zybermc.tebex.io Open in urlscan Pro
104.18.38.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zybermc.tebex.io/
Effective URL:
https://zybermc.tebex.io/
Submission: On November 17 via api (November 17th 2023, 8:31:58 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 21 domains to perform 82 HTTP transactions. The main IP is 104.18.38.194, located in and belongs to CLOUDFLARENET, US. The main domain is zybermc.tebex.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 12th 2023. Valid for: a year.

This is the only time zybermc.tebex.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	104.18.38.194 104.18.38.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3032::6815:52ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:2251:b200:d:b1e8:9040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:20:... 2606:4700:20::ac43:476a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	3.74.99.13 3.74.99.13	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.21 18.66.112.21	16509 (AMAZON-02) (AMAZON-02)
2	52.223.49.99 52.223.49.99	16509 (AMAZON-02) (AMAZON-02)
82	28

9 104.18.38.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zybermc.tebex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:52ab (United States)

ASN13335 (CLOUDFLARENET, US)

cravatar.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:b200:d:b1e8:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.nsureapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:476a (United States)

ASN13335 (CLOUDFLARENET, US)

api.mcsrvstat.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kuchy.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.74.99.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com

sdk-service.nsureapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-21.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.49.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1ae3036f3ddb9a09.awsglobalaccelerator.com

metrics.nsureapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	263 KB
14	nsureapi.com sdk.nsureapi.com — Cisco Umbrella Rank: 180969 sdk-service.nsureapi.com — Cisco Umbrella Rank: 173156 metrics.nsureapi.com — Cisco Umbrella Rank: 345435	72 KB
9	tebex.io 1 redirects zybermc.tebex.io	106 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	173 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 p.clarity.ms — Cisco Umbrella Rank: 7485 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	45 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	37 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 903	8 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	22 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 574	17 KB
2	cravatar.eu cravatar.eu	1 KB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	3 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	8 KB
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 23764	38 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	kuchy.me kuchy.me	549 B
1	mcsrvstat.us api.mcsrvstat.us	1 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1492
82	21

	Domain	Requested by
10	pagead2.googlesyndication.com	zybermc.tebex.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	zybermc.tebex.io	1 redirects zybermc.tebex.io
8	sdk-service.nsureapi.com	sdk.nsureapi.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
4	sdk.nsureapi.com	zybermc.tebex.io sdk.nsureapi.com
3	p.clarity.ms	www.clarity.ms
3	unpkg.com	2 redirects zybermc.tebex.io
3	cdn.jsdelivr.net	zybermc.tebex.io
3	fonts.googleapis.com	zybermc.tebex.io googleads.g.doubleclick.net
2	metrics.nsureapi.com	fpnpmcdn.net
2	c.clarity.ms	1 redirects
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.clarity.ms	zybermc.tebex.io www.clarity.ms
2	ssl.google-analytics.com	zybermc.tebex.io
2	cravatar.eu	zybermc.tebex.io
2	i.imgur.com	zybermc.tebex.io
2	cdnjs.cloudflare.com	zybermc.tebex.io
1	fpnpmcdn.net	sdk.nsureapi.com
1	c.bing.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	kuchy.me	ajax.googleapis.com
1	api.mcsrvstat.us	ajax.googleapis.com
1	ajax.googleapis.com	zybermc.tebex.io
1	kit.fontawesome.com	zybermc.tebex.io
82	28

This site contains links to these domains. Also see Links.

Domain
discord.gg
buycraft.net
kuchy.me
www.tebex.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
cravatar.eu GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.nsureapi.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
kuchy.me E1	`2023-11-06` - `2024-02-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
metrics.nsureapi.com Amazon RSA 2048 M02	`2023-04-03` - `2024-05-01`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://zybermc.tebex.io/
Frame ID: 6772A8DFEC693148650537BEA7B90255
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 59886B50373EFF3A92B53C136F4EFDD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9830135219921132&output=html&h=90&slotname=7404819681&adk=1239599839&adf=192163814&pi=t.ma~as.7404819681&w=728&lmt=1700253112&format=728x90&url=https%3A%2F%2Fzybermc.tebex.io%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700253112593&bpp=2&bdt=867&idt=233&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=6618917125440&frm=20&pv=2&ga_vid=229096413.1700253112&ga_sid=1700253112&ga_hid=909177441&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532523%2C31078301%2C31079698%2C44806140%2C44807764%2C44808148%2C44808284%2C44809054&oid=2&pvsid=468432785141448&tmod=218052160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: A3DC058CA1148325AA1966081E8F6A77
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9830135219921132&output=html&adk=1812271804&adf=3025194257&lmt=1700253112&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fzybermc.tebex.io%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700253112906&bpp=2&bdt=1180&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6618917125440&frm=20&pv=1&ga_vid=229096413.1700253112&ga_sid=1700253112&ga_hid=909177441&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532523%2C31078301%2C31079698%2C44806140%2C44807764%2C44808148%2C44808284%2C44809054&oid=2&pvsid=468432785141448&tmod=218052160&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=10
Frame ID: 93FF485F4744100FBDF089B3C84B0209
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A328D431C7E231256CAE47A75A45F0E9
Requests: 2 HTTP requests in this frame

Frame: https://sdk.nsureapi.com/sdkIframe.html
Frame ID: FCCE4862BD08182D10EE6C65EDBBF97E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 520EF4FE1ED8BDC02234F9A34085A268
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 632021CB5FF399C723231DFD0C24E824
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8ECDCC71631487EB2B8F86032C5DB0C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZyberMC | Welcome

Page URL History Show full URLs

http://zybermc.tebex.io/ HTTP 301
https://zybermc.tebex.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

82
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

28
Subdomains

28
IPs

4
Countries

4414 kB
Transfer

5872 kB
Size

23
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/zybermc
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://discord.gg/gVZgaa2myq
Title: discord.gg/minefun

Search URL Search Domain Scan URL

URL: http://buycraft.net/
Title: Buycraft.net

Search URL Search Domain Scan URL

URL: https://kuchy.me/
Title: Kuchy#9131

Search URL Search Domain Scan URL

URL: https://www.tebex.io/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zybermc.tebex.io/ HTTP 301
https://zybermc.tebex.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/@popperjs/core@2 HTTP 302
https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 54

https://googleads.g.doubleclick.net/pagead/adview?ai=CdoFduM1XZf_ePPySvcAPjrqy8AT-m6mgdN6zss-YEvLt6prpDhABIMGD6x9gleKQgqAHoAHLoIP7KcgBAakCAHcZnNREsj6oAwHIA8sEqgTCAU_Q-k1iup-5q7F92C_wV1mntIvSQbM4V2XUMYWvBPoPJhNArcq9SkPqu5pNkxYFBeA5Vb_UUc-GwU_As_2qsLGo0pt8q-q9f48k_FzIz9NCC6X4TI2WDYpQGsmt3veWRa0XzFJb4T_tjdog5A1byPjdHgHjwO14tT-5z8Kdo_uAEV4Xv1xGl4pPWYVVZ3jCTS2I1oi6B4SRlFtCA2uugA1cjaJw9zMgX40fRXyVy5T8tvB9P07rB-N-v0LE92SsHAuzwASm2Y63vQSIBcLzvqNNkgUECAQYAZIFBAgFGASAB8vY09oEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQxNUD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJF2h0dHBzOi8vc2hvZmFzdC5jb20vZHNygAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi05ODMwMTM1MjE5OTIxMTMyGAA&sigh=fUZL3TTnr84&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNV9PDiTeOfhKf5ewtHGVKX4qFf6ay58ZBkJRQCmZ1Qw1410Ayt3r9ZPS60DYtnUGQNldCOrxlzHo_bcBfHZsC3ngOONezcsqhGqkYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226140150685102238211%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211263856715%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227150975235882135713%22}&andc=true

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A164D2B6EE1548C9B8DD3CAA6227FDBE&RedC=c.clarity.ms&MXFR=2765174C0E7D630730FF04800A7D6D81 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A164D2B6EE1548C9B8DD3CAA6227FDBE&MUID=2730DFC16C3960640A99CC0D6D9561A7

82 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
zybermc.tebex.io/
Redirect Chain

http://zybermc.tebex.io/
https://zybermc.tebex.io/

134 KB
24 KB

568ms
551ms

Document
text/html

104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 465831fb8a973ec6c25a42a50d7dcc037133b523e31d821e272a7c07acae369e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=90
cf-cache-status: DYNAMIC
cf-ray: 827abd58d87739d3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 20:31:51 GMT
server: cloudflare
tb-cache-country: DE
tb-cache-group: webstore
vary: Accept-Encoding
x-infra: new
x-powered-by: PHP/7.4.33
x-vat-mode: exclusive

Redirect headers

CF-RAY: 827abd588d882c16-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 17 Nov 2023 20:31:51 GMT
Expires: Fri, 17 Nov 2023 21:31:51 GMT
Location: https://zybermc.tebex.io/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 style.min.css
zybermc.tebex.io/templates/209/css/ 157 KB
24 KB 606ms
605ms Stylesheet
text/css 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/templates/209/css/style.min.css
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
tb-cache-country: DE
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: W/"654e2fa6-27588"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, s-maxage=90
x-infra: new
cf-ray: 827abd5c4c2139d3-FRA

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kanit:300,400,500,600,700&display=swap

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9cfc59d70e939ade866a6d71cdd88fae03852dac7b5ca2e6e2c688b34376131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 20:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 20:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 20:31:51 GMT

GET
H2 200 anime.min.js Show response
cdn.jsdelivr.net/npm/animejs@3.1.0/lib/ 17 KB
7 KB 36ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/animejs@3.1.0/lib/anime.min.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 586663
x-jsd-version: 3.1.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230055-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"4377-R8tIKopIhiCnk9ULqPZ1IyS0avM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asArAhAQ6ZS1QEyd1%2BuTJXXOSKbbjTY9bcDOS8w209wQEWQUcNgYABtd7JdybHDeZFs%2BaoaNGT5a3jiLRrrEX0XjFg00JK%2FZ0JbcxgXw%2Bju5a%2BK3CfSy5%2BFxFSF0IrhXvICQLQKLwoMORNIfkEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 827abd5c6a463630-FRA

GET
H2 403 SOME_CHARS_HERE.js
kit.fontawesome.com/ 0
0 178ms
139ms Script
text/plain 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/SOME_CHARS_HERE.js
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://zybermc.tebex.io/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 827abd5c89125c32-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: F5iDMmeLvayfrqNc6uAB

GET
H2 200 pace.min.js Show response
cdnjs.cloudflare.com/ajax/libs/pace/1.0.2/ 12 KB
4 KB 48ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pace/1.0.2/pace.min.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10fae43631849825b26b36f703f1298fe5bb426da907dbe77d7c3e5fa2c898f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://zybermc.tebex.io/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 660236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3830
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-30db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoiqrFHCS74prkn79WUsUKSpooEXRnTL%2Fss1BtiRSeiQFp9Q4EpdylkYa5vHVd1DcBeZ7BgToNc5fMkxYc%2F%2BxAeHmMFP7SpV9RthlZXA2VFgxRY8bx%2FGM%2Fre%2FYb0PPuNmfGjgxtiK5%2FN3awNQcITt57O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 827abd5c7a3e37fe-FRA
expires: Wed, 06 Nov 2024 20:31:51 GMT

GET
H2 200 alertify.min.js Show response
cdn.jsdelivr.net/npm/alertifyjs@1.13.1/build/ 36 KB
11 KB 37ms
20ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alertifyjs@1.13.1/build/alertify.min.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4053009b8c5f944443521d0d758d696b4f8ca2f18d35d33c81d6bffea0d11fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 495001
x-jsd-version: 1.13.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"9072-Iv7dyyR9gV/XKKiGHRUJp93h2vs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpqIPOlASiMHC%2F2w6zDXcvpYAtQ3%2B9EU8YbqMskybd8EA73o2AFu46m%2BntNMRsY5cVpdx2Sd8RsDnRaM6kD77e63WJmYgca59W1bH02V7DPFh0xAioV9KTN5a58PlqpnlzFqHx8k1NR%2BjJGrh%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 827abd5c6a4a3630-FRA

GET
H2

200

popper.min.js Show response
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain

https://unpkg.com/@popperjs/core@2
https://unpkg.com/@popperjs/core@2.11.8
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

20 KB
8 KB

25ms
25ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 416477
last-modified: Fri, 26 May 2023 17:27:16 GMT
fly-request-id: 01HF32H93KH6JDEP60Z36TZGKP-fra
server: cloudflare
etag: W/"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 827abd5cae1c3837-FRA

Redirect headers

date: Fri, 17 Nov 2023 20:31:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HF3FZE66ZWEDTJ0N2VW1K0MP-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 402380
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@popperjs/core@2.11.8/dist/umd/popper.min.js
cache-control: public, max-age=31536000
cf-ray: 827abd5c8df93837-FRA

GET
H2 200 alertify.min.css
cdn.jsdelivr.net/npm/alertifyjs@1.13.1/build/css/ 21 KB
4 KB 34ms
17ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alertifyjs@1.13.1/build/css/alertify.min.css

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c977b90854ca3b4463f2d8801d07fd3ba77af2d87bf47092e51b1d3174812199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 673195
x-jsd-version: 1.13.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230049-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"53a9-VLHpjIKo72EBATXuPVu65vUK9g0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt5hMGSGNJmq3%2FqTyCKQMa00PRbGJ%2BM0mbEDnghyUC5JQSW0lWQROj9TZlDRsAsx7wJ0afs3yJtq5CLwela2%2BXopwhsO7gyob83Wpm%2FSMIrQ2O2%2BXlcoW%2F93cXi0c6VyEckDlhjxALoC4%2B748Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 827abd5c6a403630-FRA

GET
H2 200 CmC1FCT.png
i.imgur.com/ 3 MB
3 MB 76ms
46ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/CmC1FCT.png

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

39335872a1052d24a263099897ae9a43aaff91649b670e3aac346c9de2d4f26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 312133
x-cache: Miss from cloudfront, HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 3533719
x-served-by: cache-iad-kjyo7100107-IAD, cache-fra-etou8220052-FRA
last-modified: Fri, 27 Dec 2019 03:51:08 GMT
server: cat factory 1.0
x-timer: S1700253112.941736,VS0,VE40
etag: "5c2256e9e12d07abf573e2a410bfdb72"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GwpHtypqTomEyY5O0sgyEtptOX_EOFtKqWsJNjxI8TumRk0esJZavg==
x-cache-hits: 15, 1

GET
H2 200 BxiL2EP.png
i.imgur.com/ 76 KB
77 KB 43ms
14ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/BxiL2EP.png

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0390533b5eadede83d791b15d47a4eb9c04a5598804b9680a04d10dbeb1ed747

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:51 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: ATL59-P7
age: 1687433
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 78054
x-served-by: cache-iad-kjyo7100112-IAD, cache-fra-etou8220052-FRA
last-modified: Thu, 07 Sep 2023 17:00:18 GMT
server: cat factory 1.0
x-timer: S1700253112.941599,VS0,VE7
etag: "a5fdeccc6a9d5eb3ae488c38e0a417fa"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hbDX3DD_AuAxpN6BCUJGKGZDdZwZwz_QBPLGE8_P7fM276J7sELwkg==
x-cache-hits: 0, 1

GET
H2 200 64
cravatar.eu/avatar/NoLyfeJustSlave/ 304 B
861 B 64ms
27ms Image
image/png 2606:4700:3032::6815:52ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cravatar.eu/avatar/NoLyfeJustSlave/64
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:52ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f283e91e7bcbdb3dcc1c66efb3fdcfb1a58b28069fa5c331e9ab5c5e2a352e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=NoLyfeJustSlave.png
alt-svc: h3=":443"; ma=86400
content-length: 304
last-modified: Fri, 17 Nov 2023 20:31:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm50T2FswVSLZ6xCcV1TUxvGx9uYZnfrVy9lDxfiVuWXQNuorMOJNzM1kC%2F7psirTkvvEIrqOIsn9ffrvaRcMdnpMlPiYRt3JjqQSK7w5fFwkgesFfGpmfZbu1XEiO%2FEWvzjTYa68GkO%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 512330811 524550766
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 827abd5e0c41bb47-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 107ms
86ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4acb0effebcaf3c9e3754d296809ba1f52d5b4425b542368096789ed849904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52710
x-xss-protection: 0
server: cafe
etag: 15137449109325748887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:31:52 GMT

GET
H2 200 150
cravatar.eu/avatar// 276 B
599 B 32ms
31ms Image
image/png 2606:4700:3032::6815:52ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cravatar.eu/avatar//150
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:52ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6474e142868f2418c059f33f37571ea931ae9fb3b7c93cc64b6ba4f2a479b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=150.png
alt-svc: h3=":443"; ma=86400
content-length: 276
last-modified: Fri, 17 Nov 2023 20:31:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Thwho7FgJQ4nC9Bta73WUNLlh6Y653uI0YOm4bWmIaoUc%2BjNmFXX7%2B4agFpEGR84Aw5LKLNY%2BB2Sh1nYe9d5c0XhlargjhKPZYVuZ4EQbxrPjz4Xt8J7vbtYhniYJ%2F7dt1l1yhsALbjvOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 525861109 510395529
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 827abd5e2c77bb47-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:28:36 GMT

GET
H2 200 bootstrap.min.js Show response
zybermc.tebex.io/templates/209/js/ 28 KB
8 KB 521ms
521ms Script
application/javascript 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/templates/209/js/bootstrap.min.js
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
tb-cache-country: DE
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: W/"654e2fa6-71b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=90
x-infra: new
cf-ray: 827abd5e9ecb39d3-FRA

GET
H2 200 skin.min.js Show response
zybermc.tebex.io/templates/209/js/ 265 B
289 B 393ms
393ms Script
application/javascript 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/templates/209/js/skin.min.js
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22112af7beec1924e9ffd905a2ab385aa6894b4217d7c9f54fa435af09594ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
tb-cache-country: DE
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: W/"654e2fa6-109"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=90
x-infra: new
cf-ray: 827abd5eaed139d3-FRA

GET
H2 200 site.js Show response
zybermc.tebex.io/templates/209/js/ 8 KB
3 KB 430ms
428ms Script
application/javascript 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/templates/209/js/site.js
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd86720ec28b58de0da0aae6724a8c16252df0b6211636315ce6d0e1de221d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
tb-cache-country: DE
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: W/"654e2fa6-1f09"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=90
x-infra: new
cf-ray: 827abd60d95539d3-FRA

GET
H3 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.4/ 11 KB
4 KB 26ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.4/clipboard.min.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 583517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2976
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2a02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJQc8NvaDjffEOxiO1wfCYDmnzS1A4HMm6NyU%2BrXcgE4vinF3NDxHskP%2BHMrPL%2FfzmivSNVVjQff3pUducEfPC9iBMOIjpqqFFAlqdObls2EeiYuDglncNMsug99defrwezKddm5LH5qD7UKMdxLXPQM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 827abd60ec1e65a7-FRA
expires: Wed, 06 Nov 2024 20:31:52 GMT

GET
H2 200 discord.js Show response
zybermc.tebex.io/assets/js/ 1 KB
701 B 433ms
432ms Script
application/javascript 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/assets/js/discord.js
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
tb-cache-country: DE
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: W/"654e2fa6-5dc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=90
x-infra: new
cf-ray: 827abd60d95839d3-FRA

GET
H2 200 tebex.png
zybermc.tebex.io/assets/img/ 3 KB
3 KB 436ms
435ms Image
image/png 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zybermc.tebex.io/assets/img/tebex.png
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2e7e6dc4551e06056f78da34f4dc79f59804a1a1ad784c8a5f1f3d484e0eb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
tb-cache-country: DE
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: "654e2fa6-a20"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0, s-maxage=90
x-infra: new
accept-ranges: bytes
cf-ray: 827abd60d95a39d3-FRA
content-length: 2592

GET
H2 200 sdk.js Show response
sdk.nsureapi.com/ 150 KB
34 KB 44ms
8ms Script
application/javascript 2600:9000:2251:b200:d:b1e8:9040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.nsureapi.com/sdk.js
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b200:d:b1e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a9d28743d4f6467d5490f6b009df2589b0853647d245e14025695838c25b808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:47:37 GMT
content-encoding: br
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 09:19:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 38656
etag: W/"ff5c6fabffc5a6c3e2ffa0dbad58f038"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8NaN_8dDuwVL2sw0_xNw7nQuTSNrJ0SFD2nAMu8asw531fvbTrd3AA==

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,700,600

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/templates/209/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02d7cc078e8c3cff7ec972abe528bc397bc3767c058fe7ff202bfcde2f530c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 20:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 20:20:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 20:31:52 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 19:20:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 17 Nov 2023 21:20:22 GMT

GET
H2 200 fxlepb8eap Show response
www.clarity.ms/tag/ 650 B
1012 B 144ms
92ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fxlepb8eap
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 05cc61db33387a1f3041d6028cef5f74760eff5226f2354b8111150694ab4860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Fri, 17 Nov 2023 20:31:52 GMT
x-azure-ref: 20231117T203152Z-ma90pzrqnd3tf68a5gpq26bxxc000000042000000001dhws
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 nKKU-Go6G5tXcr5KPxWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:04 GMT
x-content-type-options: nosniff
age: 75888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19572
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:27:04 GMT

GET
H2 200 nKKU-Go6G5tXcr5mOBWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 42ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5mOBWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:43 GMT
x-content-type-options: nosniff
age: 256509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19292
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:16:43 GMT

GET
H2 200 nKKU-Go6G5tXcr4uPhWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 40ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr4uPhWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:56:54 GMT
x-content-type-options: nosniff
age: 16498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19336
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 15:56:54 GMT

GET
H2 200 fontawesome-webfont.woff
zybermc.tebex.io/templates/209/fonts/ 43 KB
44 KB 611ms
611ms Font
application/font-woff 104.18.38.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zybermc.tebex.io/templates/209/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/templates/209/css/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://zybermc.tebex.io/templates/209/css/style.min.css
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
tb-cache-country: DE
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 13:27:02 GMT
tb-cache-group: webstore
server: cloudflare
etag: W/"654e2fa6-ad90"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=0, s-maxage=90
x-infra: new
cf-ray: 827abd60e97239d3-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 21744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 14:29:28 GMT

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 41ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zybermc.tebex.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:39:51 GMT
x-content-type-options: nosniff
age: 255121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19388
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:39:51 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 15ms
14ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=120633947&utmhn=zybermc.tebex.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ZyberMC%20%7C%20Welcome&utmhid=909177441&utmr=-&utmp=%2F&utmht=1700253112499&utmac=UA-36735942-3&utmcc=__utma%3D112728975.229096413.1700253112.1700253112.1700253112.1%3B%2B__utmz%3D112728975.1700253112.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=479393616&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 20:31:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=zybermc.tebex.io&bust=31079698

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ab0ced3916feb3612394f21f4a59f0a5c254209540c7326a8dc2ada8608350e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137194
x-xss-protection: 0
server: cafe
etag: 5960498371222164506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:31:52 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 5988 9 KB
4 KB 28ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zybermc.tebex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:13 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 09:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 14ms
14ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fxlepb8eap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
content-encoding: br
last-modified: Thu, 16 Nov 2023 20:17:47 GMT
etag: W/"0x8DBE6E119B57399"
vary: Accept-Encoding
x-azure-ref: 20231117T203152Z-ma90pzrqnd3tf68a5gpq26bxxc000000042000000001dhxz
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 024d946e-301e-005d-1959-19245f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 404ms
193ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zybermc.tebex.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zybermc.tebex.io
Date: Fri, 17 Nov 2023 20:31:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A3DC 127 KB
41 KB 617ms
616ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9830135219921132&output=html&h=90&slotname=7404819681&adk=1239599839&adf=192163814&pi=t.ma~as.7404819681&w=728&lmt=1700253112&format=728x90&url=https%3A%2F%2Fzybermc.tebex.io%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700253112593&bpp=2&bdt=867&idt=233&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=6618917125440&frm=20&pv=2&ga_vid=229096413.1700253112&ga_sid=1700253112&ga_hid=909177441&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532523%2C31078301%2C31079698%2C44806140%2C44807764%2C44808148%2C44808284%2C44809054&oid=2&pvsid=468432785141448&tmod=218052160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9830135219921132&plah=zybermc.tebex.io&bust=31079698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1837e0fcb9da3475e818906f4758cbb168a8a09ea5bcc2c01a2416097711e809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zybermc.tebex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41286
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:31:53 GMT
expires: Fri, 17 Nov 2023 20:31:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 play.zybermc.fun Show response
api.mcsrvstat.us/2/ 687 B
1 KB 70ms
32ms XHR
application/json 2606:4700:20::ac43:476a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mcsrvstat.us/2/play.zybermc.fun

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:476a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

694e292bf4f7545f5d1c6f46fb8275a43f4726bee19212ec5b39720eba3e8830

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data: https://mcsrvstat.us https://dev.mcsrvstat.us; font-src 'self' https://cdnjs.cloudflare.com; script-src 'self' 'nonce-b21eccd083c4ff31af00ff2cad200e3e8a68c095' https://cdnjs.cloudflare.com https://static.cloudflareinsights.com; style-src 'self' 'nonce-b21eccd083c4ff31af00ff2cad200e3e8a68c095' https://cdnjs.cloudflare.com; connect-src 'self' https://cloudflareinsights.com; form-action 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://zybermc.tebex.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:52 GMT
access-control-request-method: GET
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data: https://mcsrvstat.us https://dev.mcsrvstat.us; font-src 'self' https://cdnjs.cloudflare.com; script-src 'self' 'nonce-b21eccd083c4ff31af00ff2cad200e3e8a68c095' https://cdnjs.cloudflare.com https://static.cloudflareinsights.com; style-src 'self' 'nonce-b21eccd083c4ff31af00ff2cad200e3e8a68c095' https://cdnjs.cloudflare.com; connect-src 'self' https://cloudflareinsights.com; form-action 'self'; upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 20:31:37 GMT
server: cloudflare
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evnJjvLBhn5HtOkvPVB0BqSROWKzDZ3wwjRUC%2BQiKg%2BPsNXSE9uRNpkMt62PlGYrCx5klnvl0hJDuc%2FAmfcSfEt1AQuTfiXuqFcFnhagY9wyoSRxCkiFMN8CuCyWDaOKyPMaKSiC1ZoG12zhDe0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,must-revalidate,max-age=60
cf-ray: 827abd63ca6d3638-FRA

POST
H2 200 listener.php Show response
kuchy.me/resourceassets/blocky/ 0
549 B 398ms
164ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchy.me/resourceassets/blocky/listener.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept: */*
Referer: https://zybermc.tebex.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
content-security-policy: upgrade-insecure-requests;
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scm%2B7ZQ%2Bj%2FlPiKHWBt7dmo5qCzziyBHMeJcRLG10QBxWkwliEQjZPUWhQ72J%2Fau8Iywbilr1uq%2BN4%2FQjtP9hHz%2FywSl8c23bWgc5bsgugTROIv2GTpR%2Fsi6QHoxw5PWA55YpItOSiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 827abd656ea582f9-IAD
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93FF 0
19 B 31ms
30ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9830135219921132&output=html&adk=1812271804&adf=3025194257&lmt=1700253112&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fzybermc.tebex.io%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700253112906&bpp=2&bdt=1180&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6618917125440&frm=20&pv=1&ga_vid=229096413.1700253112&ga_sid=1700253112&ga_hid=909177441&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532523%2C31078301%2C31079698%2C44806140%2C44807764%2C44808148%2C44808284%2C44809054&oid=2&pvsid=468432785141448&tmod=218052160&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zybermc.tebex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:31:52 GMT
expires: Fri, 17 Nov 2023 20:31:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=kd-loader-container&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 20:31:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=kd-loader-container&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: zybermc.tebex.io
URL: https://zybermc.tebex.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 20:31:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A3DC 14 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9830135219921132&output=html&h=90&slotname=7404819681&adk=1239599839&adf=192163814&pi=t.ma~as.7404819681&w=728&lmt=1700253112&format=728x90&url=https%3A%2F%2Fzybermc.tebex.io%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700253112593&bpp=2&bdt=867&idt=233&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=6618917125440&frm=20&pv=2&ga_vid=229096413.1700253112&ga_sid=1700253112&ga_hid=909177441&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532523%2C31078301%2C31079698%2C44806140%2C44807764%2C44808148%2C44808284%2C44809054&oid=2&pvsid=468432785141448&tmod=218052160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 20:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 19:51:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 20:31:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A3DC 2 KB
903 B 31ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A3DC 23 KB
9 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A3DC 3 KB
1 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:00:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A3DC 20 KB
9 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3DC 203 KB
64 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:31:53 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame A3DC 37 KB
16 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:24:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A328 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9830135219921132&output=html&h=90&slotname=7404819681&adk=1239599839&adf=192163814&pi=t.ma~as.7404819681&w=728&lmt=1700253112&format=728x90&url=https%3A%2F%2Fzybermc.tebex.io%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700253112593&bpp=2&bdt=867&idt=233&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=6618917125440&frm=20&pv=2&ga_vid=229096413.1700253112&ga_sid=1700253112&ga_hid=909177441&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532523%2C31078301%2C31079698%2C44806140%2C44807764%2C44808148%2C44808284%2C44809054&oid=2&pvsid=468432785141448&tmod=218052160&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14210123936742885828/ Frame A3DC 4 KB
4 KB 22ms
13ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14210123936742885828/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1de71a09d8cddfd630da61363509e7b9d3414e8513cb3d03f21fc791190756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:09:24 GMT
x-content-type-options: nosniff
age: 62549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3613
x-xss-protection: 0
last-modified: Sun, 23 Jul 2023 15:05:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 03:09:24 GMT

GET
DATA 200
OK truncated
/ Frame A3DC 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A328
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
16ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:31:53 GMT
expires: Fri, 17 Nov 2023 20:31:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:31:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A3DC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18fd51b6afe6e33324c4e481e664b8813e09fc061516bdb280a962f5d92ec99a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A3DC 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 171002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A3DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CdoFduM1XZf_ePPySvcAPjrqy8AT-m6mgdN6zss-YEvLt6prpDhABIMGD6x9gleKQgqAHoAHLoIP7KcgBAakCAHcZnNREsj6oAwHIA8sEqgTCAU_Q-k1iup-5q7F92C_wV1mntIvSQbM4V2X...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226140150685102238211%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%2...

0
0

56ms
41ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226140150685102238211%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211263856715%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227150975235882135713%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6140150685102238211","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11263856715"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"7150975235882135713"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 20:31:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 20:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6140150685102238211","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11263856715"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"7150975235882135713"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A164D2B6EE1548C9B8DD3CAA6227FDBE&RedC=c.clarity.ms&MXFR=2765174C0E7D630730FF04800A7D6D81
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A164D2B6EE1548C9B8DD3CAA6227FDBE&MUID=2730DFC16C3960640A99CC0D6D9561A7

42 B
443 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A164D2B6EE1548C9B8DD3CAA6227FDBE&MUID=2730DFC16C3960640A99CC0D6D9561A7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 20:31:53 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 20:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E64BFAB947A9422D9B1CC43B18B84F56 Ref B: FRA31EDGE0117 Ref C: 2023-11-17T20:31:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A164D2B6EE1548C9B8DD3CAA6227FDBE&MUID=2730DFC16C3960640A99CC0D6D9561A7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
57ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cae7352a193fe2a2a634ab49afeee84a7094702ee2d542e2604bf1ef3b57340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12314
x-xss-protection: 0

GET
H2 200 sdkIframe.html Show response
sdk.nsureapi.com/ Frame FCCE 636 B
937 B 7ms
7ms Document
text/html 2600:9000:2251:b200:d:b1e8:9040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.nsureapi.com/sdkIframe.html
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b200:d:b1e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38e9906e3f403419f5ac22fff240601e8017fca42e14ebca0867d90f4d87e3ad

Request headers

Referer: https://zybermc.tebex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38293
content-length: 636
content-type: text/html
date: Fri, 17 Nov 2023 09:53:41 GMT
etag: "587be1e29de4390543dda0e280e07c94"
last-modified: Tue, 18 Aug 2020 15:08:46 GMT
server: AmazonS3
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-id: FNQ7VYaMcrZLEddluuTD3nGZri34yN4BSjz-K0KlP382L4V-zUrW8w==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 520E 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:34:51 GMT

GET
H2 200 config.json Show response
sdk.nsureapi.com/core-config/ 803 B
1 KB 25ms
7ms XHR
application/json 2600:9000:2251:b200:d:b1e8:9040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.nsureapi.com/core-config/config.json
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b200:d:b1e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b1354054a824ab52b0f24fea0c387b7c30325a13bb9e00f85a1c59069febde1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:06:52 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 15:41:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 44702
etag: "a2e654675a929e7b88598763dc745274"
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 803
x-amz-cf-id: 0KUSQy6GS5KbFABDMgaGFIsu0OvUiRptD4zV3E4pr0gpgf4sONWbNg==

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 83ms
41ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 20:31:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 20:31:53 GMT

GET
H2 200 sdk-core-v1.1.53.js Show response
sdk.nsureapi.com/ 100 KB
33 KB 7ms
7ms Script
application/javascript 2600:9000:2251:b200:d:b1e8:9040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.nsureapi.com/sdk-core-v1.1.53.js
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b200:d:b1e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7baa6eebad47608b3139478fa5a7e77eb2ce1a53744d767612be5987187bb304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:07:22 GMT
content-encoding: br
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 15:32:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 41072
etag: W/"effb16856d0732fe637e70ed875b3521"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0vm-cBidbznsJFkyuFRLXm4xyu-dTtudYB6Iz46Uc_AnJWFi5L0gjw==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6320 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zybermc.tebex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 18:54:23 GMT
expires: Sat, 16 Nov 2024 18:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8ECD 829 B
997 B 21ms
20ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb2dae5ec4c9cda87f97bc9222f267de00ae6cd424996e6d710f168d19663f12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lWWL8Hnmm5P0dVN3q2CTtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zybermc.tebex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lWWL8Hnmm5P0dVN3q2CTtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:31:53 GMT
expires: Fri, 17 Nov 2023 20:31:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 session
sdk-service.nsureapi.com/ Frame 0
0 432ms
402ms Preflight 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/session?timestamp=1700253113727&clientRequestId=67fbd091-5d0e-4618-9ff4-fa19ef9d707e&deviceId=e7e2ef2b-3132-4292-9d1f-80d510cd7d63&storeId=1339874&storeType=storeFront
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version
Access-Control-Request-Method: GET
Origin: https://zybermc.tebex.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:54 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 session Show response
sdk-service.nsureapi.com/ 369 B
491 B 104ms
104ms XHR
application/json 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/session?timestamp=1700253113727&clientRequestId=67fbd091-5d0e-4618-9ff4-fa19ef9d707e&deviceId=e7e2ef2b-3132-4292-9d1f-80d510cd7d63&storeId=1339874&storeType=storeFront
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 3499bac05ab29e502c014eb00818e89b6b4dd3cc84cadb5b211d2ad1cd55f519

Request headers

accept-language: de-DE,de;q=0.9
x-nsure-app-id: Z620Q2525RT9DWKA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
x-nsure-sdk-client-type: web
Accept: application/json
x-nsure-sdk-client-version: 1.1.53
Referer: https://zybermc.tebex.io/
x-nsure-sdk-api-version: 1.0.0

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:54 GMT
content-encoding: gzip
etag: W/"171-QiU7ZxtiJf7+u4F+x8Li+T5nCnc"
content-length: 316
x-powered-by: Express
content-type: application/json; charset=utf-8

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6320 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:09:38 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 103ms
103ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zybermc.tebex.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zybermc.tebex.io
Date: Fri, 17 Nov 2023 20:31:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8ECD 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=468432785141448&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

OPTIONS
H2 204 events
sdk-service.nsureapi.com/ Frame 0
0 106ms
106ms Preflight 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version
Access-Control-Request-Method: POST
Origin: https://zybermc.tebex.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:53 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 events Show response
sdk-service.nsureapi.com/ 11 B
164 B 301ms
301ms XHR
application/json 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/events
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

accept-language: de-DE,de;q=0.9
x-nsure-app-id: Z620Q2525RT9DWKA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
x-nsure-sdk-client-type: web
Accept: application/json
x-nsure-sdk-client-version: 1.1.53
Referer: https://zybermc.tebex.io/
x-nsure-sdk-api-version: 1.0.0

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:54 GMT
etag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
content-length: 11
x-powered-by: Express
content-type: application/json; charset=utf-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6320 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kHql3w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 loader_v3.8.3.js Show response
fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/ 109 KB
38 KB 41ms
8ms Script
text/javascript 18.66.112.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/loader_v3.8.3.js

Requested by

Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-21.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

78b124db1aa8756163f091964832106889d71132b258c170246f8c0bbaf61527

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 12:43:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 287280
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"DYBrilfasSqqC0GZFbXtbJW1h9k"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3687, s-maxage=617969
timing-allow-origin: *
x-amz-cf-id: wVODk-A8sayPeKsN2EakIe7po_TIIRv8Qn7gus5VglY4ad8SkOzZAw==

GET
H2 200 t081 Show response
metrics.nsureapi.com/-0zOawP/fPoMog/ 96 B
464 B 302ms
98ms XHR
text/plain 52.223.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.nsureapi.com/-0zOawP/fPoMog/t081

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/loader_v3.8.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1ae3036f3ddb9a09.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

0a83682734ffb7739848a0d357f47b74b4a27010ae490fae56aca040ea5c774e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:31:54 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

OPTIONS
H2 204 events
sdk-service.nsureapi.com/ Frame 0
0 169ms
169ms Preflight 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
Access-Control-Request-Method: POST
Origin: https://zybermc.tebex.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:54 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 events Show response
sdk-service.nsureapi.com/ 11 B
164 B 221ms
221ms XHR
application/json 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/events
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

accept-language: de-DE,de;q=0.9
x-nsure-app-id: Z620Q2525RT9DWKA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
x-nsure-sdk-client-type: web
Accept: application/json
x-nsure-sdk-client-version: 1.1.53
Referer: https://zybermc.tebex.io/
x-nsure-session-id: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0YXJnZXQiOiJaNjIwUTI1MjVSVDlEV0tBIiwiaW5hY3Rpdml0eVRpbWVvdXQiOjkwMDAwMCwiZGV2aWNlSWQiOiJlN2UyZWYyYi0zMTMyLTQyOTItOWQxZi04MGQ1MTBjZDdkNjMiLCJldHMiOiI3YzUyODcxYjQ1MmYxMGMxNGYxNmU4Y2QzY2VmZmFhMDo5ODNiN2Y4NWRhMGIxYTRiNDk2OWE3ODI0N2EyYTJjMCIsImlhdCI6MTcwMDI1MzExNCwiZXhwIjoxNzAwMzM5NTE0fQ.ywOTVSeh8vSZToX3HyAUMa4vpXp_o0iJ7aNgfNnqc-E
x-nsure-sdk-api-version: 1.0.0

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:54 GMT
etag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
content-length: 11
x-powered-by: Express
content-type: application/json; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=468432785141448&bg=!AQKlAk3NAAZxrfrxUa07ADQBe5WfOFBkaPJDF-yhzHOd2gbJ2cSlpEIPq4S-78Fcu5dLU43-XFAE9yzE5RvUlLdH8F2SAgAAAJJSAAAAAmgBB5kCtQ5fDhLiijA3Mz2gmNosbn6eb5DplVs8N7YZX7_yoLrb-MGdJww-tdTEQSKLvOf2IJJkhANeMQsqTkq-zGUZbSAsxUztmCNOQ46wNRTOFjflmeVCqvf67M6TkqdvD9Ccvc8gNo_gyN8-uzbjTXBX4MB-78rwghHgOg8DGnvfCSBQoHocpG7XXheZGulHq1HrJBGKYZbiiiB8S1bXUpKxmyorO6I884hEWfvmYt2nQ8h4H6Gl25wLdb_2lZ_cq1L-xMgHcYFKgntFoBSp4aVfp0bEfhfvrKBc_Mticnr_555oUIJ7nSFWIFvr53lOCnGuIYDP7I68J3h1YNrBa2Of5SpQ6ifM237KmU_xv2dtzu8hbeD0ShaoHU_IWhleBVZV7fF0X2PkPG0JYXNHjDg9hqct3XXgkn2QS7n1di6tQxhCPxjRvzpl-BvA4fuTkhf5PJ9gZevEMPmrE11ty2j2T5_Xz9mkFB5FpXRaXw4mkxWLTjAtTVKh4H8aNAFm6pdDPC9hPEDm6yfK7nVaRuPr3DOUHD8Zxa4tPP94DpnOXNkq8QezguErBWiEpXZnsszJ7y2K5oENWK1A3fSG6rZkGY2HxXzHP6PM14sFMChlKJdP0Z2RNqJfaxlLfqzSlhZkQNuvAUIkpbc-P55pTnZjA4QRNswfAmsYFlJuTjl_0ThcyuZWbUUqy5vO874FqPAfcbPySf3s5smMYI06dRQf87xrQOOc5iQO_0tu8HeSI3wM0ABOV6h_HMn3LSPRu8DuW1qbgvev7phNqZeSSqEsWyJwq8lZxKKl2elLhQ7fnIr3Whb_OXkkQX4TGOvmRTBUvZWeSBEnjZl3s_IuUV4fhIQ51o1CaV1sFimqbB0mOSJItMoJnj8k-fCwJdpwicwPtqiTBRqVrIqKEKbJiGHrWcv5Fe2GzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zybermc.tebex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A3DC 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu13V3mjMkBbC6ex3eBG6Gqz8uRFF7_QysIj_7HeULdz-3cledBJumAmAv429qO4Oy7HBadOL43-YvmcuvYm1XKgR2dRxJMLPMptT5H_cBKJwUzEmj7DVOAwZK_GFem3v2Y_fGofMP52Kj&sai=AMfl-YTdjHLBTi9rdtz_2Mba3f-RGu4l13EXRtJMKm68OAil8Kf9JGuPKVfVup4S9cLIrF4aZ-sNagm7UpW3O7mdYaFNKUvEwGi_uURo3I_d5NmNB-1QiE2BLYb2ogh0Pxf5N6x8LbcafLvSvCz4Ml6t_w&sig=Cg0ArKJSzMzVDr2fyiDkEAE&cid=CAQSTwDICaaNV9PDiTeOfhKf5ewtHGVKX4qFf6ay58ZBkJRQCmZ1Qw1410Ayt3r9ZPS60DYtnUGQNldCOrxlzHo_bcBfHZsC3ngOONezcsqhGqkYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1239599839&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700253112840&rpt=767&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 20:31:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
metrics.nsureapi.com/ 384 B
898 B 377ms
187ms XHR
text/plain 52.223.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.nsureapi.com/?ci=js/3.8.27

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/loader_v3.8.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1ae3036f3ddb9a09.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

900196e5f68811b293684dd443165e3dd96e6c19a3810a2daf86c312889d67b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://zybermc.tebex.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 20:31:55 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://zybermc.tebex.io
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 384

OPTIONS
H2 204 events
sdk-service.nsureapi.com/ Frame 0
0 110ms
109ms Preflight 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
Access-Control-Request-Method: POST
Origin: https://zybermc.tebex.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-nsure-app-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:55 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 events Show response
sdk-service.nsureapi.com/ 11 B
164 B 127ms
126ms XHR
application/json 3.74.99.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-service.nsureapi.com/events
Requested by: Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.53.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.99.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-99-13.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

accept-language: de-DE,de;q=0.9
x-nsure-app-id: Z620Q2525RT9DWKA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json
x-nsure-sdk-client-type: web
Accept: application/json
x-nsure-sdk-client-version: 1.1.53
Referer: https://zybermc.tebex.io/
x-nsure-session-id: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0YXJnZXQiOiJaNjIwUTI1MjVSVDlEV0tBIiwiaW5hY3Rpdml0eVRpbWVvdXQiOjkwMDAwMCwiZGV2aWNlSWQiOiJlN2UyZWYyYi0zMTMyLTQyOTItOWQxZi04MGQ1MTBjZDdkNjMiLCJldHMiOiI3YzUyODcxYjQ1MmYxMGMxNGYxNmU4Y2QzY2VmZmFhMDo5ODNiN2Y4NWRhMGIxYTRiNDk2OWE3ODI0N2EyYTJjMCIsImlhdCI6MTcwMDI1MzExNCwiZXhwIjoxNzAwMzM5NTE0fQ.ywOTVSeh8vSZToX3HyAUMa4vpXp_o0iJ7aNgfNnqc-E
x-nsure-sdk-api-version: 1.0.0

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 20:31:55 GMT
etag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
content-length: 11
x-powered-by: Express
content-type: application/json; charset=utf-8

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 196ms
196ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://zybermc.tebex.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://zybermc.tebex.io
Date: Fri, 17 Nov 2023 20:31:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tebex.io/	1970-01-20 16:17:34	Name: __cf_bm Value: vsNUnYYwfk5Tb51ixHPAdNMEKo9Dy7nGsG.LpeZq3g4-1700253111-0-AZYvm51dCKBemXr4JVeLQC9oODWSJdAprni1JRaGZvpoEqU+ptQ8XWA9M04xRC739DSB7lk/shRKp7VaT0OxHvU=
.zybermc.tebex.io/	1970-01-21 01:53:33	Name: __utma Value: 112728975.229096413.1700253112.1700253112.1700253112.1
.zybermc.tebex.io/	1969-12-31 23:59:59	Name: __utmc Value: 112728975
.zybermc.tebex.io/	1970-01-20 20:40:21	Name: __utmz Value: 112728975.1700253112.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.zybermc.tebex.io/	1970-01-20 16:17:33	Name: __utmt Value: 1
.zybermc.tebex.io/	1970-01-20 16:17:34	Name: __utmb Value: 112728975.1.10.1700253112
www.clarity.ms/	1970-01-21 01:03:09	Name: CLID Value: ec87e5e2367e467eb8c9a382c2c08714.20231117.20241116
.tebex.io/	1970-01-21 01:03:09	Name: _clck Value: 11mns8e%7C2%7Cfgs%7C0%7C1416
.tebex.io/	1970-01-20 16:18:59	Name: _clsk Value: 15lp3e9%7C1700253113150%7C1%7C1%7Cp.clarity.ms%2Fcollect
.tebex.io/	1970-01-21 01:39:09	Name: __gads Value: ID=f6de07b1003cabed:T=1700253112:RT=1700253112:S=ALNI_MZo-Go7LJNS_p6OclRYhJ42m9cSVg
.tebex.io/	1970-01-21 01:39:09	Name: __gpi Value: UID=00000cdc52492d70:T=1700253112:RT=1700253112:S=ALNI_MbV8TQUcXPBFGdCn5k6e6FQJgg0Vw
.doubleclick.net/	1970-01-20 16:17:36	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:39:09	Name: IDE Value: AHWqTUnrYYNMmKsWs4NNjYfonmCfgjbyCATfMUBctMYV9BAt1XUxU6sDK4zKj3DuR5o
zybermc.tebex.io/	1969-12-31 23:59:59	Name: deviceId Value: e7e2ef2b-3132-4292-9d1f-80d510cd7d63
.bing.com/	1970-01-21 01:39:09	Name: MUID Value: 2730DFC16C3960640A99CC0D6D9561A7
.c.bing.com/	1970-01-20 16:27:37	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:39:09	Name: SRM_B Value: 2730DFC16C3960640A99CC0D6D9561A7
.googleadservices.com/	1970-01-20 18:27:09	Name: ar_debug Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:39:09	Name: MUID Value: 2730DFC16C3960640A99CC0D6D9561A7
.c.clarity.ms/	1970-01-20 16:27:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:17:33	Name: ANONCHK Value: 0
.nsureapi.com/	1970-01-21 01:03:09	Name: _iidt Value: ECfn1M6BFLdcz8ula1doD4ysbeJJZZoVAhQtDdptzpBqeURvGE6kyruLbo9mcu/DjQ4uwqbhhuTdrA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/SOME_CHARS_HERE.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.mcsrvstat.us
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
cravatar.eu
fonts.googleapis.com
fonts.gstatic.com
fpnpmcdn.net
googleads.g.doubleclick.net
i.imgur.com
kit.fontawesome.com
kuchy.me
metrics.nsureapi.com
p.clarity.ms
pagead2.googlesyndication.com
sdk-service.nsureapi.com
sdk.nsureapi.com
ssl.google-analytics.com
tpc.googlesyndication.com
unpkg.com
www.clarity.ms
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
zybermc.tebex.io
104.18.38.194
142.250.186.66
146.75.120.193
18.66.112.21
20.122.63.128
2600:9000:2251:b200:d:b1e8:9040:93a1
2606:4700:20::ac43:476a
2606:4700:3032::6815:52ab
2606:4700:4400::6812:2844
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6811:180e
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a06:98c1:3120::3
3.74.99.13
52.223.49.99
68.219.88.97
02d7cc078e8c3cff7ec972abe528bc397bc3767c058fe7ff202bfcde2f530c03
0390533b5eadede83d791b15d47a4eb9c04a5598804b9680a04d10dbeb1ed747
05cc61db33387a1f3041d6028cef5f74760eff5226f2354b8111150694ab4860
0a83682734ffb7739848a0d357f47b74b4a27010ae490fae56aca040ea5c774e
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0cae7352a193fe2a2a634ab49afeee84a7094702ee2d542e2604bf1ef3b57340
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
10fae43631849825b26b36f703f1298fe5bb426da907dbe77d7c3e5fa2c898f3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1837e0fcb9da3475e818906f4758cbb168a8a09ea5bcc2c01a2416097711e809
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18fd51b6afe6e33324c4e481e664b8813e09fc061516bdb280a962f5d92ec99a
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2ab0ced3916feb3612394f21f4a59f0a5c254209540c7326a8dc2ada8608350e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3499bac05ab29e502c014eb00818e89b6b4dd3cc84cadb5b211d2ad1cd55f519
38e9906e3f403419f5ac22fff240601e8017fca42e14ebca0867d90f4d87e3ad
39335872a1052d24a263099897ae9a43aaff91649b670e3aac346c9de2d4f26f
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3f283e91e7bcbdb3dcc1c66efb3fdcfb1a58b28069fa5c331e9ab5c5e2a352e4
4053009b8c5f944443521d0d758d696b4f8ca2f18d35d33c81d6bffea0d11fae
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
465831fb8a973ec6c25a42a50d7dcc037133b523e31d821e272a7c07acae369e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
694e292bf4f7545f5d1c6f46fb8275a43f4726bee19212ec5b39720eba3e8830
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea
78b124db1aa8756163f091964832106889d71132b258c170246f8c0bbaf61527
7baa6eebad47608b3139478fa5a7e77eb2ce1a53744d767612be5987187bb304
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
900196e5f68811b293684dd443165e3dd96e6c19a3810a2daf86c312889d67b8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9d28743d4f6467d5490f6b009df2589b0853647d245e14025695838c25b808
9b1354054a824ab52b0f24fea0c387b7c30325a13bb9e00f85a1c59069febde1
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a6474e142868f2418c059f33f37571ea931ae9fb3b7c93cc64b6ba4f2a479b1d
a9cfc59d70e939ade866a6d71cdd88fae03852dac7b5ca2e6e2c688b34376131
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4acb0effebcaf3c9e3754d296809ba1f52d5b4425b542368096789ed849904
ae2e7e6dc4551e06056f78da34f4dc79f59804a1a1ad784c8a5f1f3d484e0eb7
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bb2dae5ec4c9cda87f97bc9222f267de00ae6cd424996e6d710f168d19663f12
c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c22112af7beec1924e9ffd905a2ab385aa6894b4217d7c9f54fa435af09594ce
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c
c977b90854ca3b4463f2d8801d07fd3ba77af2d87bf47092e51b1d3174812199
dcc14901eb1cb3bdce862861295fb44bd29b1a1dd5f375b4d488c020e22023d1
de1de71a09d8cddfd630da61363509e7b9d3414e8513cb3d03f21fc791190756
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
fdd86720ec28b58de0da0aae6724a8c16252df0b6211636315ce6d0e1de221d0

zybermc.tebex.io Open in urlscan Pro 104.18.38.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

96 %HTTPS

71 %IPv6

21 Domains

28 Subdomains

28 IPs

4 Countries

4414 kBTransfer

5872 kBSize

23 Cookies

5 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zybermc.tebex.io Open in urlscan Pro
104.18.38.194 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

28
Subdomains

28
IPs

4
Countries

4414 kB
Transfer

5872 kB
Size

23
Cookies

82 HTTP transactions
2 data transactions