viacrypto.online Open in urlscan Pro
195.201.179.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://viacrypto.online/
Submission: On February 29 via api (February 29th 2024, 5:22:05 am UTC) from BE — Scanned from DE

Summary HTTP 144 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 39 domains to perform 144 HTTP transactions. The main IP is 195.201.179.80, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is viacrypto.online.

This is the only time viacrypto.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	195.201.179.80 195.201.179.80	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:ddae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	176.9.82.58 176.9.82.58	24940 (HETZNER-AS) (HETZNER-AS)
10	188.40.69.138 188.40.69.138	24940 (HETZNER-AS) (HETZNER-AS)
6	162.0.208.108 162.0.208.108	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700:303... 2606:4700:3031::6815:2dfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	162.19.58.161 162.19.58.161	16276 (OVH) (OVH)
1	161.97.139.136 161.97.139.136	51167 (CONTABO) (CONTABO)
1	104.26.1.221 104.26.1.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	199.85.208.28 199.85.208.28	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 3	2606:4700:303... 2606:4700:3033::ac43:8016	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1 3	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.66.201.7 185.66.201.7	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	65.60.9.236 65.60.9.236	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
4	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
5	2606:4700:e6:... 2606:4700:e6::ac40:ce26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:b7f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:99	() ()
2 4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
144	41

4 195.201.179.80 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: free-hosting-clients.freehosting.com

viacrypto.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ddae (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.82.58 (Bayreuth, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.58.82.9.176.clients.your-server.de

rt58.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 188.40.69.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.69.40.188.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.0.208.108 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-2974.zerads.com

zerads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adalso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amazingfreebitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
traffic2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.topcreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:2dfb (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.97.139.136 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1074248.contaboserver.net

xthread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.1.221 (None, )

ASN13335 (CLOUDFLARENET, US)

firefaucet.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.85.208.28 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-5475.te-hosting.com

submitads4free.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:8016 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lltrco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.242 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

joathath.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

r-q-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

graipeepoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.7 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.7.skhosting.eu

ucaba.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.60.9.236 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

mm.m-m-m.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

amunfezanttor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

llpgpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b7f0 (United States)

ASN13335 (CLOUDFLARENET, US)

llclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

imgallery.llsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:99 (None, )

ASN- ()

pixel.leadsleap.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32 jnn-pa.googleapis.com — Cisco Umbrella Rank: 228	87 KB
14	youtube.com www.youtube.com — Cisco Umbrella Rank: 69	2 MB
10	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34950 static.a-ads.com — Cisco Umbrella Rank: 49313	2 MB
8	graipeepoo.com graipeepoo.com	35 KB
7	llpgpro.com llpgpro.com	27 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 258	1 KB
5	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1047	112 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	39 KB
5	surfe.pro static.surfe.pro — Cisco Umbrella Rank: 568702 rt58.surfe.pro — Cisco Umbrella Rank: 809001	14 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	126 KB
4	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 31094
4	submitads4free.com submitads4free.com	5 KB
4	topcreativeformat.com www.topcreativeformat.com — Cisco Umbrella Rank: 62936
4	viacrypto.online viacrypto.online	135 KB
3	joathath.com 1 redirects joathath.com — Cisco Umbrella Rank: 666990	16 KB
3	lltrco.com 1 redirects lltrco.com — Cisco Umbrella Rank: 882835	10 KB
2	llsvr.com imgallery.llsvr.com — Cisco Umbrella Rank: 834411	177 KB
2	amunfezanttor.com amunfezanttor.com — Cisco Umbrella Rank: 51988	353 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11764	1 KB
2	traffic2bitcoin.com traffic2bitcoin.com	1 KB
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 12287	2 KB
2	zerads.com zerads.com	1 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	93 KB
1	leadsleap.net pixel.leadsleap.net	954 B
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1942	12 KB
1	llclick.com llclick.com — Cisco Umbrella Rank: 946032	691 B
1	m-m-m.world mm.m-m-m.world	2 KB
1	ucaba.live ucaba.live	350 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 42429	465 B
1	r-q-e.com r-q-e.com — Cisco Umbrella Rank: 905297	789 B
1	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 4012	2 KB
1	firefaucet.win firefaucet.win — Cisco Umbrella Rank: 703321	9 KB
1	amazingfreebitcoin.com amazingfreebitcoin.com	1 KB
1	xthread.net xthread.net	116 KB
1	adalso.com adalso.com	859 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	23 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2859	26 KB
0	neon.autos Failed neon.autos Failed
144	39

	Domain	Requested by
14	www.youtube.com	llpgpro.com www.youtube.com
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	jnn-pa.googleapis.com	www.youtube.com
8	graipeepoo.com	traffic2bitcoin.com graipeepoo.com
7	llpgpro.com	lltrco.com llpgpro.com
7	fonts.googleapis.com	stackpath.bootstrapcdn.com ad.a-ads.com llpgpro.com
5	use.fontawesome.com	lltrco.com use.fontawesome.com llpgpro.com
5	www.gstatic.com	www.google.com
5	static.a-ads.com	ad.a-ads.com
5	ad.a-ads.com	viacrypto.online adalso.com traffic2bitcoin.com
5	www.google.com	viacrypto.online www.gstatic.com www.google.com
5	cdnjs.cloudflare.com	viacrypto.online submitads4free.com lltrco.com llpgpro.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	jouteetu.net	graipeepoo.com
4	submitads4free.com	adalso.com submitads4free.com
4	www.topcreativeformat.com	viacrypto.online
4	viacrypto.online	viacrypto.online
3	joathath.com	1 redirects traffic2bitcoin.com joathath.com
3	lltrco.com	1 redirects traffic2bitcoin.com lltrco.com
3	static.surfe.pro	viacrypto.online
2	static.doubleclick.net	www.youtube.com
2	imgallery.llsvr.com	llpgpro.com
2	amunfezanttor.com	graipeepoo.com
2	my.rtmark.net	joathath.com graipeepoo.com
2	traffic2bitcoin.com	adalso.com traffic2bitcoin.com
2	i.ibb.co	zerads.com
2	zerads.com	viacrypto.online
2	rt58.surfe.pro	viacrypto.online
2	code.jquery.com	viacrypto.online lltrco.com
1	pixel.leadsleap.net	llpgpro.com
1	player.vimeo.com	llpgpro.com
1	llclick.com	lltrco.com
1	mm.m-m-m.world	ucaba.live
1	ucaba.live	r-q-e.com
1	datatechone.com	joathath.com
1	r-q-e.com	traffic2bitcoin.com
1	www.gravatar.com	submitads4free.com
1	firefaucet.win	adalso.com
1	amazingfreebitcoin.com	adalso.com
1	xthread.net	zerads.com
1	adalso.com	viacrypto.online
1	cdn.jsdelivr.net	viacrypto.online
1	stackpath.bootstrapcdn.com	viacrypto.online
0	neon.autos Failed	traffic2bitcoin.com
144	44

This site contains links to these domains. Also see Links.

Domain
t.me
surfe.pro
gr8.cc

Subject Issuer	Validity	Valid
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
zerads.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
surfe.pro E1	`2024-01-25` - `2024-04-24`	3 months	crt.sh
ibb.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
adalso.com R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
bitcoinx.to R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.amazingfreebitcoin.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
*.traffic2bitcoin.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
submitads4free.com ZeroSSL RSA Domain Secure Site CA	`2023-12-03` - `2024-12-02`	a year	crt.sh
lltrco.com GTS CA 1P5	`2024-02-12` - `2024-05-12`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
joathath.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
r-q-e.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
graipeepoo.com GTS CA 1P5	`2024-01-12` - `2024-04-11`	3 months	crt.sh
ucaba.live R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
mm.m-m-m.world R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
amunfezanttor.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
jouteetu.net R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
llpgpro.com GTS CA 1P5	`2024-01-15` - `2024-04-14`	3 months	crt.sh
llclick.com GTS CA 1P5	`2024-01-21` - `2024-04-20`	3 months	crt.sh
llsvr.com E1	`2024-01-08` - `2024-04-07`	3 months	crt.sh
player.vimeo.com E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
leadsleap.net E1	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 26 frames:

Primary Page: http://viacrypto.online/
Frame ID: FA9BFA79492BE85635BB62CCAA228414
Requests: 27 HTTP requests in this frame

Frame: http://ad.a-ads.com/2306567?size=728x90
Frame ID: DD85DAD56364AF9F51EDFEE236FC7A7A
Requests: 5 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=300&ref=4311
Frame ID: 190B4781A386B751F8BC431AE397CF07
Requests: 2 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=300&ref=4311
Frame ID: 224E4FD18DA38B606F8E4B9AB741D5BB
Requests: 3 HTTP requests in this frame

Frame: http://ad.a-ads.com/2306569?size=120x600
Frame ID: 9D7A83DCA74D4517604DBAF820DBD394
Requests: 5 HTTP requests in this frame

Frame: http://ad.a-ads.com/2306568?size=160x600
Frame ID: 352B732F85D5B8F97FBDAB3849D1EA57
Requests: 5 HTTP requests in this frame

Frame: https://adalso.com/ad/pbnr1.php?ref=17861
Frame ID: 8764D23AAA4D8BA24138AEA83A44ED9B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4&co=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmU6ODA.&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=pinrlvbkmpn0
Frame ID: 728015A4F5897F1CDD27ADAF92DC56D3
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4
Frame ID: A30F046D5D91D3C8E40D3BA44C1D6600
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/433960?size=728x90
Frame ID: A86972A13DE456FB314E6B96187A2BF7
Requests: 5 HTTP requests in this frame

Frame: https://traffic2bitcoin.com/ptpm.php?ref=admin&sitetype=1
Frame ID: 79EAB840F683A69E953453D82F97B854
Requests: 1 HTTP requests in this frame

Frame: https://submitads4free.com/tecoop.php?id=1380
Frame ID: 6C8E25532C8539C1DF4038D2BEF0E0B6
Requests: 1 HTTP requests in this frame

Frame: https://traffic2bitcoin.com/qlt.php?ref=admin&keycode=6918&type=&sitetype=1
Frame ID: 86B88576A173775377EE6E8E055485B8
Requests: 1 HTTP requests in this frame

Frame: https://lltrco.com/?r=valwp&ai=126538&at=a
Frame ID: A036B246150EF0DCCFC141EE213173C8
Requests: 7 HTTP requests in this frame

Frame: https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n=
Frame ID: 350AA17AAD9BEC68F2C1DBACD23D1302
Requests: 2 HTTP requests in this frame

Frame: https://submitads4free.com/_tecoop_center.php?i=1380
Frame ID: 58250157F6C605B90E3623C58D13E89B
Requests: 2 HTTP requests in this frame

Frame: https://submitads4free.com/_tecoop_bottom.php?c=1380
Frame ID: 703CA8C3ECAE2BEBF0B3D696F71A9848
Requests: 1 HTTP requests in this frame

Frame: https://neon.autos/110769
Frame ID: 15559A322B22889061EC578BDCB70184
Requests: 1 HTTP requests in this frame

Frame: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Frame ID: 458B393CCCAD2D53EC64513E43EE05E1
Requests: 19 HTTP requests in this frame

Frame: https://mm.m-m-m.world/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=30418309&cid=90affC1709184122aff9653c52782677a577a307
Frame ID: 4347C0701C35EAB84FF5FF5A1B38165B
Requests: 3 HTTP requests in this frame

Frame: https://llpgpro.com/7zfv2gk4/
Frame ID: 87698B0E26A4F846E391E1CFBF32F12A
Requests: 18 HTTP requests in this frame

Frame: https://llclick.com/set.cookie.html
Frame ID: 0DECC02315A2A8EBC4E57CE8EDA18ADF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz
Frame ID: A60AD09862439CB96C605D98BE5B3D3E
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz
Frame ID: 47ECEA068B6E5D3B5EAF7A690C342834
Requests: 13 HTTP requests in this frame

Frame: https://ad.a-ads.com/741663?size=300x250
Frame ID: 2591AB61B81A2BF17646952345FC6AFA
Requests: 5 HTTP requests in this frame

Frame: https://pixel.leadsleap.net/set.html?n1=lllpga184671&v1=610145.29&n2=lllpgb184671&v2=610145.29&n3=lllpgca167482&v3=184671.610145.29&n4=lllpgcb167482&v4=184671.610145.29
Frame ID: E2FF13B89294B2A9B1CE561F737A679A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viacrypto | Free Tron Faucet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

144
Requests

86 %
HTTPS

53 %
IPv6

39
Domains

44
Subdomains

41
IPs

8
Countries

6536 kB
Transfer

13783 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/viacrypto_official

Search URL Search Domain Scan URL

URL: https://surfe.pro/net/click?id=ZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKSVV6STFOaUo5LmV5SnBjM01pT2lKb2RIUndjem92TDNOMWNtWmxMbUpsSWl3aWFXRjBJam94TnpBNU1UZzBNVEl3TENKa1lYUmhJam9pT0RZNU1EYzFMak01TVRRek5qb3dNREF3TURBd01DSjkuYW1hZGU0RkhKMk9WU1JjNnJuRXRQWEJVRVdWcGJOdFBIbVBFeWh1RmlGdw==&seed=4651177593504454
Title: bcgame.sk

Search URL Search Domain Scan URL

URL: https://surfe.pro/?utm_source=viacrypto.online&utm_medium=pro_unit_menu&utm_term=391436&utm_content=http%3A%2F%2Fviacrypto.online%2F
Title: Become publisher

Search URL Search Domain Scan URL

URL: https://surfe.pro/?utm_source=viacrypto.online&utm_medium=pro_unit_badge&utm_term=391436&utm_content=http%3A%2F%2Fviacrypto.online%2F
Title: Ads by Surfe.PRO

Search URL Search Domain Scan URL

URL: https://gr8.cc/goto/faucetpay
Title: FaucetPay account

Search URL Search Domain Scan URL

URL: https://surfe.pro/net/click?id=ZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKSVV6STFOaUo5LmV5SnBjM01pT2lKb2RIUndjem92TDNOMWNtWmxMbUpsSWl3aWFXRjBJam94TnpBNU1UZzBNVEl3TENKa1lYUmhJam9pT0RZNU1EYzFMak01TWpBNU5Ub3dNREF3TURBd01DSjkuV09HUGxwSzQ4ak1mTGYwMUJOR2phRE16T2M0Q2FIZTBiakZRLWNtVTNkZw==&seed=6474938737610385
Title: bcgame.sk

Search URL Search Domain Scan URL

URL: https://surfe.pro/?utm_source=viacrypto.online&utm_medium=pro_unit_menu&utm_term=392095&utm_content=http%3A%2F%2Fviacrypto.online%2F
Title: Become publisher

Search URL Search Domain Scan URL

URL: https://surfe.pro/?utm_source=viacrypto.online&utm_medium=pro_unit_badge&utm_term=392095&utm_content=http%3A%2F%2Fviacrypto.online%2F
Title: Ads by Surfe.PRO

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://lltrco.com/?r=valwp HTTP 302
https://lltrco.com/?r=valwp&ai=126538&at=a

Request Chain 76

https://joathath.com/?z=7144035&syncedCookie=true&rhd=false HTTP 302
https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

Request Chain 140

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 146

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

144 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
viacrypto.online/ 51 KB
30 KB 106ms
50ms Document
text/html 195.201.179.80
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://viacrypto.online/

Protocol

HTTP/1.1

Server

195.201.179.80 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

free-hosting-clients.freehosting.com

Software

openresty/1.21.4.1 /

Resource Hash

59128ec09a83e1b8db398b4f6453e4b62ef854d47b840bf3e7fd61079edd139f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: openresty/1.21.4.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 0

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootswatch/4.5.2/united/ 177 KB
26 KB 40ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootswatch/4.5.2/united/bootstrap.min.css

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e661cfecfe47a9de3f58d99e557334c275f086f3108ad35bdd26c06da11520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 863
age: 7480999
cdn-cachedat: 08/09/2023 21:57:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:48 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"d31734402236b6ae9f0c90df80dc09dc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7f10989f54479646cb0fed4702955c67
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85ce778f2ae79262-FRA
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 32ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://viacrypto.online/
Origin: http://viacrypto.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 78356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ51dntbclHRbw924Z2a0vJOvX7nkh3xYRrizadVJZ74BstKMYXAhvA74CpZkQhavPyeDwo%2BbOZ3%2B7ERGJ2LOtA8hr86q1hw8NsGHcZ%2F67Gf49QoW0eHlRUzmmPh5m%2FVDKIq7PUcTpcqwsZNHDz4efFa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ce778f193565d9-FRA
expires: Tue, 18 Feb 2025 05:22:00 GMT

GET
H/1.1 200
OK base.css
viacrypto.online/libs/css/ 748 B
726 B 24ms
18ms Stylesheet
text/css 195.201.179.80
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://viacrypto.online/libs/css/base.css
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 195.201.179.80 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: free-hosting-clients.freehosting.com
Software: openresty/1.21.4.1 /
Resource Hash: 96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Feb 2021 15:06:54 GMT
Server: openresty/1.21.4.1
ETag: W/"2ec-5bbee26f8bf80"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Fri, 28 Feb 2025 05:22:00 GMT

GET
H/1.1 200
OK pngwing.com.png
viacrypto.online/ 104 KB
104 KB 26ms
20ms Image
image/png 195.201.179.80
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://viacrypto.online/pngwing.com.png
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 195.201.179.80 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: free-hosting-clients.freehosting.com
Software: openresty/1.21.4.1 /
Resource Hash: 2f9128a95d6586faf8671822972bdc4839db0473920fbc8943af6fc89ecd3d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Last-Modified: Wed, 28 Feb 2024 10:54:48 GMT
Server: openresty/1.21.4.1
ETag: "19ede-6126ef8ac2e00"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106206
Expires: Sat, 30 Mar 2024 05:22:00 GMT

GET
H/1.1 200
OK net.js Show response
static.surfe.pro/js/ 5 KB
3 KB 214ms
110ms Script
application/javascript 2606:4700:3032::ac43:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://static.surfe.pro/js/net.js

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

HTTP/1.1

Server

2606:4700:3032::ac43:ddae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ff068f75ab9c67ef582a75bc9117ebee2bc972450f961051b24858d2a975e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 164
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 26 Jun 2023 08:54:51 GMT
Server: cloudflare
ETag: W/"6499525b-1223"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZdWH1Eh1ThJTp8cOWQ45SancOajLCZOFVX%2FpPvU9C0Xo90XH%2F4lSXFe3%2BZG%2Fp9m6asm%2Fi64qxK3QK3s8bmXjv4rTMLReVA9DaTdw6jKlkZa3LtOVwE5GGRhhhsXWAu2SP%2BJQu1Fi2adCrMa8w95"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Permissions-Policy: interest-cohort=(),geolocation=(self), camera=()
CF-RAY: 85ce778ffb0c2015-IAD

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

510c92405ce7edbe9ee2be774b3cd37d4da696b91e5670da4f1cdcf2dd92285d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 29 Feb 2024 05:22:00 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 29ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://viacrypto.online/
Origin: http://viacrypto.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10729433
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-fra-etou8220040-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709184120.193935,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 967

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
23 KB 41ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://viacrypto.online/
Origin: http://viacrypto.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9711627
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230025-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xU9loM0%2FhCJK6JpgRs1dy2R%2F7jHtJ%2FJdQ%2BDiEsM0RB%2BlTqFi6gQ5Cu4E6uRD4K8OarFyMZxgxt%2Bc3eDno4laBtyruqqQ9EbL%2BH0kvigQxU2w3XL3k8HSJ8nnTlmfFwuIz%2Bz3PVsB5Feaw2DCPVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85ce778f3e601999-FRA

GET
H/1.1 200
OK show_ads.js Show response
viacrypto.online/libs/ 23 B
356 B 17ms
17ms Script
application/javascript 195.201.179.80
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://viacrypto.online/libs/show_ads.js
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 195.201.179.80 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: free-hosting-clients.freehosting.com
Software: openresty/1.21.4.1 /
Resource Hash: ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Last-Modified: Mon, 22 Feb 2021 15:06:50 GMT
Server: openresty/1.21.4.1
ETag: "17-5bbee26bbb680"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23
Expires: Fri, 28 Feb 2025 05:22:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1019 B 35ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/bootswatch/4.5.2/united/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1237af47fbb6ebb5642f026c4f3c840c0a0ac041833739809bf76f9252d2e47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stackpath.bootstrapcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:31:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:00 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://viacrypto.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 19:39:36 GMT
x-content-type-options: nosniff
age: 466944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 19:39:36 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
30 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://viacrypto.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:07:43 GMT
x-content-type-options: nosniff
age: 159257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:07:43 GMT

POST
H/1.1 200
OK teaser Show response
rt58.surfe.pro/net/ 21 KB
5 KB 96ms
72ms XHR
text/html 176.9.82.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rt58.surfe.pro/net/teaser?sid=391436&w=1140&seed=4651177593504454&doc_ref=&href=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmUv
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 176.9.82.58 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.58.82.9.176.clients.your-server.de
Software: nginx / PHP/7.3.29
Resource Hash: ab8421c821d6e5532d419e1d4961b8a3e63a3a371418d3a6e5cf3e78607ef511

Request headers

Referer: http://viacrypto.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Speed-06: b-found at 5 - 0.030209064483643
Content-Encoding: gzip
Speed-07: PH-all 589 checked - 0.03071403503418
X-Powered-By: PHP/7.3.29
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
remote-addr: 81.95.5.40
Speed-04: tpl-wcnt 2 - 0.01261305809021
Speed-05: main-tid 10 - 0.012619018554688
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://viacrypto.online
Access-Control-Allow-Credentials: true
Speed-08: main-t-old 1 - 0.030726909637451
Speed-03: site-inited-view - 0.012583017349243
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
Speed-02: preload - 0.0041248798370361

GET
H/1.1 200
OK 2306567 Show response
ad.a-ads.com/ Frame DD85 13 KB
5 KB 36ms
24ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/2306567?size=728x90

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

HTTP/1.1

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

61f7e26c6ad93bf9ccdb21d17f98acc4b9ffc768bd0828f284ded84becd2f555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://viacrypto.online/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK teaser Show response
rt58.surfe.pro/net/ 19 KB
5 KB 75ms
54ms XHR
text/html 176.9.82.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rt58.surfe.pro/net/teaser?sid=392095&w=540&seed=6474938737610385&doc_ref=&href=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmUv
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 176.9.82.58 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.58.82.9.176.clients.your-server.de
Software: nginx / PHP/7.3.29
Resource Hash: a8a021849dc6969c3b097d34dfa63adc342a02212a9c6ddc1b29e56f9b7d88a4

Request headers

Referer: http://viacrypto.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Speed-06: b-found at 5 - 0.030508041381836
Content-Encoding: gzip
Speed-07: PH-all 589 checked - 0.03101110458374
X-Powered-By: PHP/7.3.29
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
remote-addr: 81.95.5.40
Speed-04: tpl-wcnt 1 - 0.01323390007019
Speed-05: main-tid 4 - 0.013240098953247
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://viacrypto.online
Access-Control-Allow-Credentials: true
Speed-08: main-t-old 1 - 0.031029939651489
Speed-03: site-inited-view - 0.013206958770752
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
Speed-02: preload - 0.0042839050292969

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame 190B 903 B
797 B 475ms
157ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=300&ref=4311
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: f8082da58b948dcc7c672cd881249e92d37f4b766c6531b756320bbf02bcb29b

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 551
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:00 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/ 0
0 259ms
98ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://viacrypto.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DD85 5 KB
743 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: http://ad.a-ads.com/2306567?size=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:25:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:00 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/393785/ Frame DD85 674 KB
675 KB 20ms
6ms Image
image/gif 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/393785/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/2306567?size=728x90
Protocol: HTTP/1.1
Server: 188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.69.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
x-amz-version-id: U_gw9pMJM8aB4.6Qh4Gtz4RBC45GNrbN
Last-Modified: Tue, 31 May 2022 13:36:41 GMT
Server: nginx
x-amz-request-id: 0QWK584YTEX5AGD8
ETag: "17ab32789bf26b9a63481f7a9a076d53"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 690666
x-amz-id-2: Y2Sl1r7TbY79TMj7+vD1v8I6nBfaguKXann3TGxI5xkhMIVGkctl7l0fhfpLcoN9OOuk2/tnKYU=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame DD85 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame DD85 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options: nosniff
age: 160251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:09 GMT

GET
H2 404 881b3f0cae2e413b1fab2da551bbce55-300x250.png
static.surfe.pro/upload/2564953/ 0
0 66ms
20ms Image
text/html 2606:4700:3031::6815:2dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.surfe.pro/upload/2564953/881b3f0cae2e413b1fab2da551bbce55-300x250.png
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 404 4bff53fc134483c99ca6ca8fe0ab85f2-468x60.gif
static.surfe.pro/upload/2564953/ 0
0 43ms
20ms Image
text/html 2606:4700:3031::6815:2dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.surfe.pro/upload/2564953/4bff53fc134483c99ca6ca8fe0ab85f2-468x60.gif
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba532897a29ca3de98b9df7240cd0f019c5c67407556cb1b6eb1a20ffaf98007

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame 224E 775 B
712 B 373ms
158ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=300&ref=4311
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: ac57b70ba3eab0c362ea11a09eed445d78280f1df1d50ae40eeb5dbee4b2e87c

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 466
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:00 GMT
Keep-Alive: timeout=5, max=49
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/ 0
0 99ms
99ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://viacrypto.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ 494 KB
197 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://viacrypto.online/
Origin: http://viacrypto.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201516
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 18:35:09 GMT

GET
H/1.1 200
OK 2306569 Show response
ad.a-ads.com/ Frame 9D7A 13 KB
5 KB 19ms
19ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/2306569?size=120x600

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

HTTP/1.1

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

9d4a730ddde9c2056ab0a86905f7e298161e75987ed5e7154b1f134334fbaed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://viacrypto.online/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/ 0
0 101ms
101ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://viacrypto.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 9D7A 5 KB
670 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: http://ad.a-ads.com/2306569?size=120x600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:18:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:00 GMT

GET
H/1.1 200
OK 120x600
static.a-ads.com/a-ads-banners/393782/ Frame 9D7A 620 KB
620 KB 6ms
6ms Image
image/gif 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/393782/120x600?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/2306569?size=120x600
Protocol: HTTP/1.1
Server: 188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.69.40.188.clients.your-server.de
Software: nginx /
Resource Hash: cda888fc5996163eeb56789329eb0db473b3083f5b02c953480d4dd85b358ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
x-amz-version-id: _aN_250UMz.CsKQghWWdNNbLt8qtwrOe
Last-Modified: Tue, 31 May 2022 13:36:40 GMT
Server: nginx
x-amz-request-id: G5FZGVKJ5728YAZZ
ETag: "ed73e2755b56fcd892be0aa55892587b"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 634646
x-amz-id-2: dYxyqmBSw9VhzCVPj/NKUV/ZLpOVMqinC04GCenM9dJe1psRP6eb5AJB2NIEvFM/e9e+tHM67Mw=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9D7A 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 9D7A 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options: nosniff
age: 160251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:09 GMT

GET
H/1.1 200
OK 2306568 Show response
ad.a-ads.com/ Frame 352B 13 KB
5 KB 21ms
21ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/2306568?size=160x600

Requested by

Host: viacrypto.online
URL: http://viacrypto.online/

Protocol

HTTP/1.1

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

fff613d9ac7c99a94ee78ffd9bc3a47566c63e03c3498db568f86e5e1d34c139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://viacrypto.online/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET
H/1.1 403
Forbidden invoke.js
www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/ 0
0 99ms
98ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://viacrypto.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 fav.png
i.ibb.co/zbtMxW5/ Frame 190B 657 B
900 B 58ms
16ms Image
image/png 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zbtMxW5/fav.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=4311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:00 GMT
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 657
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 352B 5 KB
670 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: http://ad.a-ads.com/2306568?size=160x600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:22:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:00 GMT

GET
H/1.1 200
OK 160x600
static.a-ads.com/a-ads-banners/485519/ Frame 352B 379 KB
380 KB 7ms
7ms Image
image/gif 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/485519/160x600?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/2306568?size=160x600
Protocol: HTTP/1.1
Server: 188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.69.40.188.clients.your-server.de
Software: nginx /
Resource Hash: dec868d3b152aa72ba91ae8ebea2719dcb69f0c8df31b7ad5428b5a4f1d26033

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:00 GMT
x-amz-version-id: 6fBemIfnMS5qN1tB.75UrQYgdHrwU1bU
Last-Modified: Thu, 26 Oct 2023 11:59:26 GMT
Server: nginx
x-amz-request-id: NSB8B34QWKGEB84V
ETag: "664fc3a52bcdaae8aaedc34213b8670f"
x-amz-server-side-encryption: AES256
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 388484
x-amz-id-2: INUJy9qf+59n38jlpXl4yoqlub+CUraM2B6g7JGLcLHskU8xmHmtV1M4drHAe/BsOuGFaTqxz5o=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 352B 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 352B 46 KB
46 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options: nosniff
age: 160251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:09 GMT

GET
H/1.1 200
OK pbnr1.php Show response
adalso.com/ad/ Frame 8764 1 KB
859 B 594ms
159ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://adalso.com/ad/pbnr1.php?ref=17861
Requested by: Host: viacrypto.online
URL: http://viacrypto.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: a779a428c94481ae9aef61afa0a6f417e45d3a62707e2a5f5370b63041531bf1

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 613
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:01 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7280 47 KB
30 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4&co=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmU6ODA.&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=pinrlvbkmpn0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40cb27bb01b024b3c5e99b2796dc57f0b9639997120e3b1e5fdf33a08e130a6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QpSEMFcZYh8L_TDBFng4sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QpSEMFcZYh8L_TDBFng4sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 05:22:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48017e572a9e392ca3e31ca56f5773bdc65a71b954985de96b5fd55a1c5856ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cc9974f87807068074e115068eab61357a8a53fd866b0e324ca1030415590a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67070e916a48741c0b08343a14a033fb34b10370f7dcc47fe17654dbddcbecd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7563efbc21dd025d271c1404e070d98a4fe4c9f48d5fe9b5e9f3219b329d3d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://viacrypto.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 7280 55 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4&co=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmU6ODA.&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=pinrlvbkmpn0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 20:05:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame 7280 494 KB
197 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201516
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 18:35:09 GMT

GET
H2 200 fav.png
i.ibb.co/zbtMxW5/ Frame 224E 657 B
899 B 17ms
17ms Image
image/png 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zbtMxW5/fav.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=4311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:01 GMT
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 657
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stake-btcx-earn-usdt.jpg
xthread.net/ Frame 224E 115 KB
116 KB 39ms
10ms Image
image/jpeg 161.97.139.136
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xthread.net/stake-btcx-earn-usdt.jpg
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=4311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 161.97.139.136 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1074248.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8e6df3aabb9cd559d042cd0b4d9456e8881ba970edf09a7f7d8908edbbc66139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Feb 2024 05:22:01 GMT
last-modified: Mon, 23 Oct 2023 14:25:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6536826a-1cd5b"
content-type: image/jpeg
cache-control: max-age=86400, public, no-transform
accept-ranges: bytes
content-length: 118107
expires: Fri, 01 Mar 2024 05:22:01 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 7280 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4&co=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmU6ODA.&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=pinrlvbkmpn0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 08:48:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7280 102 B
135 B 16ms
16ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4&co=aHR0cDovL3ZpYWNyeXB0by5vbmxpbmU6ODA.&hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&size=normal&cb=pinrlvbkmpn0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 29 Feb 2024 05:22:01 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A30F 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e5ab01c5ba8631f05e09c98d197deb83a049299812de5c55572273f9443ece66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s88JoCBdqKhETT4hjSKVvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://viacrypto.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s88JoCBdqKhETT4hjSKVvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 05:22:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame A30F 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 20:05:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/ Frame A30F 494 KB
197 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1kRDYC3bfA-o6-tsWzIBvp7k/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1kRDYC3bfA-o6-tsWzIBvp7k&k=6LehB4MpAAAAANk8SOc6AsCUAaAyX9ih8XUUYkt4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 18:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201516
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 18:35:09 GMT

GET
H/1.1 200
OK icon.png
amazingfreebitcoin.com/ Frame 8764 797 B
1 KB 714ms
165ms Image
image/png 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazingfreebitcoin.com/icon.png
Requested by: Host: adalso.com
URL: https://adalso.com/ad/pbnr1.php?ref=17861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 777b4eaa9705701fb927edf69c1a3696b9f54d20c1fd512f5a48dd004ea347b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adalso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 05:22:02 GMT
Last-Modified: Fri, 11 Aug 2017 07:01:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=50
Content-Length: 797

GET
H2 200 banner.png
firefaucet.win/static/images/ Frame 8764 9 KB
9 KB 53ms
19ms Image
image/png 104.26.1.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firefaucet.win/static/images/banner.png
Requested by: Host: adalso.com
URL: https://adalso.com/ad/pbnr1.php?ref=17861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc8b94888f8b8ca748f1c6a22e724900c8a30252126bdf8a624e6c320c361d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adalso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:01 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 16:14:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2673
etag: "600eee78-2310"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjGSwRk7pebqAATa532iS0c15NYr7DA08GT91i1eaucrmvw%2Fa3uu2acHwfYjQfXeVnCQHE2ZzdLHto9XC%2FhHIj168qVHUe5COfs%2F5oKp9pceUHUdERwDLEPOBjL5qHfO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85ce7797de121965-FRA
content-length: 8976
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 433960 Show response
ad.a-ads.com/ Frame A869 13 KB
5 KB 32ms
15ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/433960?size=728x90

Requested by

Host: adalso.com
URL: https://adalso.com/ad/pbnr1.php?ref=17861

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

cb14e29d1c6058f43059fcc81cfa092a87e64d368e1fe02043be40518c8541cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adalso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 29 Feb 2024 05:22:01 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://adalso.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ptpm.php Show response
traffic2bitcoin.com/ Frame 79EA 1 KB
755 B 571ms
181ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://traffic2bitcoin.com/ptpm.php?ref=admin&sitetype=1
Requested by: Host: adalso.com
URL: https://adalso.com/ad/pbnr1.php?ref=17861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 2bec271c877cd4904b973f17969fbc803c7822f6e2a11de86a8f3f763bb7176b

Request headers

Referer: https://adalso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 509
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:02 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK tecoop.php Show response
submitads4free.com/ Frame 6C8E 938 B
1019 B 717ms
166ms Document
text/html 199.85.208.28
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://submitads4free.com/tecoop.php?id=1380
Requested by: Host: adalso.com
URL: https://adalso.com/ad/pbnr1.php?ref=17861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.85.208.28 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-5475.te-hosting.com
Software: Apache /
Resource Hash: 6f04347282fd9146362ddcfa09d805219cfb1623c4d0110eaff3444a3edbf2c7

Request headers

Referer: https://adalso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 508
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H3 200 css2
fonts.googleapis.com/ Frame A869 5 KB
670 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/433960?size=728x90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:25:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:01 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame A869 674 KB
676 KB 12ms
12ms Image
image/gif 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/433960?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.69.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:01 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: 0QWNC785DJE1EZQ1
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: +ny40oKPrs50k0LvZyKQaFq+NhsibSvSvNhoacd0OKUq/Qn/5lphZaRLd/PjsiPYG54/ByG80h4=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame A869 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame A869 46 KB
46 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options: nosniff
age: 160252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:09 GMT

GET
H/1.1 200
OK qlt.php Show response
traffic2bitcoin.com/ Frame 86B8 778 B
495 B 332ms
331ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://traffic2bitcoin.com/qlt.php?ref=admin&keycode=6918&type=&sitetype=1
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptpm.php?ref=admin&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 57689b832bd238591d21be25ecdd1e19d0e19f4a034b280f0f84e3b440361cdc

Request headers

Referer: https://traffic2bitcoin.com/ptpm.php?ref=admin&sitetype=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 249
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:02 GMT
Keep-Alive: timeout=5, max=49
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2

200

/ Show response
lltrco.com/ Frame A036
Redirect Chain

https://lltrco.com/?r=valwp
https://lltrco.com/?r=valwp&ai=126538&at=a

11 KB
4 KB

307ms
307ms

Document
text/html

2606:4700:3033::ac43:8016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptpm.php?ref=admin&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b18e7ae1fb3b58b32f2c922dc1bbb9e9c93e2ea5a926df3970e2b3a0fb8bcc2

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85ce77a01d331ede-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 05:22:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDE3A%2Fiq5vsPlvLyRhTFQZp2oyXPTI2Mm2FrTQQp50Y3HNHJppaLgNJIw8%2FWYa6FlWbpiGN5bdZizCT6dOkvrEWTqGtct1y71Z7h4c5kWf%2BBXmaGZsVLKlMFBaVXQ%2FK6jU7YCzYFRznj"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85ce779b9c061ede-AMS
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 05:22:02 GMT
location: ?r=valwp&ai=126538&at=a
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaYHRE6muGDK8v0ShjWt5%2B%2BZQEXM08wocCP9HMaUCIaJYSvvB7R36SKx7OuaAGCUFNwrG7FwTmvaSGL1O9fKoScucKRgPYQwAZuqG94RsBk1e8NHcfRJ6vggHMSNCkVkeZhFKDWknqxm"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK _tecoop_top.php Show response
submitads4free.com/ Frame 350A 1 KB
906 B 170ms
169ms Document
text/html 199.85.208.28
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n=
Requested by: Host: submitads4free.com
URL: https://submitads4free.com/tecoop.php?id=1380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.85.208.28 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-5475.te-hosting.com
Software: Apache /
Resource Hash: b11d87ad0899cfe0a6899a5c492b3aaa2b824e63645d2f6a1492fabe2a04624d

Request headers

Referer: https://submitads4free.com/tecoop.php?id=1380
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 660
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:02 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK _tecoop_center.php Show response
submitads4free.com/ Frame 5825 7 KB
2 KB 345ms
175ms Document
text/html 199.85.208.28
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://submitads4free.com/_tecoop_center.php?i=1380
Requested by: Host: submitads4free.com
URL: https://submitads4free.com/tecoop.php?id=1380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.85.208.28 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-5475.te-hosting.com
Software: Apache /
Resource Hash: 2cd31d3dad556ae1a88fb9e47fe80d3f86b80f94dffe2777e2df9ace67bb887b

Request headers

Referer: https://submitads4free.com/tecoop.php?id=1380
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2121
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:02 GMT
Keep-Alive: timeout=5, max=98
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK _tecoop_bottom.php Show response
submitads4free.com/ Frame 703C 625 B
583 B 478ms
160ms Document
text/html 199.85.208.28
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://submitads4free.com/_tecoop_bottom.php?c=1380
Requested by: Host: submitads4free.com
URL: https://submitads4free.com/tecoop.php?id=1380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.85.208.28 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-5475.te-hosting.com
Software: Apache /
Resource Hash: 6dc9363ab6aaf071ca92c938b836ce469239e92603d2a5d356f8061066ff1217

Request headers

Referer: https://submitads4free.com/tecoop.php?id=1380
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 336
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 05:22:02 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 fd6fb86bee9b5174db46a7fd3ea6d4cf
www.gravatar.com/avatar/ Frame 350A 1 KB
2 KB 30ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/fd6fb86bee9b5174db46a7fd3ea6d4cf?d=mm
Requested by: Host: submitads4free.com
URL: https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: faa31d59125ea8a13f09031f0d4cdc036e09d8e354f896ff4d20dff8107a3bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://submitads4free.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 29 Feb 2024 05:22:02 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="fd6fb86bee9b5174db46a7fd3ea6d4cf.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/fd6fb86bee9b5174db46a7fd3ea6d4cf?d=mm>; rel="canonical"
content-length: 1288
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 Feb 2024 05:27:02 GMT

GET 110769
neon.autos/ Frame 1555 0
0

GET
H2 200 7144035 Show response
joathath.com/4/ Frame 458B 33 KB
14 KB 59ms
24ms Document
text/html 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://joathath.com/4/7144035
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/qlt.php?ref=admin&keycode=6918&type=&sitetype=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d387fc7505492b25a45e1c5ac11fedabf68972d2f83886b789c11b29e13a816

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 29 Feb 2024 05:22:02 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 0f69a6292ec35c77492476713a9bd6d1

GET
H2 200 / Show response
r-q-e.com/1977075722ccbd242585/eb3dda870d/ Frame 4347 684 B
789 B 137ms
48ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://r-q-e.com/1977075722ccbd242585/eb3dda870d/?placementName=default

Requested by

Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/qlt.php?ref=admin&keycode=6918&type=&sitetype=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

bfabd25353b2ac360037ed11897fa32fa49480479d3677225f9e50624aaa9cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 05:22:02 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

POST
H2 200 sftouch
joathath.com/ Frame 458B 2 B
608 B 14ms
14ms Ping
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://joathath.com/sftouch?userId=0080116c27de41b9f69f2db1c3e56356&z=7144035&p_rid=681eff8a-0a24-46e6-996c-5d8502cc99cb&p_src=sf&branchId=0&rb=hBfnY0BJC_ikVvPArH_fv8xpOcWPN8sRN7EyPoTDSGnvRN1gA3Uu1h8E_csGz7MQyXBWytNR6uPduKVZEzHlNaj1TgO2be-iL3jsbnJ7PWgU0rjfbhxdzhEnBeQTQX9SG4haCIIQxseRs7QHGucvlWEWL_JHAWtVKApSy0_xmu7R62UblnYeZhT1JRYdQg7tNSegWtLEnFoYCwqCMkWLpmBiuUCbkOZABFDEewJOFfK_cT9X7KAS191iod9bL_JbxEYqgRa4oLi8XpqF86KKHB-bniTjndF9tTM00NovpoNe3FrpO5JagkOBS-311dEXRdLRNfrYSFQ=

Requested by

Host: joathath.com
URL: https://joathath.com/4/7144035

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joathath.com/4/7144035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 79197afb415b2cc8b8a70dd80bca96b3
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://joathath.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 458B 43 B
491 B 45ms
13ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080116c27de41b9f69f2db1c3e56356&z=7144035&p_rid=681eff8a-0a24-46e6-996c-5d8502cc99cb&p_src=sf

Requested by

Host: joathath.com
URL: https://joathath.com/4/7144035

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joathath.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add Show response
datatechone.com/log/ Frame 458B 2 B
465 B 50ms
13ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=681eff8a-0a24-46e6-996c-5d8502cc99cb
Requested by: Host: joathath.com
URL: https://joathath.com/4/7144035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://joathath.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Feb 2024 05:22:02 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://joathath.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
graipeepoo.com/ Frame 458B
Redirect Chain

https://joathath.com/?z=7144035&syncedCookie=true&rhd=false
https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

41 KB
14 KB

117ms
68ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/qlt.php?ref=admin&keycode=6918&type=&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 534cf1d51acd23c04308c3a2fd8cd83c570fe4d6f6f0f0d38f65c20afb034fe5

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://joathath.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85ce779e9ddbd6d6-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 05:22:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziDnv8%2Bsqg6pwVANJVTo0eanL35NFbr6xXzY3SqfU3Fo5CpO5XGsy4GjAxoEH0w9dMWuceXezkoi4gacCve1NA1XfcqfP9zU2P1QpcixRfJ1QG8NovS%2BLz%2FeTGJBnS9WLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://joathath.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 29 Feb 2024 05:22:02 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://graipeepoo.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: bd801f90973084540d24b09958596684

GET
H2 200 go.php Show response
ucaba.live/ Frame 4347 633 B
350 B 149ms
17ms Document
text/html 185.66.201.7
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://ucaba.live/go.php?go=https%3A%2F%2Fmm.m-m-m.world%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D30418309%26cid%3D90affC1709184122aff9653c52782677a577a307&do=42f6a8b4ed7521d71540ccda72dc90ee

Requested by

Host: r-q-e.com
URL: https://r-q-e.com/1977075722ccbd242585/eb3dda870d/?placementName=default

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.7 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.7.skhosting.eu

Software

nginx /

Resource Hash

49a760c6c300f7a913ad3cdb750db9a042afc42078f4cf42057b69a6deeb0872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://r-q-e.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 05:22:02 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 5825 70 KB
5 KB 23ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: submitads4free.com
URL: https://submitads4free.com/_tecoop_center.php?i=1380

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://submitads4free.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 606410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtmtaOjqIf71cJkEYB5tGAOGSxlbqIS5Z%2F7rGeiso%2B9Q69boN%2FYKg%2BDzkEKIpRn4VB3NLSSWvMcHZdNkhfQvDaFP%2BHaX1q5Q6JYwv5UIrgGTngQ1C5KZDU%2B%2FgyDHFJQ2QOeNpsxXgvR2G9niz6dXbNDC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ce779e6c673a6e-FRA
expires: Tue, 18 Feb 2025 05:22:02 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 458B 65 B
542 B 12ms
12ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=353774bb167a67315f3751fa25fa8ae9

Requested by

Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6fef33d469dce551442de97732a87b0b0f8aa4199eb74509ec61864a64652962

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://graipeepoo.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
graipeepoo.com/pfe/current/ Frame 458B 34 KB
13 KB 45ms
45ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 900901d01f9da4bce2bfec899dc2636c8126310a38993456cea4912c308c93ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 05:22:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Feb 2024 14:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65df3cc4-8909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOVzl7Ve1T5Y%2BnuoUFhM4L9lS6HNtfySDEbvWjBFPx3TRphVyErkchUhGpteCsh%2BI6mZEUkmx%2F%2FsmfNGWSIIo3%2B31yszNc%2BkIaZNJ%2BaK5e6u3oiYXygG8%2BqngbJAfrXimQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 85ce779f1e3cd6d6-CDG
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 458B 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
graipeepoo.com/19/4662728/ Frame 458B 3 KB
3 KB 39ms
39ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://graipeepoo.com/19/4662728/?abt_opts=1&var=7144035&var3=786937847843401986&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

553ee2ad1a6ba7a8f7c57407f08d6e7d0c6882e2f4dac015d333b6d02f28e08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: ffbb408db1a495201a89e0f5b30cbd2c
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NkZ6s4q9ibA14Vo7uavccnFeZlinsw9ZSQJRAOU3G8S5nQSq0mgys5hM1kL7LVChWb4jb3lS%2BRiStcDhOvH69TJh1v%2Fj6J0S4TLz4YLbcm%2Fc8rQNB0snass%2Fj1TM1vElg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85ce779f1e3ed6d6-CDG
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
graipeepoo.com/ Frame 458B 2 B
416 B 46ms
46ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&mprtr=1&os_version=10.0
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btUgaENi6DbBLJF56wNihuxbgep%2BP8vefoaU2OFVORl%2BiMtaBUnBmp914Rn8Z%2B%2Fm9eqdLox2rkkkp0%2B0kIdWsO%2FDna5yaOtczZy7NFMqyE4CDlv1oIQ2%2FYBiBYQvfVEJZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85ce779f1e40d6d6-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
mm.m-m-m.world/ Frame 4347 6 KB
2 KB 379ms
115ms Document
text/html 65.60.9.236
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://mm.m-m-m.world/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=30418309&cid=90affC1709184122aff9653c52782677a577a307
Requested by: Host: ucaba.live
URL: https://ucaba.live/go.php?go=https%3A%2F%2Fmm.m-m-m.world%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D30418309%26cid%3D90affC1709184122aff9653c52782677a577a307&do=42f6a8b4ed7521d71540ccda72dc90ee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.60.9.236 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx /
Resource Hash: 01270c52c3b54aaed960cce69eeaec8cdda6640d1080850f09a48ba8e5cf7ee1

Request headers

Referer: https://ucaba.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 05:22:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 rhd Show response
graipeepoo.com/ Frame 458B 3 KB
3 KB 244ms
243ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://graipeepoo.com/rhd?rb=msYH63AA8eybnNP9RFVSoDcMasiwPJVE9KjwT4SZFtpVdGpBEqEg4UikZA1lMMI4K8hhZ4CdGsyElOSybgiM45CKAzl_WCnEYbepqlRl4-VQX4nxNw2jUThfOGj10Vx90uAT0vUnkNKlht2SO2OWqN-A3dN4igHG6XP8oo8Uu1YyaEIzJg13tFpu6PCli4mpMTYL2cYhpGYnwyj0OsjtlEYqgzaR0Pt0s-SGzW3jeiShYZBLePFNiPM0tA6WZSC7hnbkepGBAF0hLmBecK5mXH2zsZjtlqOQjTvnGK8wl0SxtGQLcK8gKkDPdGwc0cEth02ZU3O7KsmhkNkKs1ffuS0lpIH1WNqxUw-NjA4EH9dZiTSWaHYJzJJOZzyV2R3gSJb7n9RWTV8K8l_13LD-VJRpfuhDuqBbCKEelC_Iv0zgQWk4QfoLfvtMs0MVR_BG2HwadpEHI-CSJrVraZ2fojHbg4co7W57KGjquz80yErW-Y3HvURaPDjWuro_5GFCliKQ_7MXZKVhJwNlAUeWjNvb2bK-ntIhkKyNRWFVcDNol9Ug&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1200&wih=1200&wiw=1200&wfc=9&pl=https%3A%2F%2Fgraipeepoo.com%2F%3Fs%3D786937847843401986%26ssk%3D9df8bcd79abd99a3b300f30e5af7d1c8%26svar%3D1709184122%26z%3D7144035%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=7144035&var3=786937847843401986&ymid=&rhd=1&m=link

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c03d206c330b8547204fb40f0c1fb6d1f20026bfdf6ba490c9eb508c144e73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 4b10979d313d700fa1c0277da61a6cbd
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckOq6SkQzHjMeUtEpPIwCLKUPfMW5NAe9Z0j5R9H7WE69aw6W38UQEEO9txjGEW2KSuK%2FLunZn90LU%2FMY%2FW3JGzs%2F6Ali9wl3zbvDmwrUQsB4KzRvPZnV15sOhUvCqVC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85ce779f5e55d6d6-CDG
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 event
amunfezanttor.com/ Frame 0
0 43ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amunfezanttor.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://graipeepoo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://graipeepoo.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 29 Feb 2024 05:22:02 GMT
server: nginx

POST
H2 200 custom
jouteetu.net/ Frame 458B 0
0 44ms
13ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://graipeepoo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 4662709
graipeepoo.com/sw-check-permissions/ Frame 458B 0
884 B 46ms
46ms Other
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graipeepoo.com/sw-check-permissions/4662709?var=7144035&ymid=786937847843401986&uhd=1&zoneId=4662709
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnSU9loieenExKkMyE8DjF2i2SbIMuUl%2FChQZsRtRrEOTFWn3Wx2rEImzmsz5QJOYgMPvr%2F4GoWtpBYo6IJNWXmk3qjhdQwsWsAvGAlVt73QiVbUjdszS9ZXwgBHZdOnHA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 85ce779f6e5ed6d6-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ Frame 458B 0
0 42ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://graipeepoo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
graipeepoo.com/ Frame 458B 0
429 B 44ms
44ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://graipeepoo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=graipeepoo.com&var=7144035&ymid=786937847843401986&var_3=&var_4=&dsig=&tg=1&sw=3.1.492&trace_id=468a49e0-975d-4c33-b127-33f6ec19fed4&action=prerequest

Requested by

Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 6c122ed3e03d07e1211eed1585d6968a
date: Thu, 29 Feb 2024 05:22:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qThNibmYqOJBOnovOtZuNod3gy14pEJ55habE5HWX8jaMb3LwlZ4sValD1pzLmqOQXoEYBKC1Htiy5Rf0HJJVwz5CVG1OFpMnZBBZ1OwYFxIGckiG9syE19IpwTDhJKw5A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://graipeepoo.com
access-control-allow-credentials: true
cf-ray: 85ce779f6e5fd6d6-CDG
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ Frame 458B 0
0 43ms
14ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://graipeepoo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event Show response
amunfezanttor.com/ Frame 458B 94 B
353 B 77ms
52ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amunfezanttor.com/event

Requested by

Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

24e783c0e1fdc3681e146756ba00ab3ea157817ad26c865da35c4f955c581c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://graipeepoo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Feb 2024 05:22:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://graipeepoo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 94

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ Frame A036 58 KB
13 KB 53ms
23ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lltrco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1217212
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STK2S2P%2FR%2FwDdy1IHVgrosCIY6rEm0E%2BN9YNZBE24CHfb4Z4gtgyVFG9vPJhFYs4gPkC3IXaWVMO2A%2BjB21VmYkdBGGOeFtBuNdfZtbs46zv5AsKemWIv2sqBRhIloedGTjstsEGpBGNfn6vo99zKdo2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85ce77a23fb3670f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ Frame A036 26 KB
5 KB 51ms
22ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
Requested by: Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lltrco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1474591
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuOeXfmGzEoziPHHpoE%2Fw2%2B%2Bjrn9nyvdqSXWSs%2B2vIUAMRfMMmPEEnhIL6M965fqMG365Ua%2BNsIsfEWAeMT3MstmvsWXF8bplqTdyeXjb2GY5o8Xgs1PtTY02tnzrHKXCVz8ySOCUdVEXn2YhlJ%2FDaaN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85ce77a23fb1670f-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ Frame A036 84 KB
27 KB 14ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lltrco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7854801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ur0JlzG5nrMElFzE6LvFonUIk%2Bu2ryDoIPblcMPuBNIXKryddyGA62u6ApFrw4dIlT6lDmvZewsO7kt1HauKLL6Ks%2FKV8GPpTLhIOXGrVOzahk0BJ5BnO9GOwbVPc%2Ftq1dKYqgh%2BSoL%2Bz8roFki3QgaH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ce77a1fe823a6e-FRA
expires: Tue, 18 Feb 2025 05:22:03 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.4/ Frame A036 235 KB
63 KB 6ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by: Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer: https://lltrco.com/
Origin: https://lltrco.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 14381923
x-cache: HIT, HIT
content-length: 64296
x-served-by: cache-lga21924-LGA, cache-fra-etou8220040-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709184123.199228,VS0,VE0
etag: W/"28feccc0-3ab2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 73

GET
H3 200 js.js Show response
lltrco.com/ Frame A036 16 KB
5 KB 26ms
25ms Script
application/javascript 2606:4700:3033::ac43:8016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrco.com/js.js?r=16
Requested by: Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07915396820e5aab29a617b6b14718adc85cd1be97edc94cadeab4ef03381863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lltrco.com/?r=valwp&ai=126538&at=a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 06:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1185
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp9Cq6TVPbL2jJCFVC4GCCXFtZqstdb%2FNfvwKLwO1rYFQdz0I2rUoBwvvd%2BT26YeEeh19IsuHkxvIkexxVaj%2F80ntIeP2D1cKG9BYNiTrhpt%2Fcdga9z7cS8sH3iuNGEgn4%2B8NCbzn9nj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85ce77a20c04286d-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
llpgpro.com/7zfv2gk4/ Frame 8769 17 KB
5 KB 754ms
700ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llpgpro.com/7zfv2gk4/
Requested by: Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fafb52b1c6bf3ec5dc291aeb105ace48a1f8d4d1733016864f00b3867284e8be

Request headers

Referer: https://lltrco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85ce77a2de452a20-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 05:22:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7sj6T4w9tX1r1rlvJJFVu%2B%2BWFKkA7wd6vLTIk%2FRvdbZoMGzkhk2b%2FIRrbCCg1wRyvhf%2FBk6E9cbePnzLa14zQ5erB9TyZHoeasuueknSf1kGpHuFQZ2RA6LxCQRbAmSj9x6jm0hAtshjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 set.cookie.html Show response
llclick.com/ Frame 0DEC 382 B
691 B 441ms
246ms Document
text/html 2606:4700:3035::ac43:b7f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llclick.com/set.cookie.html
Requested by: Host: lltrco.com
URL: https://lltrco.com/?r=valwp&ai=126538&at=a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7e47ee93c425dcf31b71e9e50bb02812fe20d8f3910eab06f6cf16187a9ffe

Request headers

Referer: https://lltrco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85ce77a3fda94299-EWR
content-encoding: br
content-type: text/html
date: Thu, 29 Feb 2024 05:22:03 GMT
last-modified: Thu, 31 Aug 2023 06:32:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTwDUKObUhD4jTF%2FFhIaBRgmqa6JxRsJ812Mebsif5iRpo1Q2LMoFG68I1JiBAz8icMt9%2Bs8DquMI2eOI9QvbjthrasDCV%2FcgLXKrdELxQJ3VBuH3g1zqztF0JJmN6CeFnd%2BPUPM4jV5xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ Frame A036 76 KB
77 KB 69ms
25ms Font
font/woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://lltrco.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1311054
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVxiqOA%2BMITaG8%2FeKP6qKFSOwbAkTSdG9l7%2FtnjQ9W7RKF9588Tdjpe%2FiKc9%2F%2F6%2BmuK90GGBVe4yd%2BdtYH0riFql25PctiaIqTx2giwkOpRu82i4PRLWIe%2BYIQ5jF5TKhuMPYHathPwgvAof6m8N5cV7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85ce77a2c88fb8b5-AMS

POST
H2 200 custom
jouteetu.net/ Frame 458B 0
0 12ms
12ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786937847843401986&var=7144035&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://graipeepoo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 cat.php
graipeepoo.com/ Frame 458B 0
791 B 43ms
43ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://graipeepoo.com/cat.php?userId=00801145f90c403bfb08ff328c0eec53&zoneid=4662728&rb=0ZHe9DKR3SgItrKt1lY7Bz74J7gU4Z2BlBgDFtrsrAvYTPUdrXM5DL_Yo6gdPMlQwBsbj1bQYqZ4H9HWIfoQwz8PWKssm9eY3489PTnxgbN_S91pBMkuBM91QYUKBGokgdIVY5DHOEEYZM5rM1gIkTB5JnDhLU0cb9NcyWj8btzKWksjCndwL0CJiUmyIHMRSJlbyUY9_fJJloJyL6i3cTNbmSVKqg54Mjc0YDkDuRGlkz3Xz0F_G1aJxnR5CzMpxaiIG4cds6bJQO0dRAuVDBVLgU5tw_lDG83ZA0Xb3NuR7bgJ-8zokPggRYM3qHwRTKaxXAQt0leCYqtMT9ZnxXRluvMHmK9X2P-G3r1qYKIgR6mtgCxTG01fqmqzCXHDv5gBw9mkjVgxd4cM7Jzb802DtETzssqbg60N3EaXe3w3ob_XuScjiBpBfIklvzt196HMpSx_HBEtAbtsAzBTqoXjyofkq74kN_wDrIl8B-3OIIQXtQ1qX7NOLK8ovy7IwPD9K6MTjNKFah399t_wJSMc0nuHtgLxN3OX-WFKcuCPlbvWXBSgAQ==&var=7144035&var3=786937847843401986&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 05:22:03 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 9924bc1affdb83bbc92c9d8e9b592fab
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvogzcKRBNsOVGGdCYrsL26R665igrQo%2BPFqd9kx5isUwpUwDz3QhXDc8tN56zlm2nmlREe8VXMyMGio%2BTbeToBoU23ZiZCbZhEYgUmgdCr4ZXEc%2BJWfq0eUj5%2Ffl0rgaA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://graipeepoo.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 85ce77a29a96663a-AMS
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 styl.css
llpgpro.com/ Frame 8769 7 KB
2 KB 27ms
25ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llpgpro.com/styl.css?v=37
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6cb8d9614869f27fbcc5334c17d72895e5a8635f58c8a8b404928f92be74157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/7zfv2gk4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 13:07:48 GMT
server: cloudflare
age: 2374
cf-polished: origSize=9596
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gJ%2BwNwQzxx1f7%2Fuabafg%2B%2F3lhr4CQHH00N2MDEH3Od1s1EzI3MNzEG5eBysJmKrLNiGtoR0HKxdQkiOCchT2wmQFWkBce73H0b3iB1hMphJAjzdleBf858JQAYimdutcc81sfUlbvdnFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85ce77a739a22a20-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ Frame 8769 32 KB
2 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e10c62662eb09297097dc4b10625b20f2692c592b0b430d061813669154a9f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:11:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:04 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ Frame 8769 58 KB
13 KB 24ms
23ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1217213
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNwNrv5AExqDDW4dwQi3WJ1lUatXIclMSJ8nYrwwajboz47kqtaAuJ%2BsOzXHHjg8yQQGQ635uVZ4n14K%2F%2BeSFzYq3WBC082yhiwazE62hsv2%2FDaPiBEjWBH0b%2FjVECQDfegGfkdAFk%2FXUAOa95g0R5Rn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85ce77a73c5b670f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ Frame 8769 26 KB
4 KB 23ms
22ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1474592
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BrdWGYEoPWy8yLexFhFlgEE6VKRN1sBESOR7SkpgPtlvajmJpq7JHOzr%2BwFmUoVYJ1dJG0RlHbcCFbvLRxeNjLTZTLlNVqXHxy%2FtXfwRVD9ijCeLLrUYbYi3BE%2BzTCq8H1k18QyDHwg0HvCk1Y6uRIq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85ce77a73c5e670f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 animate.min.css
llpgpro.com/ Frame 8769 94 KB
7 KB 27ms
26ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llpgpro.com/animate.min.css?v=2
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7391e2e933546fa6834fd409412ae3a0b5c3be77edea6e0e18d1947411f8d6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/7zfv2gk4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 12:22:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2957
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fgr5KqXvBtBQ5IPQkW9AcrIUDgaGRcbq1JCt6ffcOjJ7DIA6eC4tmrDny5E6cvtwZoSQmG3iEmVj5dU2IA4ZlfbYQfHm06Goc4ypRGKDknIJdL0V6S9eww%2FmXKj%2Fx9Hero6JLxV567MqHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85ce77a739a32a20-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ Frame 8769 84 KB
27 KB 14ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7854802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciY79MhuLhmgVni1SkqfJBYjcKkgl%2B09661ho5WSEXbRYGhIweDGKziQZaavZMW3%2Fs3gKD2hZQEjAch3Ux0sgXXhOz1q4XhzmUyrrRm3EHyGKUVrTHmKrXLKb1QETNcsSsejOSufS7zSjhvCBPQ6s8vR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ce77a739ab3a6e-FRA
expires: Tue, 18 Feb 2025 05:22:04 GMT

GET
H3 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ Frame 8769 248 KB
56 KB 20ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57137
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-3dee5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9C501GOMXD61sgoDCgoGwPnFbKwxc9kAJSSoJDL%2B%2Fczlb4ZU7vXjCuLz37YpgTqsJ6Lb6taf0W2d7Ze7QrjL1kuUK9eT4GIy%2BoARjpUx%2BImLxVUL05f0tBSLGB1kxI8tpjiUrvFHlRsv5bDezRqQtUXL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ce77a739ac3a6e-FRA
expires: Tue, 18 Feb 2025 05:22:04 GMT

GET
H2 200 js.js Show response
llpgpro.com/ Frame 8769 6 KB
2 KB 28ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llpgpro.com/js.js?v=35
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183752f488a3528e7b9da7ebc5d64311820276c19db9d36196ff79f41c55dcb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/7zfv2gk4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 14 May 2023 13:38:20 GMT
server: cloudflare
age: 408
cf-polished: origSize=9198
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEeufftvNlkr5hxVYEbILUJWN9GHJqev7T6nqA5vcVVg46osMMzlVHUClGVxF1jqXgniJn93oOzS%2FC37kfo1psQQhfq2SVZdOKbsKfz8H93BOp4saJh43bh84H897vgR42Ce2Tsq4TfiqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85ce77a739a42a20-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 cd.js Show response
llpgpro.com/ Frame 8769 5 KB
2 KB 25ms
24ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llpgpro.com/cd.js?v=1
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3784c1fe62163ee5d7dd9d42a9673edf79a60d4d59e8c1c3b3fa666a2c6dc4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/7zfv2gk4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 12:22:09 GMT
server: cloudflare
age: 7128
cf-polished: origSize=11129
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgKKcGpudMxPjdwHQphmie2l3PPcW0WoUj1PyJis77c%2B%2BAXmKG%2Br4nAhZeZIricHP6EhfgK0p0H33SFRO6lZCt6i5zB1iL3UaonhJlOsSmXiRyDIHR8TcZXsIuik7%2BDxFixlP%2F7leZoQLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85ce77a739a52a20-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 keyte.609544ebb2331.png
imgallery.llsvr.com/ Frame 8769 5 KB
6 KB 110ms
23ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgallery.llsvr.com/keyte.609544ebb2331.png
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c106d9b168684c158bb856e3f0b9a27694aa1a58dd8612566de672b1b65c7596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 01:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 600
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fV2O8NLqrTqiNURKAVHx9YDzLtRtM0SXOmnzOJwL2KyO%2F9%2FpuMOljdZLax%2F1K01zSuZBvEcucnWtE01dRbXKcneOAAIDkaotzA8f3Gi%2BhEFh8MFshDrU1cxdrTlnixMx19cMizqwycXXwrCv0vl0wOd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85ce77a7cbe7d3e0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 5228

GET
H2 200 RCkuz2hRmTo Show response
www.youtube.com/embed/ Frame A60A 83 KB
36 KB 97ms
77ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e51f890f2689c617c07e7746706d508bfe9edbeec11a1cb9329cd33138ad37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://llpgpro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 05:22:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 by66GN5PiO4 Show response
www.youtube.com/embed/ Frame 47EC 83 KB
37 KB 90ms
69ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

727de19ad42d71852b4d057b59ba0927a06c28e4a77cee5026235497597ccc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://llpgpro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 05:22:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5edfb3649e650.jpg
imgallery.llsvr.com/ Frame 8769 171 KB
172 KB 666ms
629ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgallery.llsvr.com/5edfb3649e650.jpg
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b33981f9c1baec33d2b46fe7ecfe7784dd4fca8d073949d99880452bcb4fcd28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Nov 2022 03:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt%2BBbXlVfvjXLFFiPd67trRK3yGBmI5BSBuX8RO%2F1TiKdGgpGE60t8t4qN90ZNKSljL%2BrgL4SKtGp4lxaMYIVjlzjbtOJOsIf3BOeWF8qYkYjWSlrIMPUtezcIwoUEXBPZUcSybGFnttuw3Huvrk6VDz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85ce77a7cbe6d3e0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 175400

GET
H3 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 8769 38 KB
38 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://llpgpro.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:03:27 GMT
x-content-type-options: nosniff
age: 159517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:03:27 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/6f21feb8/ Frame 47EC 366 KB
47 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f21feb8/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02646b2c342cb5363a9660d29ceed6d9782d55e6942246aad5314aa0535b67e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 19:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47564
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 05:17:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 19:48:40 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 47EC 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:03:23 GMT
x-content-type-options: nosniff
age: 159521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:03:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 47EC 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 11:07:48 GMT
x-content-type-options: nosniff
age: 497656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 11:07:48 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/ Frame 47EC 53 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00732070a52651933a041c9f8605ea1bcfcd5f564625227d50a04357c40c43bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16848
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 05:17:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 08:24:14 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/6f21feb8/www-embed-player.vflset/ Frame 47EC 319 KB
95 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f21feb8/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97346
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 05:17:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 16:34:52 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/ Frame 47EC 2 MB
779 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7efffd503ab4644a8612ad2d71731641930e4f183bb64e1d9e3002b9b1978675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 797238
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 05:17:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 08:24:14 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/31eb286a/ Frame A60A 366 KB
47 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47553
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:25:13 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A60A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:03:23 GMT
x-content-type-options: nosniff
age: 159521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:03:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A60A 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 11:07:48 GMT
x-content-type-options: nosniff
age: 497656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 11:07:48 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame A60A 53 KB
17 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16861
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:25:13 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame A60A 319 KB
95 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97346
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:25:13 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame A60A 2 MB
779 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc2ce62ac6120c9603ccf6aa97b996e11b061d0d9361fe5662946bfefaeb8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 796820
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:25:13 GMT

GET
H3 200 poweredby.jpg
llpgpro.com/images/ Frame 8769 6 KB
6 KB 27ms
26ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://llpgpro.com/images/poweredby.jpg?3
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16d702e8406990b1ad3c9b265c18ab8aa1f0622866405a47ebf5f7488df694d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/7zfv2gk4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 13:16:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2620
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1t%2BwMErIxXV0SzsgQ7s01eaR0jwJ8TKRafCFKbe8WtqBDyy5nvyCfr%2FCR8%2B2mJ2lPnA47QqY98%2BWypCnkDInK1j%2BSHykCvB87cuS09G8Q8GA6CbZn7kI81IuzqRqyeQqqnnOxFn3GxHzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85ce77a83f62b8d0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5981

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 8769 993 B
517 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 29 Feb 2024 05:22:04 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ Frame 8769 37 KB
12 KB 67ms
27ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Thu, 29 Feb 2024 00:39:06 GMT
Date: Thu, 29 Feb 2024 05:22:04 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish
Age: 778
X-Cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11228
X-Served-By: cache-fra-eddf8230106-FRA
x-player-backend: g
Server: cloudflare
X-Timer: S1709184124.253744,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-bapp-server
Accept-Ranges: bytes
CF-RAY: 85ce77a87c89bb59-FRA
X-Cache-Hits: 325

GET
H3 200 jsbottom.js Show response
llpgpro.com/ Frame 8769 12 KB
3 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://llpgpro.com/jsbottom.js?v=32
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 206e14a76ef1bb3503973dfa4892022d2480767b2d02788696eda08a3ee7f698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/7zfv2gk4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 22 Dec 2023 02:05:21 GMT
server: cloudflare
age: 2076
cf-polished: origSize=13257
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxEee1%2FJe069gwwR4u1p%2BLzaI5JV967NjffKFN9crZZh3XP7bYohNXJyizXrSD8i2WGAR1Ml0wRu%2F8%2BJPHGYBXuuuf0728N%2FTRVkxAljOT5XRAuTeoqd5D%2B9cMK8Sd89ag6FsS49g%2FmlDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85ce77a83f64b8d0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 741663 Show response
ad.a-ads.com/ Frame 2591 14 KB
5 KB 12ms
12ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/741663?size=300x250

Requested by

Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptpm.php?ref=admin&sitetype=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

3729f6ffbbd7e8917d3d48f82cc0c5743676bbd15b83c5bfed06a488e1f20497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 29 Feb 2024 05:22:04 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://traffic2bitcoin.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame 2591 5 KB
670 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/741663?size=300x250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 04:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 05:22:04 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/491507/ Frame 2591 38 KB
38 KB 13ms
12ms Image
image/gif 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/491507/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/741663?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.69.40.188.clients.your-server.de
Software: nginx /
Resource Hash: c5367e5f428e9fd59190a1b596d4faed42de411b38925f36963b576a5c685302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
x-amz-version-id: 3d3wrXNvDUiQajjFKy0EcP84bp4WuvnP
last-modified: Tue, 28 Nov 2023 17:16:38 GMT
server: nginx
x-amz-request-id: 4S65GZR528TNRSQN
etag: "feba7e24001b5b2c507d310e7cae6650"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 38695
x-amz-id-2: mE1BN4LwQuW4i13VBqsdrKX7PC3Mh+t6FK1Z+zZxme7Ubin7YGnKwXY0Gux2cCRiP2K7AQKiAeQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/ Frame 8769 215 KB
67 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://llpgpro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68331
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:25:06 GMT

GET
H2 200 set.html Show response
pixel.leadsleap.net/ Frame E2FF 2 KB
954 B 525ms
479ms Document
text/html 2606:4700:3032::6815:99

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.leadsleap.net/set.html?n1=lllpga184671&v1=610145.29&n2=lllpgb184671&v2=610145.29&n3=lllpgca167482&v3=184671.610145.29&n4=lllpgcb167482&v4=184671.610145.29
Requested by: Host: llpgpro.com
URL: https://llpgpro.com/7zfv2gk4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:99 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f

Request headers

Referer: https://llpgpro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85ce77a8ff63667c-AMS
content-encoding: br
content-type: text/html
date: Thu, 29 Feb 2024 05:22:04 GMT
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNOPELmZxk%2FU4dk49KE4NNIYinT5dLem8ZO8kVkJrLQTgTn7rMa3s8n8EEUJlZZcvjABQUmA3Np7D5Ga9hwV646oJIcAOe0h5%2BgTtSoiRjlNO9JA5C1b6hDQAXMP7Xg7FJY3UK2yYpzjHHMzAl6D8FZE"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 2591 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 2591 46 KB
46 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options: nosniff
age: 160255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:09 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 47EC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

14ms
14ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a4c3fd4cbab3ea3bb0d242dd939aed7530d7f89ed81cb015cd47e6cdd63add7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Feb 2024 05:22:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 47EC 29 B
495 B 32ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f21feb8/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:15:40 GMT
x-content-type-options: nosniff
age: 384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 05:30:40 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
14ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 29 Feb 2024 05:22:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 47EC 87 KB
40 KB 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d73e9324194be5bb0163e1334368c4444da2c979deb2c8664aca7521321d778f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40693
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 47EC 0
19 B 15ms
15ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=1fW0mLZZbeLMR3zQ&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153866%2C23097%2C53633%2C84737%2C30066%2C6252%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9954%2C1191%2C26497%2C1598%2C3460%2C1908%2C2%2C1153%2C6416%2C1127%2C662%2C10904%2C838%2C9186%2C1364&cl=610595970&seq=1&event=streamingstats&docid=by66GN5PiO4&qclc=ChAxZlcwbUxaWmJlTE1SM3pREAE&embargoed=0&cbr=Chrome&cbrver=122.0.6261.94&c=WEB_EMBEDDED_PLAYER&cver=1.20240226.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0;r.Video_nicht_verf_gbarsr.Dieses_Video_ist_nicht_verf_gbar&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/by66GN5PiO4?si=Ohle-Rq_OuT4Lvlz
X-YouTube-Client-Version: 1.20240226.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtBLUpVRUNoRmdIMCj8qICvBjIKCgJERRIEEgAgTg%3D%3D
X-YouTube-Ad-Signals: dt=1709184124285&flash=0&frm=2&u_tz=60&u_his=27&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C820%2C460&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 05:22:04 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 47EC 339 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5454260cb57fed502b6c52bd5d11d70b142ff51260e62c6ed740738c908b783

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A60A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
14ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a47f11bf4fbe5755c5e6bbf1a48a42d401e38d31261e07d93c5e481bd61d21f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Feb 2024 05:22:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A60A 29 B
89 B 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:15:40 GMT
x-content-type-options: nosniff
age: 384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 05:30:40 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 29 Feb 2024 05:22:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A60A 87 KB
40 KB 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16e326487a0bb72f3d16e86f31483d3e8fa88d815798ffa870ca4526fb946817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40881
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame A60A 0
19 B 16ms
15ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=pa_7YBVrE_vR7xTE&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153837%2C23126%2C53633%2C60173%2C24564%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C11591%2C4558%2C9954%2C27688%2C1598%2C3460%2C1908%2C2%2C1153%2C6416%2C277%2C850%2C663%2C1760%2C9982%2C6246%2C2939&cl=610953138&seq=1&event=streamingstats&docid=RCkuz2hRmTo&qclc=ChBwYV83WUJWckVfdlI3eFRFEAE&embargoed=0&cbr=Chrome&cbrver=122.0.6261.94&c=WEB_EMBEDDED_PLAYER&cver=1.20240226.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0;r.Video_nicht_verf_gbarsr.Dieses_Video_ist_nicht_verf_gbar&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/RCkuz2hRmTo?si=CrhPd7-3aogdpaIz
X-YouTube-Client-Version: 1.20240226.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtoZHg3Um9PZ0MtUSj8qICvBjIKCgJERRIEEgAgXw%3D%3D
X-YouTube-Ad-Signals: dt=1709184124307&flash=0&frm=2&u_tz=60&u_his=27&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C820%2C460&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 05:22:04 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 29 Feb 2024 05:22:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 47EC 90 B
134 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f21feb8/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

917d3d24b374d907b5a8cae1235e76fc73d6fd3f32bc5bf7a3036c6f762d1e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A60A 339 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5454260cb57fed502b6c52bd5d11d70b142ff51260e62c6ed740738c908b783

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 29 Feb 2024 05:22:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A60A 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74a2b3ee21b235738c1a0fb4096f4b6844dff6807038ac957c5f57728f75fd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Feb 2024 05:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: neon.autos
URL: https://neon.autos/110769

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r-q-e.com/1977075722ccbd242585/eb3dda870d	1970-01-20 18:47:50	Name: shown1 Value: 0
r-q-e.com/1977075722ccbd242585/eb3dda870d	1970-01-20 18:47:49	Name: total_impressions Value: 1
viacrypto.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: bba5a8cbc89cd21495baa45971e2edfa
joathath.com/	1970-01-21 03:32:00	Name: OAID Value: 0080116c27de41b9f69f2db1c3e56356
joathath.com/	1970-01-21 03:32:00	Name: oaidts Value: 1709184122
my.rtmark.net/	1970-01-21 03:32:00	Name: ID Value: 0080116c27de41b9f69f2db1c3e56356
r-q-e.com/	1970-01-20 18:47:49	Name: used_ad2938402 Value: 1
joathath.com/	1970-01-20 18:56:28	Name: syncedCookie Value: true
graipeepoo.com/	1970-01-21 03:32:00	Name: OAID Value: 00801145f90c403bfb08ff328c0eec53
graipeepoo.com/	1970-01-21 03:32:00	Name: oaidts Value: 1709184122
llclick.com/	1970-01-20 18:46:24	Name: hidead Value: 1
.llpgpro.com/	1970-01-20 18:47:50	Name: lltkrl184671 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _dpl4Ou-NC4
.youtube.com/	1970-01-20 23:05:36	Name: VISITOR_INFO1_LIVE Value: hdx7RoOgC-Q
.vimeo.com/	1970-01-20 18:46:25	Name: __cf_bm Value: jXK.wBfG0XuahcfMJ3UHnAn0ruJvxDKZRwClk4dmwtA-1709184124-1.0-AUXdlGQhdtekSqGojgQy8G3siA7pQNd7d1ahOTdDCutngQB2PY8WBwNH7QKqiKCOvoZ3TxXMb4ByhHtMylkJtRw=

88 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://viacrypto.online/(Line 120) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://viacrypto.online/(Line 120) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://static.surfe.pro/upload/2564953/4bff53fc134483c99ca6ca8fe0ab85f2-468x60.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.surfe.pro/upload/2564953/881b3f0cae2e413b1fab2da551bbce55-300x250.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://viacrypto.online/(Line 161) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://viacrypto.online/(Line 161) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.topcreativeformat.com/b86f04e711b809f039f3e29d43703cfe/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://viacrypto.online/(Line 196) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://viacrypto.online/(Line 196) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://viacrypto.online/(Line 213) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://viacrypto.online/(Line 213) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.topcreativeformat.com/4a5c412bda2d2d8ac170639fec2d111b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n= Message: Mixed Content: The page at 'https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n=' was loaded over HTTPS, but requested an insecure element 'http://www.gravatar.com/avatar/fd6fb86bee9b5174db46a7fd3ea6d4cf?d=mm'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n=(Line 45) Message: Mixed Content: The page at 'https://submitads4free.com/_tecoop_top.php?c=1380&p=0.5&n=' was loaded over HTTPS, but requested an insecure element 'http://www.gravatar.com/avatar/fd6fb86bee9b5174db46a7fd3ea6d4cf?d=mm'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://joathath.com/4/7144035(Line 46) Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://graipeepoo.com/?s=786937847843401986&ssk=9df8bcd79abd99a3b300f30e5af7d1c8&svar=1709184122&z=7144035&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60(Line 156) Message: Mixed Content: The page at 'https://traffic2bitcoin.com/qlt.php?ref=admin&keycode=6918&type=&sitetype=1' was loaded over HTTPS, but requested an insecure resource 'http://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=786937849328177221&os_version=10.0&oaid=0080116c27de41b9f69f2db1c3e56356'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://viacrypto.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adalso.com
amazingfreebitcoin.com
amunfezanttor.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
datatechone.com
firefaucet.win
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graipeepoo.com
i.ibb.co
imgallery.llsvr.com
jnn-pa.googleapis.com
joathath.com
jouteetu.net
llclick.com
llpgpro.com
lltrco.com
mm.m-m-m.world
my.rtmark.net
neon.autos
pixel.leadsleap.net
player.vimeo.com
r-q-e.com
rt58.surfe.pro
stackpath.bootstrapcdn.com
static.a-ads.com
static.doubleclick.net
static.surfe.pro
submitads4free.com
traffic2bitcoin.com
ucaba.live
use.fontawesome.com
viacrypto.online
www.google.com
www.gravatar.com
www.gstatic.com
www.topcreativeformat.com
www.youtube.com
xthread.net
zerads.com
neon.autos
104.26.1.221
139.45.195.8
139.45.197.242
139.45.197.250
139.45.197.251
161.97.139.136
162.0.208.108
162.159.128.61
162.19.58.161
176.9.82.58
185.66.201.43
185.66.201.7
188.114.97.3
188.40.69.138
192.243.59.12
195.201.179.80
199.85.208.28
2606:4700:3031::6815:2dfb
2606:4700:3032::6815:99
2606:4700:3032::ac43:ddae
2606:4700:3033::ac43:8016
2606:4700:3035::ac43:b7f0
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700:e6::ac40:ce26
2a00:1450:4001:806::2006
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a04:4e42::649
2a04:fa87:fffe::c000:4902
2a06:98c1:3120::3
2a06:98c1:3121::3
37.48.68.71
65.60.9.236
00732070a52651933a041c9f8605ea1bcfcd5f564625227d50a04357c40c43bb
01270c52c3b54aaed960cce69eeaec8cdda6640d1080850f09a48ba8e5cf7ee1
02646b2c342cb5363a9660d29ceed6d9782d55e6942246aad5314aa0535b67e7
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07915396820e5aab29a617b6b14718adc85cd1be97edc94cadeab4ef03381863
0a4c3fd4cbab3ea3bb0d242dd939aed7530d7f89ed81cb015cd47e6cdd63add7
1237af47fbb6ebb5642f026c4f3c840c0a0ac041833739809bf76f9252d2e47e
16e326487a0bb72f3d16e86f31483d3e8fa88d815798ffa870ca4526fb946817
183752f488a3528e7b9da7ebc5d64311820276c19db9d36196ff79f41c55dcb4
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1e51f890f2689c617c07e7746706d508bfe9edbeec11a1cb9329cd33138ad37e
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
206e14a76ef1bb3503973dfa4892022d2480767b2d02788696eda08a3ee7f698
20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98
24e783c0e1fdc3681e146756ba00ab3ea157817ad26c865da35c4f955c581c89
25e661cfecfe47a9de3f58d99e557334c275f086f3108ad35bdd26c06da11520
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2bec271c877cd4904b973f17969fbc803c7822f6e2a11de86a8f3f763bb7176b
2cd31d3dad556ae1a88fb9e47fe80d3f86b80f94dffe2777e2df9ace67bb887b
2d387fc7505492b25a45e1c5ac11fedabf68972d2f83886b789c11b29e13a816
2f9128a95d6586faf8671822972bdc4839db0473920fbc8943af6fc89ecd3d63
3729f6ffbbd7e8917d3d48f82cc0c5743676bbd15b83c5bfed06a488e1f20497
3784c1fe62163ee5d7dd9d42a9673edf79a60d4d59e8c1c3b3fa666a2c6dc4a8
3c03d206c330b8547204fb40f0c1fb6d1f20026bfdf6ba490c9eb508c144e73e
3cc9974f87807068074e115068eab61357a8a53fd866b0e324ca1030415590a4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40cb27bb01b024b3c5e99b2796dc57f0b9639997120e3b1e5fdf33a08e130a6f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48017e572a9e392ca3e31ca56f5773bdc65a71b954985de96b5fd55a1c5856ef
49a760c6c300f7a913ad3cdb750db9a042afc42078f4cf42057b69a6deeb0872
4d7e47ee93c425dcf31b71e9e50bb02812fe20d8f3910eab06f6cf16187a9ffe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
510c92405ce7edbe9ee2be774b3cd37d4da696b91e5670da4f1cdcf2dd92285d
534cf1d51acd23c04308c3a2fd8cd83c570fe4d6f6f0f0d38f65c20afb034fe5
54ff068f75ab9c67ef582a75bc9117ebee2bc972450f961051b24858d2a975e6
553ee2ad1a6ba7a8f7c57407f08d6e7d0c6882e2f4dac015d333b6d02f28e08a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
57689b832bd238591d21be25ecdd1e19d0e19f4a034b280f0f84e3b440361cdc
59128ec09a83e1b8db398b4f6453e4b62ef854d47b840bf3e7fd61079edd139f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cc2ce62ac6120c9603ccf6aa97b996e11b061d0d9361fe5662946bfefaeb8f1
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
61f7e26c6ad93bf9ccdb21d17f98acc4b9ffc768bd0828f284ded84becd2f555
67070e916a48741c0b08343a14a033fb34b10370f7dcc47fe17654dbddcbecd4
6dc9363ab6aaf071ca92c938b836ce469239e92603d2a5d356f8061066ff1217
6f04347282fd9146362ddcfa09d805219cfb1623c4d0110eaff3444a3edbf2c7
6fef33d469dce551442de97732a87b0b0f8aa4199eb74509ec61864a64652962
727de19ad42d71852b4d057b59ba0927a06c28e4a77cee5026235497597ccc6f
7391e2e933546fa6834fd409412ae3a0b5c3be77edea6e0e18d1947411f8d6c8
74a2b3ee21b235738c1a0fb4096f4b6844dff6807038ac957c5f57728f75fd3c
7563efbc21dd025d271c1404e070d98a4fe4c9f48d5fe9b5e9f3219b329d3d79
777b4eaa9705701fb927edf69c1a3696b9f54d20c1fd512f5a48dd004ea347b8
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7efffd503ab4644a8612ad2d71731641930e4f183bb64e1d9e3002b9b1978675
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8b18e7ae1fb3b58b32f2c922dc1bbb9e9c93e2ea5a926df3970e2b3a0fb8bcc2
8e6df3aabb9cd559d042cd0b4d9456e8881ba970edf09a7f7d8908edbbc66139
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
900901d01f9da4bce2bfec899dc2636c8126310a38993456cea4912c308c93ff
917d3d24b374d907b5a8cae1235e76fc73d6fd3f32bc5bf7a3036c6f762d1e49
96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb
97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a78a8a63fbc8fb312b448c65256801eada8ae34f9d2032d1314705cab3299bb
9d4a730ddde9c2056ab0a86905f7e298161e75987ed5e7154b1f134334fbaed5
a47f11bf4fbe5755c5e6bbf1a48a42d401e38d31261e07d93c5e481bd61d21f4
a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31
a779a428c94481ae9aef61afa0a6f417e45d3a62707e2a5f5370b63041531bf1
a8a021849dc6969c3b097d34dfa63adc342a02212a9c6ddc1b29e56f9b7d88a4
ab8421c821d6e5532d419e1d4961b8a3e63a3a371418d3a6e5cf3e78607ef511
ac57b70ba3eab0c362ea11a09eed445d78280f1df1d50ae40eeb5dbee4b2e87c
ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b11d87ad0899cfe0a6899a5c492b3aaa2b824e63645d2f6a1492fabe2a04624d
b33981f9c1baec33d2b46fe7ecfe7784dd4fca8d073949d99880452bcb4fcd28
ba532897a29ca3de98b9df7240cd0f019c5c67407556cb1b6eb1a20ffaf98007
bfabd25353b2ac360037ed11897fa32fa49480479d3677225f9e50624aaa9cc1
c106d9b168684c158bb856e3f0b9a27694aa1a58dd8612566de672b1b65c7596
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5367e5f428e9fd59190a1b596d4faed42de411b38925f36963b576a5c685302
cb14e29d1c6058f43059fcc81cfa092a87e64d368e1fe02043be40518c8541cf
cbc8b94888f8b8ca748f1c6a22e724900c8a30252126bdf8a624e6c320c361d0
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
cda888fc5996163eeb56789329eb0db473b3083f5b02c953480d4dd85b358ec8
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d5454260cb57fed502b6c52bd5d11d70b142ff51260e62c6ed740738c908b783
d6cb8d9614869f27fbcc5334c17d72895e5a8635f58c8a8b404928f92be74157
d73e9324194be5bb0163e1334368c4444da2c979deb2c8664aca7521321d778f
d858a3e24fc094b6683f21b0c4c57db4d91a65618c8ebdf8054c7d6142b89bfd
dec868d3b152aa72ba91ae8ebea2719dcb69f0c8df31b7ad5428b5a4f1d26033
e10c62662eb09297097dc4b10625b20f2692c592b0b430d061813669154a9f94
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ab01c5ba8631f05e09c98d197deb83a049299812de5c55572273f9443ece66
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f16d702e8406990b1ad3c9b265c18ab8aa1f0622866405a47ebf5f7488df694d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8082da58b948dcc7c672cd881249e92d37f4b766c6531b756320bbf02bcb29b
faa31d59125ea8a13f09031f0d4cdc036e09d8e354f896ff4d20dff8107a3bc0
fafb52b1c6bf3ec5dc291aeb105ace48a1f8d4d1733016864f00b3867284e8be
fff613d9ac7c99a94ee78ffd9bc3a47566c63e03c3498db568f86e5e1d34c139

viacrypto.online Open in urlscan Pro 195.201.179.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

144 Requests

86 %HTTPS

53 %IPv6

39 Domains

44 Subdomains

41 IPs

8 Countries

6536 kBTransfer

13783 kBSize

15 Cookies

8 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

viacrypto.online Open in urlscan Pro
195.201.179.80 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

86 %
HTTPS

53 %
IPv6

39
Domains

44
Subdomains

41
IPs

8
Countries

6536 kB
Transfer

13783 kB
Size

15
Cookies

144 HTTP transactions
13 data transactions