest Black Music
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-vbr
1
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
http://blackbeats.fm
Access-Control-Allow-Origin
*
icy-genre
Black, RnB, Hip-Hop
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0
stream-mp3-WongSong
vip.wongsong.cn/proxy/wongsong/ Frame 3AC6
140 KB
0
Media
General
Full URL
https://vip.wongsong.cn/proxy/wongsong/stream-mp3-WongSong
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
107.189.31.238 Luxembourg, Luxembourg, ASN53667 (PONYNET, US),
Reverse DNS
h132.hubuhost.com
Software
cc-web/1.6.3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

icy-genre
Pop
Date
Wed, 21 Sep 2022 09:51:29 GMT
icy-name
WongSong.cn - Music of China
Transfer-Encoding
chunked
icy-url
https://wongsong.cn
Connection
keep-alive
Server
cc-web/1.6.3
icy-br
128
Access-Control-Allow-Methods
GET, OPTIONS, SOURCE, PUT, HEAD, STATS
Content-Type
audio/mpeg
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
icy-pub
1
icy-description
We bring Asian Flavour to Western World.
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Icy-MetaData
Expires
Mon, 26 Jul 1997 05:00:00 GMT
antibot.mp3
de-c114.cdnplus.de/ Frame 3AC6
Redirect Chain
  • https://thisis.aninter.net/
  • https://de-c114.cdnplus.de/antibot.mp3
129 KB
0
Media
General
Full URL
https://de-c114.cdnplus.de/antibot.mp3
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS
de-c114.cdnplus.de
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

icy-name
Hubu.FM | Radio Hunteburg
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
https://hubu.fm
Access-Control-Allow-Origin
*
icy-genre
Misc, News
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location
https://de-c114.cdnplus.de/antibot.mp3
date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
in4.php
zuppelzockt.com/ Frame 9FD1
242 B
338 B
Document
General
Full URL
https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a2fa93e8864fbad319eacd4accb04be2e3de083db30dbb745c93c2ae271feef7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:51:28 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
6.html
deli.misaglam.com/influ/ Frame F48C
356 B
444 B
Document
General
Full URL
https://deli.misaglam.com/influ/6.html
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 21 Sep 2022 09:51:28 GMT
etag
W/"631276db-164"
last-modified
Fri, 02 Sep 2022 21:34:19 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
jquery.min.js
ref.cdnplus.de/ Frame 6728
94 KB
38 KB
Script
General
Full URL
https://ref.cdnplus.de/jquery.min.js
Requested by
Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ref.cdnplus.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:16:34 GMT
server
nginx
etag
W/"628f8bc2-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Wed, 28 Sep 2022 09:51:28 GMT
matomo.php
tool.hubu.link/ Frame 3AC6
0
203 B
Ping
General
Full URL
https://tool.hubu.link/matomo.php?action_name=&idsite=gkGPrbPlw0OD&rec=1&r=788081&h=9&m=51&s=28&url=https%3A%2F%2Fwww.fastcounter.de%2Fb.php&urlref=https%3A%2F%2Fwww.rohrkopf.de%2F&_id=&_idn=1&send_image=0&_refts=1663753889&_ref=https%3A%2F%2Fwww.rohrkopf.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=vxKlEZ&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=0&pf_srv=143&pf_tfr=1&pf_dm1=173
Requested by
Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.fastcounter.de
date
Wed, 21 Sep 2022 09:51:28 GMT
content-encoding
none
access-control-allow-credentials
true
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
300x250
static.a-ads.com/a-ads-banners/393795/ Frame 2549
609 KB
610 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx /
Resource Hash
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
last-modified
Tue, 31 May 2022 13:40:41 GMT
server
nginx
x-amz-request-id
T1GA9YA446YD5M4W
etag
"022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
623504
accept-ranges
bytes
x-amz-version-id
FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
x-amz-id-2
UWYDUhamAoyKJ1EwIPXO82rQ4rbkK2K4mBPZ8zA2nSlGzX6UMdWZ+lYh9VpFs9yKjEBjxTG16DI=
expires
Thu, 31 Dec 2037 23:55:55 GMT
wgpizbdq.js
ad4m.at/ Frame F48C
36 KB
13 KB
Script
General
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: deli.misaglam.com
URL: https://deli.misaglam.com/influ/6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deli.misaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83145
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:47 GMT
server
cloudflare
etag
W/"ac60ade5ed7352595cc3030edbc5e415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGl7RGv%2Bg6APGoFRNR06haTNyAQYhOw0ca9FeSCLRNHgkfbXJ9Gqe9yxyogtmzv7dYqj8GlqgHT8R%2BcMjWlcDofnAemMGiui5cAVcODO5dj6jzH6G4jhFHKdRd9CMfovhLczAa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74e1e70dab58bb19-MXP
expires
Tue, 13 Sep 2022 11:30:11 GMT
frame.html
ad4m.at/ Frame 7CAB
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2295978
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74e1e70efea6bb19-MXP
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 09:51:29 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llPRMCNxWQYm7KjxR5OAC%2FPdvBTbNk%2BI61XB8e%2BZoAqPjFqWdPggZcPSmC5cqvMsJEBT9H4lRnbCnMCdB%2BmyBFB90qQi86JrcEAF%2F4v4v8X3LFII0%2FOvoKQWc8eroy%2F4JUC9DfY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame F48C
474 B
853 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e00ac16b4dedd6b92446656c2b1f24de1f9facda26d514f88c287a0f6fdd20

Request headers

Referer
https://deli.misaglam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74e1e70fea555a31-MXP
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2WsJ7OgfI8uTArSjiV0YPZaQU1iYeSsO59gdrup%2B9aXryUtUiRVT3rZAlHIZhCWpGG%2Frax9DYyxPqoFQVtGdvhWEWds%2BvoA2pmXaTUef5JFuut4Z9uuhTzzHtMbNuNxsu4Gcxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://deli.misaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deli.misaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://deli.misaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74e1e70f897d5a31-MXP
content-length
24
content-type
text/plain
date
Wed, 21 Sep 2022 09:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DISv5e3zkozcPFv3W0bbTI4xpwT%2BvhHZdrY0WGqCvaydpw0TpRsm%2B1gdnuorXZZ512m7MewzaSy27G5wux1MG21B%2F%2BIprPyg39vQY%2F5EPh%2BxzsRRMlWsha5YHHPAnCnQeiIPcHY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rar
as.ad4m.at/ad/ Frame 0AE9
8 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec67bd372382ebed1a40b5148dcab06498e60772f1f210d780c50ae46a64fe4c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74e1e7107a3cbb19-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 09:51:29 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 0AE9
85 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
761653
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74e1e710e817ba9d-MXP
cf-bgj
minify
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 0AE9
26 KB
26 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469688
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26236
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ4LAqhN%2FPgV38QoUQZpb7TA9E%2F5Q0ZxFwUWcTBpT3wnYNE6t2%2BUGXcm37F4b2WlxJu6RCgJdtqRGe9uMg7DzAauMOKECXKaYTpJ4zzfaXSyfo%2FDOtMSe5%2F7VpUvg5nuz1YRXWOKcWKdqpRm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:51:29 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1e710fb62bb19-MXP
cf-bgj
imgq:85,h2pri
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 0AE9
54 KB
55 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469687
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55798
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0G9ynscc0iXfRCDC2uKHV1no6ejEob4Yzrlm%2F%2F9aOuy1ONK%2F95Gzl%2BykDOCb8uTi53J7YEAUYXjepS7BFKcXEhbNkm%2B09ARH18xqTjM6UslCN8WCl7VIv2jaaIKE%2FYGiweYi7xNzS%2Bk2ZEw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:51:29 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1e710fb68bb19-MXP
cf-bgj
imgq:85,h2pri
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame 0AE9
33 KB
33 KB
Image
General
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1700521
cf-polished
origFmt=png, origSize=48887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33666
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhcbIjvaRgAGPdbgsygvAMgKo9pgBEWfEnXD%2BDr9%2Fs1rz2Lg88%2Bwr5dEBWSax0fix7TW4f%2BP0S%2BWDmseuVMq1o2jdYh8P4jQw16G4SwvJoy72M4KIXyKrEHC2VHx1Qe7qQv4OZCUFTy0G5xC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:51:29 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1e710fb64bb19-MXP
cf-bgj
imgq:85,h2pri
B8FB6A32167DA26E4E474968A055593FF43C0F2954AE66BD1798EADDCF9AC0A502F9D7413CFAA5E7E5809133DC210348B7DFA8E57B3C10CD8B0F8FAED993BB11
assets.ad4m.at/product_image/ Frame 0AE9
68 KB
69 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/B8FB6A32167DA26E4E474968A055593FF43C0F2954AE66BD1798EADDCF9AC0A502F9D7413CFAA5E7E5809133DC210348B7DFA8E57B3C10CD8B0F8FAED993BB11
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fcbb378853463a4988a16d61fc995f41056c60236b8e1d4decdc9cb25c999a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1097288
cf-polished
qual=85, origFmt=jpeg, origSize=79101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70108
last-modified
Wed, 27 Jul 2022 12:23:23 GMT
server
cloudflare
etag
"58879895efe64f553dc9fa167564951f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLYFFvpgaBGxgMon2UtAgqotpx2Y%2F7D8DIgH5CEYfWYfrrJRyy4bokN7aaGJywWd6uCRGNweI3Tzglsy3sjGyl9dJDgTBG6ObbaLdviOVdTGbitdCo15letv2fE4pbcIcPaD7eBNoTIO75aF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:51:29 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1e710fb63bb19-MXP
cf-bgj
imgq:85,h2pri
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 0AE9
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2469333
cf-polished
origFmt=png, origSize=12956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7692
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yp3OelkxTJKJSY1v8SFeA0EYw3%2B%2BvncIiwtsOIcPjkoktIiYt%2FuedHzWoXoh%2Fsn0VsMP8kU%2BxoIE8H5h6qULjCtNTHuJNVksaTgsPpXVt4%2Ft%2FLdoWvr0o8fMN8ImE9WGIgU9lTfIaNvzgXTG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:51:29 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1e710fb67bb19-MXP
cf-bgj
imgq:85,h2pri
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 0AE9
422 KB
423 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2468414
cf-polished
origFmt=png, origSize=632572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432334
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HU6j3SOPARr6WShMVQ7VPhD%2Bw6Vnpyh0y3H1lGmKZz7FTJ%2B9hzB21r47KZ0EP%2BZ23DDLsjv6y5thekzT7nfhFAqjQ2OFgpWdknE%2BgyvMvzkkJm%2B80umxoH393AftwF00RoyP0CrXLBWNCyY5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:51:29 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1e710fb66bb19-MXP
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 0AE9
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kmaw3kta61rp5y1z7et4kyx9aewzzj8m2p929jkqaymxx801d46jeq2g3k7sytr4mmyt3681r6vtajhtrsxx818rg58vvs7ffvgr42hs4hem0wj1xczv91asrp2tx4fe4c0nbhdx3pyv1krrnyje3x68dtpxf85j17g1jns1h79dc3psrwxmxsbm4c44bax20t03fefa9kwqba2py4cj4pahm6g7p181pee9hk1vmw1rj3jr0v8f1nrx1a68vvjtbgywpg%26a%3D&clickref=oneidP2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcponeid__Influencer_advancedad_728x90&viewref=oneidr5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtdoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6cc2a9f98ebc7fd795284d2c4d45560c2dcaeec062932853a965a174b0c979ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
last-modified
Wed, 21 Sep 2022 09:51:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:52:29 GMT
link.html
track.webgains.com/ Frame 0AE9
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3540285&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hweera5cenjk0madzrfzayqby7pegw72bd31x908067sf92d2eztf316qg8kjryt0a6fcjhn9656dhcjjpgxps2jkpxeat85trsa2gfp84b5bpws355wrcj1c4yre6tvq6vvwhgbhgxczwt4rseyjhgwtwtxzde119zxpp529wm93fe8v7ndetc3nk7rqwq8nk8hbcfk18n23zyt454v4xfrjd7b3zra5kktr37a17v7t3yp5mvept9sha50n5ab05m678%26a%3D&clickref=oneidYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92uroneid__Influencer_advancedad_728x90&viewref=oneidxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACAoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
99662a313ed83cbca407ff635098942e5e8e7ecda3425f30245d292c490e2819

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
last-modified
Wed, 21 Sep 2022 09:51:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:52:29 GMT
link.html
track.webgains.com/ Frame 0AE9
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2aw6259z9myf9xscvctzax9bdg7tvv86hhcbxc7j4mn22q8tnfw28gepf25ar96ej5q3dkhxh8s4f85km2x2rzsw32ckbzd21kzgzr34yw3ekc4mmk3tjqws205t002jd3z05m09g4fhq8fvm473qpshbxynkzchvbyvxbmpntk0wzk8g3bz61814vt9zthq7mrscy4ghbznbr8nnkage8wb62bxgr76vwxd5aspmj51f8943bp7qmhbebtss4q5pdjhr%26a%3D&clickref=oneidW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2oneid__Influencer_advancedad_728x90&viewref=oneid3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCdoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
758f7fa00f65564e65d1645fd96b55b2c58c3d9026da2692c1d24b63d4cd83dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:51:29 GMT
last-modified
Wed, 21 Sep 2022 09:51:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:52:29 GMT
pvClk.min.js
analytics.webgains.io/ Frame 0AE9
85 KB
85 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2aw6259z9myf9xscvctzax9bdg7tvv86hhcbxc7j4mn22q8tnfw28gepf25ar96ej5q3dkhxh8s4f85km2x2rzsw32ckbzd21kzgzr34yw3ekc4mmk3tjqws205t002jd3z05m09g4fhq8fvm473qpshbxynkzchvbyvxbmpntk0wzk8g3bz61814vt9zthq7mrscy4ghbznbr8nnkage8wb62bxgr76vwxd5aspmj51f8943bp7qmhbebtss4q5pdjhr%26a%3D&clickref=oneidW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2oneid__Influencer_advancedad_728x90&viewref=oneid3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCdoneid__Influencer_advancedad_728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:15:37 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
23753
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
DqzXeKOF752KhHyBgPBsc2lSbkcsKlaiPXHoJgwwy2SsahIcLO82Pw==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 0AE9
2 KB
3 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1663754189&Signature=QZTLV3CYLQ9PLy1KWRs0a7T5FsUea9WOnMKmDAXxUpv0xVjJj2ZIFJex88vjMsqfdlWUbtSLdfcTA7I7j2t3E9uDcJtKzo8pSyn33pAmdUIPtkgg7Nkm1BrcH3TkRS17~h12JoAos-B~mlQxU3Zgqa0bj8yzvtBjCkiRD2isaABBfzQOBvpZcFybDqNge~0CzLt77c~HB96kUwm7L2ez8iBwTyoAkM1hgTGf08JWxDXJ-KDDVgaIJHClvyvQPKSaF8SkVdkJbqSWVjkIb5aH7nsbqTUe6F2Wa1qTHB36jGJBS78yPaCXSZNmz3OYbfWx2EiCcsA8nY8gBmVAd2Kn-w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
age
25706
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 21 Sep 2022 02:43:03 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2545
x-amz-cf-id
B15JVP2JGadTjL9LwZDic33ZhJANT1Co_KCN-adMgUy7YsvPCAGowg==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 0AE9
15 KB
15 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1663754189&Signature=oQKgx2cDgnA2Cx7hgBQj7z-951SRF3b5RLzNu3UwLA2AC0DUh13LCXvX8vt2AjNn9EDejdmuQdOcohNaP4RnePXbnq6p54TpAh4HcyT3L7sLT475-txX1UjD8W4Uv1F4X9mIojRErQpZrpjPOrw70wAEhCEgmVSkkvxwKuuIT4ukugttQ0w2Yjf4kgrI~k2NvV4VofWj477ZS23Y~i1uJxjVFLgOfWqNxLEA8KLwymeTpFZ7Zf63oANHefaIXyIrzDN8LO9qIGF085Q-LoV9v4W6IQ~ciGV3PWi0oI8YstEu8mQLyIyYg7zBWq6vlqIGK4WH8IR0DYmG2gaS4B6rkQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
age
24556
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 21 Sep 2022 03:02:14 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
15054
x-amz-cf-id
W6J7V4Yb27PKz6zi0xx6_HwvI_oNQZq3U4_2rd0GNC91rCWBEu8dLQ==
2022-07-25_familienzeit-panini-banner-627x627.jpeg
cdn.track.production.webgains.team/268155/ Frame 0AE9
77 KB
78 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/268155/2022-07-25_familienzeit-panini-banner-627x627.jpeg?Expires=1663754189&Signature=e1v6snVq2RR1dTamKiy6~Vb8dWlTztdlSMY3dd6KCqhNCItdSlr-Ol7pL3ENOLpkBQJQOjcXmKhHTArZ9bEbG03OjZeMlcUCr8xTHHah5VL1SmU7kSVVoaYc71bXrBCUb~UVNWn2~c7BQBETBpCgbWqBAIHBlsDGHHYOxCJ-LIBEn96SWNdLxmWWzsdCG1aav3RF0BTbqLt2xOB0eZeKoUIn~7l3t1lSsTQHjjOV5zf7EkVcBWgUBGbJgroFs7Z2mSS29wbXLY38NGYobGMktUWwYD46SZGJnvN9t-D5XGCuzFMJ~Vn-PUAtC154~XLieX-5qa33nrd4hMUQHDQAhw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200037%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2Cxr4RTQfAfEm7wUPHdHztQtdwYc7S4tK4ACA%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CYAdzSrf3f5QrzSVH9HetgCgz7akSWtd92ur%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=322df2305748e9e2d0adfee8524e218d%2F11533772760322886158&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753889305&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcf3c1a73ae6215dc150d3e2031c9de98af41e5cc022bf9c16852b13075b4d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:44:20 GMT
server
AmazonS3
age
19013
etag
"58879895efe64f553dc9fa167564951f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Wed, 21 Sep 2022 04:34:39 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
79101
x-amz-cf-id
poQSkKV2gv3rotSYtclgTCz7M65hwbNvgJiusca3REudv-NFK9v6IQ==
tracking-event
api.webgains.io/ Frame 0AE9
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:51:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:51:30 GMT
server
nginx
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:51:30 GMT
server
nginx
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:51:30 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 0AE9
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:51:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 0AE9
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:51:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Domain
www.rohrex.de
URL
http://www.rohrex.de/api.php
Domain
www.instabooster.pro
URL
https://www.instabooster.pro/

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0xf0de function| setRequest function| interpretRequest function| getData string| d string| n string| r string| s object| sendreq number| fcr object| _fcc number| cid object| style object| fjs object| st object| fci object| ifrm

1 Cookies

Domain/Path Name / Value
www.rohrkopf.de/ Name: PHPSESSID
Value: e44a948b89203c6ed7df2a3211cbb5d7

3 Console Messages

Source Level URL
Text
security error URL: https://www.rohrkopf.de/impressum.html
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/impressum.html' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.rohrkopf.de/js/main.js(Line 36)
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/impressum.html' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.rohrex.de/api.php'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://s5qj82thv3dw.de/jw.js?de=E6eMu7U8GN5V2QLU
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/impressum.html' was loaded over HTTPS, but requested an insecure frame 'http://instabooster.pro/'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad4m.at
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.track.production.webgains.team
de-c114.cdnplus.de
deli.misaglam.com
fonts.googleapis.com
fonts.gstatic.com
listen.openstream.co
listen.radioearn.com
lux-c128.cdnplus.de
radioearn-stream24.radiohost.de
ref.cdnplus.de
s5qj82thv3dw.de
static.a-ads.com
str3.openstream.co
thisis.aninter.net
tool.hubu.link
track.webgains.com
vip.wongsong.cn
www.fastcounter.de
www.instabooster.pro
www.rohrex.de
www.rohrkopf.de
zuppelzockt.com
ajax.googleapis.com
www.instabooster.pro
www.rohrex.de
107.189.11.145
107.189.31.238
148.251.1.246
162.19.154.224
178.33.221.216
18.135.86.50
18.66.147.52
18.66.147.89
195.201.169.184
2606:4700:20::681a:bd1
2a00:1450:4001:82a::2003
2a00:1450:400a:808::200a
2a01:4f8:10b:ddc::2
2a01:4f8:212:29e0::2
2a01:4f8:c17:3d79::1
2a01:4f9:4b:1406::2
3.11.195.34
52.214.100.223
85.10.246.93
85.13.161.133
94.130.9.175
1251712f44660a51792f50bcbf799d25bfefee0fff3957aaeecbc81e95553194
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
15e00ac16b4dedd6b92446656c2b1f24de1f9facda26d514f88c287a0f6fdd20
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
1e1765425bf31c0785495522edde2337cae8158430848fd49114aab1253eecde
1f5ff409b6fef6cb00a33cd2314536ac300e7d0eac9692707d9deb5e6df44016
2dff3833a243afb438eccc333a7f514000da47594f9b4c7716a55e40a04ccd79
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
67e49f83ef6c4e47d66c8f1339d1cdb8c1204b62b116267b4874afb3142cebe7
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
69c9534a930be87ec33642d7f15c5b25b77f84304debca63a48bf45d769fc73f
6cc2a9f98ebc7fd795284d2c4d45560c2dcaeec062932853a965a174b0c979ab
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6fcbb378853463a4988a16d61fc995f41056c60236b8e1d4decdc9cb25c999a1
758f7fa00f65564e65d1645fd96b55b2c58c3d9026da2692c1d24b63d4cd83dc
831b30b60bc7a350910382e3c3ffe2259a1fa5deb49b0500e2db51938a6ee74f
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
99662a313ed83cbca407ff635098942e5e8e7ecda3425f30245d292c490e2819
9b4e21734188f38fcdbd418ac5180dda4fb59dd4a1b1df1538ad77970f68ba55
a1974d6b97c684387f83b6ec14b0ba4e61acc8fab0d23696b9d62b2420fca4b4
a2fa93e8864fbad319eacd4accb04be2e3de083db30dbb745c93c2ae271feef7
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e
c48acea38c6404ad95e7a8ff30e719a0f1fa8690b4abc4e78b5750907881f361
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
dcf3c1a73ae6215dc150d3e2031c9de98af41e5cc022bf9c16852b13075b4d3d
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53963fbc3f8980d3bc594891ecb121a2a122897a8fa92c0fa9e3c88485932e9
ec67bd372382ebed1a40b5148dcab06498e60772f1f210d780c50ae46a64fe4c
f6e95d01ff8b7193fc073bd4a39439318ebbe3c73089e46f775ca29a3ced1476
f749becd6d1ab0c2f95c33e738746cfe541e235ec7bd8a724c0cb5a7d2eaf326