grif14.freehat.cc Open in urlscan Pro
2606:4700:3038::6815:ea93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grif-fan.ru/
Effective URL:
https://grif14.freehat.cc/
Submission: On February 16 via manual (February 16th 2023, 2:42:10 pm UTC) from RU — Scanned from NL

Summary HTTP 106 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 64 domains to perform 106 HTTP transactions. The main IP is 2606:4700:3038::6815:ea93, located in United States and belongs to CLOUDFLARENET, US. The main domain is grif14.freehat.cc.
TLS certificate: Issued by GTS CA 1P5 on January 22nd 2023. Valid for: 3 months.

This is the only time grif14.freehat.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.61.58.130 5.61.58.130	58061 (SCALAXY-AS) (SCALAXY-AS)
37	2606:4700:303... 2606:4700:3038::6815:ea93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	87.236.16.24 87.236.16.24	198610 (BEGET-AS) (BEGET-AS)
1	193.200.64.20 193.200.64.20	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	82.202.165.19 82.202.165.19	29182 (RU-JSCIOT) (RU-JSCIOT)
26 30	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
2	54.76.156.35 54.76.156.35	16509 (AMAZON-02) (AMAZON-02)
1	178.162.196.152 178.162.196.152	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2	213.227.149.183 213.227.149.183	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.109.95.134 104.109.95.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	47.246.133.88 47.246.133.88	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 6	104.109.58.65 104.109.58.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	47.246.133.23 47.246.133.23	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2606:4700::68... 2606:4700::6812:a05a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:970f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	52.211.185.157 52.211.185.157	16509 (AMAZON-02) (AMAZON-02)
1 2	23.62.220.19 23.62.220.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	79.133.177.226 79.133.177.226	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	13.225.78.48 13.225.78.48	16509 (AMAZON-02) (AMAZON-02)
1	23.35.208.181 23.35.208.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.29 151.101.1.29	54113 (FASTLY) (FASTLY)
1	104.109.54.129 104.109.54.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	91.237.218.76 91.237.218.76	212882 (DNXNETWORK) (DNXNETWORK)
1 2	2a02:26f0:dc:... 2a02:26f0:dc:18d::277d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700:311... 2606:4700:311f::6812:3f7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.64.162.198 104.64.162.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.37.37.249 23.37.37.249	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	195.85.23.88 195.85.23.88	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	31.192.112.221 31.192.112.221	48684 (VIKINGHOST) (VIKINGHOST)
1	195.85.23.96 195.85.23.96	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	54.72.146.178 54.72.146.178	16509 (AMAZON-02) (AMAZON-02)
2 4	23.36.162.214 23.36.162.214	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::ac43:1f1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.73 13.32.27.73	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:235... 2606:2800:235:1c73:1f86:1376:22ce:2cd	15133 (EDGECAST) (EDGECAST)
1 1	104.18.228.43 104.18.228.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1f3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.45.191 34.120.45.191	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	62.44.0.166 62.44.0.166	29208 (QUANTCOM-...) (QUANTCOM-AS Quantcom a.s.)
1 2	34.107.132.69 34.107.132.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a04:4e42:400... 2a04:4e42:400::285	54113 (FASTLY) (FASTLY)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb5a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:185::23a2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	104.18.6.193 104.18.6.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::6819:e935	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.70.31.69 54.70.31.69	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1b75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.243.127.224 34.243.127.224	16509 (AMAZON-02) (AMAZON-02)
1	45.223.19.47 45.223.19.47	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700:90:... 2606:4700:90:0:8426:3d75:9f41:f87a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:48ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.56 13.224.189.56	16509 (AMAZON-02) (AMAZON-02)
1	104.17.145.36 104.17.145.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.101.193.29 151.101.193.29	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:917d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1 2	185.14.169.119 185.14.169.119	199408 (BOL-COM) (BOL-COM)
1	31.177.17.7 31.177.17.7	197651 (THEHUTGRO...) (THEHUTGROUPLIMITED)
1 2	34.149.145.178 34.149.145.178	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	163.181.56.193 163.181.56.193	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
106	53

1 5.61.58.130 (Dronten, Netherlands) 1 redirects

ASN58061 (SCALAXY-AS, NL)

grif-fan.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700:3038::6815:ea93 (United States)

ASN13335 (CLOUDFLARENET, US)

grif14.freehat.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.24 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.kryton.beget.com

handred.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network

dominantroute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.165.19 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: videoroll.net

videoroll.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.132.202.70 (Germany) 26 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

odnaknopka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hlmiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feneteko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.156.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-156-35.eu-west-1.compute.amazonaws.com

bitrix.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.196.152 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

cdn.trafficbass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.trafficbass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.60.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

googie-anaiytlcs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.95.134 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-95-134.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.133.88 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sale.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.58.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-58-65.deploy.static.akamaitechnologies.com

login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.133.23 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a05a (United States)

ASN13335 (CLOUDFLARENET, US)

www.udemy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:970f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.airhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.211.185.157 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-185-157.eu-west-1.compute.amazonaws.com

redirects.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.62.220.19 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-19.deploy.static.akamaitechnologies.com

www.bonprix.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.226 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-48.fra2.r.cloudfront.net

www.coursera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.208.181 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-208-181.deploy.static.akamaitechnologies.com

www.expedia.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.29 (United States)

ASN54113 (FASTLY, US)

www.momondo.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.54.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-54-129.deploy.static.akamaitechnologies.com

www.fruugo.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.237.218.76 (Luxembourg) 1 redirects

ASN212882 (DNXNETWORK, LU)
PTR: proxyovcsf.dnx.lu

www.xcams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:18d::277d (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

nl.hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:311f::6812:3f7e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nl.stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.162.198 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-162-198.deploy.static.akamaitechnologies.com

www.viator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.37.249 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-37-249.deploy.static.akamaitechnologies.com

www.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.85.23.88 (Czech Republic) 2 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-88-23-conversasro.com

bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.192.112.221 (Netherlands) 1 redirects

ASN48684 (VIKINGHOST, NL)

bngtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.96 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-96-23-conversasro.com

de.bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.146.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-146-178.eu-west-1.compute.amazonaws.com

www.coop.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.162.214 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-214.deploy.static.akamaitechnologies.com

www.miniinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lightinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1f1c (United States)

ASN13335 (CLOUDFLARENET, US)

www.grover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-73.fra56.r.cloudfront.net

monday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:235:1c73:1f86:1376:22ce:2cd (United States)

ASN15133 (EDGECAST, US)

de.dhgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.228.43 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.getyourguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f3d (United States)

ASN13335 (CLOUDFLARENET, US)

www.getyourguide.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.45.191 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.45.120.34.bc.googleusercontent.com

www.semrush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.44.0.166 (Brno, Czech Republic)

ASN29208 (QUANTCOM-AS Quantcom a.s., CZ)
PTR: www.notino.nl

www.notino.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.132.69 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.132.107.34.bc.googleusercontent.com

www.ibood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::285 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.kayak.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb5a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:185::23a2 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

store.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.6.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.iherb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.iherb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:e935 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.31.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-31-69.us-west-2.compute.amazonaws.com

www.tomtop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b75 (United States)

ASN13335 (CLOUDFLARENET, US)

www.crocs.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.127.224 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-127-224.eu-west-1.compute.amazonaws.com

sc.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.223.19.47 (United States)

ASN19551 (INCAPSULA, US)

www.transavia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:90:0:8426:3d75:9f41:f87a (United States)

ASN13335 (CLOUDFLARENET, US)

www.mediamarkt.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48ad (United States)

ASN13335 (CLOUDFLARENET, US)

changelly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-56.fra2.r.cloudfront.net

www.tiqets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.145.36 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dress-for-less.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.29 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.hotelscombined.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:917d (United States)

ASN13335 (CLOUDFLARENET, US)

kinsta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.132.27 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

www.thelotter.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.14.169.119 (Utrecht, Netherlands) 1 redirects

ASN199408 (BOL-COM, NL)
PTR: pro-web-proxy-vip.bol.com

www.bol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.177.17.7 (United Kingdom)

ASN197651 (THEHUTGROUPLIMITED, GB)

www.myprotein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.145.178 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 178.145.149.34.bc.googleusercontent.com

www.only.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.193 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

g.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	freehat.cc grif14.freehat.cc	2 MB
27	hlmiq.com 25 redirects hlmiq.com — Cisco Umbrella Rank: 287672	14 KB
6	alicdn.com i.alicdn.com assets.alicdn.com — Cisco Umbrella Rank: 10636 g.alicdn.com — Cisco Umbrella Rank: 7344	225 KB
6	tradedoubler.com 6 redirects redirects.tradedoubler.com — Cisco Umbrella Rank: 153315	3 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701	59 KB
3	iherb.com 2 redirects www.iherb.com — Cisco Umbrella Rank: 87033 de.iherb.com	1 KB
3	hp.com 2 redirects www.hp.com — Cisco Umbrella Rank: 13360 store.hp.com — Cisco Umbrella Rank: 131463	2 KB
3	bongacams.com 2 redirects bongacams.com — Cisco Umbrella Rank: 62392 de.bongacams.com — Cisco Umbrella Rank: 404626	1 KB
3	xcams.com 1 redirects www.xcams.com — Cisco Umbrella Rank: 983574	1 KB
3	aliexpress.ru 2 redirects sale.aliexpress.ru — Cisco Umbrella Rank: 281185 login.aliexpress.ru — Cisco Umbrella Rank: 31374	8 KB
3	trafficbass.com cdn.trafficbass.com — Cisco Umbrella Rank: 110002 z.cdn.trafficbass.com — Cisco Umbrella Rank: 120717	5 KB
2	only.com 1 redirects www.only.com — Cisco Umbrella Rank: 381524	418 B
2	bol.com 1 redirects www.bol.com — Cisco Umbrella Rank: 26425	5 KB
2	thelotter.net 1 redirects www.thelotter.net — Cisco Umbrella Rank: 468839	613 B
2	hotelscombined.nl 1 redirects www.hotelscombined.nl	2 KB
2	lightinthebox.com 1 redirects www.lightinthebox.com — Cisco Umbrella Rank: 48033	1 KB
2	kayak.nl 1 redirects www.kayak.nl — Cisco Umbrella Rank: 327758	2 KB
2	ibood.com 1 redirects www.ibood.com — Cisco Umbrella Rank: 318196	389 B
2	miniinthebox.com 1 redirects www.miniinthebox.com — Cisco Umbrella Rank: 294535	1 KB
2	stripchat.com 1 redirects stripchat.com — Cisco Umbrella Rank: 20986 nl.stripchat.com — Cisco Umbrella Rank: 379870	350 B
2	hotels.com 1 redirects nl.hotels.com — Cisco Umbrella Rank: 462584	2 KB
2	bonprix.nl 1 redirects www.bonprix.nl — Cisco Umbrella Rank: 480898	2 KB
2	airhelp.com 1 redirects www.airhelp.com — Cisco Umbrella Rank: 495351	282 B
2	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 26406 login.aliexpress.com — Cisco Umbrella Rank: 19925	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	bitrix.info bitrix.info — Cisco Umbrella Rank: 43291	4 KB
2	odnaknopka.ru odnaknopka.ru — Cisco Umbrella Rank: 293235	1 KB
1	myprotein.com www.myprotein.com — Cisco Umbrella Rank: 180271
1	kinsta.com kinsta.com — Cisco Umbrella Rank: 115733
1	dress-for-less.nl www.dress-for-less.nl
1	tiqets.com www.tiqets.com — Cisco Umbrella Rank: 198620
1	changelly.com changelly.com — Cisco Umbrella Rank: 24086
1	mediamarkt.nl www.mediamarkt.nl — Cisco Umbrella Rank: 104704
1	transavia.com www.transavia.com — Cisco Umbrella Rank: 170783
1	tradetracker.net 1 redirects sc.tradetracker.net — Cisco Umbrella Rank: 366743	440 B
1	crocs.eu www.crocs.eu — Cisco Umbrella Rank: 590606
1	tomtop.com www.tomtop.com — Cisco Umbrella Rank: 398938
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 66685	136 B
1	notino.nl www.notino.nl — Cisco Umbrella Rank: 499586
1	semrush.com www.semrush.com — Cisco Umbrella Rank: 73319
1	getyourguide.nl www.getyourguide.nl — Cisco Umbrella Rank: 546417
1	getyourguide.com 1 redirects www.getyourguide.com — Cisco Umbrella Rank: 68222	2 KB
1	dhgate.com de.dhgate.com — Cisco Umbrella Rank: 224872
1	monday.com monday.com — Cisco Umbrella Rank: 6274
1	grover.com www.grover.com — Cisco Umbrella Rank: 401265
1	coop.nl www.coop.nl — Cisco Umbrella Rank: 134901
1	bngtrk.com 1 redirects bngtrk.com — Cisco Umbrella Rank: 72565	3 KB
1	agoda.com www.agoda.com — Cisco Umbrella Rank: 25735
1	viator.com www.viator.com — Cisco Umbrella Rank: 23845
1	fruugo.nl www.fruugo.nl — Cisco Umbrella Rank: 103231
1	momondo.nl www.momondo.nl — Cisco Umbrella Rank: 544751
1	expedia.nl www.expedia.nl — Cisco Umbrella Rank: 257999
1	coursera.org www.coursera.org — Cisco Umbrella Rank: 28217
1	alibaba.com offer.alibaba.com — Cisco Umbrella Rank: 42889
1	udemy.com www.udemy.com — Cisco Umbrella Rank: 23445
1	feneteko.com 1 redirects feneteko.com — Cisco Umbrella Rank: 309696	396 B
1	googie-anaiytlcs.com 1 redirects googie-anaiytlcs.com — Cisco Umbrella Rank: 285574	336 B
1	videoroll.net videoroll.net — Cisco Umbrella Rank: 181088	59 KB
1	dominantroute.com dominantroute.com — Cisco Umbrella Rank: 125060	195 B
1	handred.ru handred.ru	418 B
1	grif-fan.ru 1 redirects grif-fan.ru	633 B
0	wish.com Failed www.wish.com Failed
0	kobo.com Failed www.kobo.com Failed
0	cos.com Failed www.cos.com — Cisco Umbrella Rank: 41754 Failed
106	64

	Domain	Requested by
37	grif14.freehat.cc	grif14.freehat.cc
27	hlmiq.com	25 redirects odnaknopka.ru hlmiq.com
6	redirects.tradedoubler.com	6 redirects
4	mc.yandex.ru	1 redirects grif14.freehat.cc
3	i.alicdn.com	sale.aliexpress.ru
3	www.xcams.com	1 redirects hlmiq.com
2	assets.alicdn.com	sale.aliexpress.ru
2	www.only.com	1 redirects hlmiq.com
2	www.bol.com	1 redirects hlmiq.com
2	www.thelotter.net	1 redirects hlmiq.com
2	www.hotelscombined.nl	1 redirects hlmiq.com
2	www.iherb.com	2 redirects
2	www.lightinthebox.com	1 redirects hlmiq.com
2	www.hp.com	1 redirects hlmiq.com
2	www.kayak.nl	1 redirects hlmiq.com
2	www.ibood.com	1 redirects hlmiq.com
2	www.miniinthebox.com	1 redirects hlmiq.com
2	bongacams.com	2 redirects
2	nl.hotels.com	1 redirects hlmiq.com
2	www.bonprix.nl	1 redirects hlmiq.com
2	www.airhelp.com	1 redirects hlmiq.com
2	sale.aliexpress.ru	1 redirects odnaknopka.ru
2	z.cdn.trafficbass.com	cdn.trafficbass.com
2	www.google-analytics.com	grif14.freehat.cc www.google-analytics.com
2	bitrix.info	grif14.freehat.cc bitrix.info
2	odnaknopka.ru	handred.ru odnaknopka.ru
1	g.alicdn.com	sale.aliexpress.ru
1	www.myprotein.com	hlmiq.com
1	kinsta.com	hlmiq.com
1	www.dress-for-less.nl	hlmiq.com
1	www.tiqets.com	hlmiq.com
1	changelly.com	hlmiq.com
1	www.mediamarkt.nl	hlmiq.com
1	www.transavia.com	hlmiq.com
1	sc.tradetracker.net	1 redirects
1	www.crocs.eu	hlmiq.com
1	www.tomtop.com	hlmiq.com
1	is.gd	1 redirects
1	de.iherb.com	hlmiq.com
1	store.hp.com	1 redirects
1	www.notino.nl	hlmiq.com
1	www.semrush.com	hlmiq.com
1	www.getyourguide.nl	hlmiq.com
1	www.getyourguide.com	1 redirects
1	de.dhgate.com	hlmiq.com
1	monday.com	hlmiq.com
1	www.grover.com	hlmiq.com
1	www.coop.nl	hlmiq.com
1	de.bongacams.com	hlmiq.com
1	bngtrk.com	1 redirects
1	www.agoda.com	hlmiq.com
1	www.viator.com	hlmiq.com
1	nl.stripchat.com	hlmiq.com
1	stripchat.com	1 redirects
1	www.fruugo.nl	hlmiq.com
1	www.momondo.nl	hlmiq.com
1	www.expedia.nl	hlmiq.com
1	www.coursera.org	hlmiq.com
1	offer.alibaba.com	hlmiq.com
1	www.udemy.com	hlmiq.com
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	feneteko.com	1 redirects
1	googie-anaiytlcs.com	1 redirects
1	cdn.trafficbass.com	grif14.freehat.cc
1	videoroll.net	grif14.freehat.cc
1	dominantroute.com	grif14.freehat.cc
1	handred.ru	grif14.freehat.cc
1	grif-fan.ru	1 redirects
0	www.wish.com Failed	hlmiq.com
0	www.kobo.com Failed	hlmiq.com
0	www.cos.com Failed	hlmiq.com
106	73

This site contains links to these domains. Also see Links.

Domain
www.lalapaluza.ru
money.yandex.ru

Subject Issuer	Validity	Valid
*.freehat.cc GTS CA 1P5	`2023-01-22` - `2023-04-22`	3 months	crt.sh
handred.ru R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
dominantroute.com R3	`2023-01-04` - `2023-04-04`	3 months	crt.sh
videoroll.net AlphaSSL CA - SHA256 - G2	`2022-05-04` - `2023-06-05`	a year	crt.sh
odnaknopka.ru R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.bitrix.info Go Daddy Secure Certificate Authority - G2	`2022-03-15` - `2023-04-16`	a year	crt.sh
*.cdn.trafficbass.com Go Daddy Secure Certificate Authority - G2	`2022-04-08` - `2023-04-07`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
hlmiq.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.aliexpress.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-08-23` - `2023-06-18`	10 months	crt.sh
*.alibaba.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-06-08` - `2023-07-10`	a year	crt.sh
www.viator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-29` - `2023-04-28`	9 months	crt.sh
*.agoda.com GeoTrust RSA CA 2018	`2022-06-05` - `2023-06-06`	a year	crt.sh
xcams.com R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
changelly.com Cloudflare Inc ECC CA-3	`2022-09-30` - `2023-09-30`	a year	crt.sh
*.tiqets.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-22` - `2023-05-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-09` - `2023-10-09`	a year	crt.sh
ru.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-19` - `2023-12-19`	a year	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-22` - `2023-08-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://grif14.freehat.cc/
Frame ID: 27A3A34AC1AA6050D81655445723206A
Requests: 52 HTTP requests in this frame

Frame: https://hlmiq.com/vu/nl/
Frame ID: D3381DF26D743AF8F7A9C62508DD1E80
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d
Frame ID: 688002791D5E8D742B3BA23D99001F2D
Requests: 8 HTTP requests in this frame

Frame: https://hlmiq.com/vu/nl/
Frame ID: ECD819E48FF245E822ED06633C20A64F
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Гриффины в HD-качестве, фан-сайт, смотрим вместе любимый сериал онлайн

Page URL History Show full URLs

http://grif-fan.ru/ HTTP 302
https://grif14.freehat.cc/ Page URL

Detected technologies

1C-Bitrix (CMS) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]+components/bitrix|(?:src|href)="/bitrix/(?:js|templates))

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

63 %
HTTPS

29 %
IPv6

64
Domains

73
Subdomains

53
IPs

10
Countries

2376 kB
Transfer

3836 kB
Size

166
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=VKontakte&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=GoogleOAuth&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=YandexOAuth&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=MailRu2&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=MyMailRu&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=Twitter&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://www.lalapaluza.ru/auth/sonet/?serviceID=LiveIDOAuth&returnurl=https%3A%2F%2Fgrif14.freehat.cc%2F

Search URL Search Domain Scan URL

URL: https://money.yandex.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grif-fan.ru/ HTTP 302
https://grif14.freehat.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://googie-anaiytlcs.com/stat HTTP 302
https://hlmiq.com/vu/nl/

Request Chain 50

https://feneteko.com/a HTTP 302
https://s.click.aliexpress.com/e/_DkvbRPd?af=a;14185&cn=-&cv=719967&dp=212.7.210.177 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2614185%26cn%3D-%26cv%3D719967%26dp%3D212.7.210.177%26aff_fcid%3Dbb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd%26tt%3DCPS_NORMAL%26aff_fsk%3D_DkvbRPd%26aff_platform%3Dportals-tool%26sk%3D_DkvbRPd%26aff_trace_key%3Dbb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd%26terminal_id%3D6a9c528a68834c9fb85fc3c2e6c6c48d HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=6a9c528a68834c9fb85fc3c2e6c6c48d&xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2614185%26cn%3D-%26cv%3D719967%26dp%3D212.7.210.177%26aff_fcid%3Dbb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd%26tt%3DCPS_NORMAL%26aff_fsk%3D_DkvbRPd%26aff_platform%3Dportals-tool%26sk%3D_DkvbRPd%26aff_trace_key%3Dbb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd%26terminal_id%3D6a9c528a68834c9fb85fc3c2e6c6c48d&_ga= HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d

Request Chain 51

https://mc.yandex.ru/watch/21568060?wmode=7&page-url=https%3A%2F%2Fgrif14.freehat.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A294280219848%3Ahid%3A273266523%3Az%3A0%3Ai%3A20230216144206%3Aet%3A1676558526%3Ac%3A1%3Arn%3A72485567%3Arqn%3A1%3Au%3A1676558526437258652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C34%2C100%2C14%2C110%2C0%2C%2C569%2C34%2C%2C%2C%2C844%3Aco%3A0%3Acpf%3A1%3Ans%3A1676558524904%3Arqnl%3A1%3Ast%3A1676558526%3At%3A%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/21568060/1?wmode=7&page-url=https%3A%2F%2Fgrif14.freehat.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A294280219848%3Ahid%3A273266523%3Az%3A0%3Ai%3A20230216144206%3Aet%3A1676558526%3Ac%3A1%3Arn%3A72485567%3Arqn%3A1%3Au%3A1676558526437258652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C34%2C100%2C14%2C110%2C0%2C%2C569%2C34%2C%2C%2C%2C844%3Aco%3A0%3Acpf%3A1%3Ans%3A1676558524904%3Arqnl%3A1%3Ast%3A1676558526%3At%3A%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 54

https://hlmiq.com/to2/udemy4.com/ HTTP 307
https://www.udemy.com/?ranMID=39197&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HkPD7KolsqsrI4o6Aw65ow&LSNPUBID=hL6ObH*7r3M&utm_source=aff-campaign&utm_medium=udemyads

Request Chain 55

https://www.airhelp.com/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045 HTTP 302
https://www.airhelp.com/ru/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045

Request Chain 56

https://hlmiq.com/to2/bonprix.nl/ HTTP 307
https://redirects.tradedoubler.com/projectr/?landmark=Entry&typ=AFF&anbieter=Tradedoubler&iwl=501&wkz=94&version=deeplink&promo=0&matchkey=2031206&aktion=31*_td_*KEEP_NEWEST&entrysourceID=tradedoubler31:Tradedoubler~2031206~22449~31~MCNL_-3886096103495114116~&_td_deeplink=https://www.bonprix.nl/ HTTP 302
https://www.bonprix.nl/?landmark=Entry&typ=AFF&anbieter=Tradedoubler&iwl=501&wkz=94&version=deeplink&promo=0&matchkey=2031206&aktion=31&entrysourceID=tradedoubler31:Tradedoubler~2031206~22449~31~MCNL_-3886096103495114116~ HTTP 301
https://www.bonprix.nl/?typ=AFF&anbieter=Tradedoubler&version=deeplink&promo=0&matchkey=2031206&aktion=31

Request Chain 58

https://hlmiq.com/to2/coursera2.org/ HTTP 307
https://www.coursera.org/?irclickid=Rr6V7sWa9xyNRII33iXY9wFaUkAyk42GXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c

Request Chain 59

https://hlmiq.com/to2/expedia.nl/ HTTP 307
https://www.expedia.nl/?siteid=100723&affcid=nl.network.cj.7561038.13957630.MCNL_-4043700144543189619&cjevent=8dafa061adff11ed81dff6e20a18b8fa

Request Chain 60

https://hlmiq.com/to2/momondo.nl/ HTTP 307
https://www.momondo.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=20485&enc_refid=0%3A%3A207463%3A%3Av030300011382659ba6d0f1b242ee9c46ae1467a73085%3A%3A%3A%3A1676551202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=20485&url=https%3A%2F%2Fmomondo.nl%2F

Request Chain 61

https://hlmiq.com/to2/fruugo.nl/ HTTP 307
https://redirects.tradedoubler.com/projectr/?ac=tradedoubler&tduid=f4428c9614c71ce140a7f8c199aa5a03&_td_deeplink=https://www.fruugo.nl HTTP 302
https://www.fruugo.nl/?ac=tradedoubler&tduid=f4428c9614c71ce140a7f8c199aa5a03

Request Chain 62

https://hlmiq.com/to2/xcams.com/ HTTP 307
https://www.xcams.com/chatfs/random/?dsclr=false&comfrom=978654&cf2=147931&cfsa2=gOvl0pruSyLrUMMcf0=pc2&cfsa1=O211 HTTP 301
https://www.xcams.com/?dsclr=false&comfrom=978654&cf2=147931&cfsa2=gOvl0pruSyLrUMMcf0%3Dpc2&cfsa1=O211

Request Chain 63

https://hlmiq.com/to2/hotels.nl/ HTTP 307
https://nl.hotels.com/&btn_ref=org-6658d51db36e0f38&btn_reach_pub=7561038&btn_reach_pub_name=Plebicom%20-%20eBuyClub&btn_mobile_url=https://nl.hotels.com/?rffrid=aff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027&wapa6=MCNL_-626871157351080534&sub_publisher=1613009&sub_site=7561038&sub_ad=13830885&btn_network_ref=ed930afdae0111ed80a3005b0a18ba74&rffrid=aff.hcom.nl.002.003.1613009.cjaff.kwrd=ed930afdae0111ed80a3005b0a18ba74.CID=1556901.TYPE=416027&wapa6=MCNL_-626871157351080534&sub_publisher=1613009&sub_site=7561038&sub_ad=13830885&affcid=HCOM-BENELUX.NETWORK.CJ.7561038&cjevent=ed930afdae0111ed80a3005b0a18ba74 HTTP 302
https://nl.hotels.com/?wapa6=MCNL_-626871157351080534%2CMCNL_-626871157351080534&cjevent=ed930afdae0111ed80a3005b0a18ba74&sub_publisher=1613009%2C1613009&sub_site=7561038%2C7561038&affcid=HCOM-BENELUX.NETWORK.CJ.7561038&sub_ad=13830885%2C13830885&rffrid=aff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027%2Caff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027&btn_network_ref=ed930afdae0111ed80a3005b0a18ba74

Request Chain 64

https://hlmiq.com/to2/cos.com/ HTTP 307
https://www.cos.com/sling/servlet/default/rakuten.rakuten?ranMID=46463&siteID=hL6ObH.7r3M-HqLE0dyeIFm_71AxpyNcLQ&url=https%3A%2F%2Fwww.cos.com%2F%3Futm_source%3Dadmitad%26utm_medium%3Daffiliate%26utm_campaign%3D1%26utm_content%3D10%26utm_term%3D1266330%26ranMID%3D46463%26ranEAID%3DhL6ObH*7r3M%26ranSiteID%3DhL6ObH.7r3M-HqLE0dyeIFm_71AxpyNcLQ HTTP 302
https://www.cos.com/?utm_source=admitad&utm_medium=affiliate&utm_campaign=1&utm_content=10&utm_term=1266330&ranMID=46463&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HqLE0dyeIFm_71AxpyNcLQ HTTP 302
https://www.cos.com/content/cos/page.countryselector.nl_NL.en_eur.EUR.jsp?utm_source=admitad&utm_medium=affiliate&utm_campaign=1&utm_content=10&utm_term=1266330&ranMID=46463&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HqLE0dyeIFm_71AxpyNcLQ HTTP 0
http://www.cos.com/en_eur/index.html

Request Chain 65

https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727 HTTP 302
https://nl.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727

Request Chain 69

https://bongacams.com/track?c=287325 HTTP 302
https://bngtrk.com/hit.php?c=287325 HTTP 302
https://bongacams.com/?bcs=cmljYTEzYWUxNTBiYzNlOGQ1OWFlZTViOGNkNWQ0MTA4NTI0OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP 302
https://de.bongacams.com/?bcs=cmljYTEzYWUxNTBiYzNlOGQ1OWFlZTViOGNkNWQ0MTA4NTI0OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

Request Chain 70

https://hlmiq.com/to2/coop.nl/ HTTP 307
https://www.coop.nl/?utm_source=TakeAds+GmbH&utm_medium=affiliate&utm_campaign=101248-3CeXyf7Iiic66vHZCLJZzcH4CeeYhH0C2QiEafbZcnkxcL&awc=12871_1676556182_e4e4c3763d4022b287c5f4dc38a6126a

Request Chain 71

https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=32ERiPW8yxyNRII33iXY9wFaUkAyhQU%3AXUjWwE0&irgwc=1 HTTP 302
https://www.miniinthebox.com/nl/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=32ERiPW8yxyNRII33iXY9wFaUkAyhQU%3AXUjWwE0&irgwc=1

Request Chain 72

https://hlmiq.com/to2/kobo.com/ HTTP 307
https://www.kobo.com/fr/fr?utm_source=linkshare_fr&utm_medium=affiliate&utm_campaign=Linkbux&utm_term=lb_lcp3af&ranMID=39331&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-uDykYk31zZkBSE1zDgiatg&siteID=wizKxmN8no4-uDykYk31zZkBSE1zDgiatg

Request Chain 73

https://hlmiq.com/to2/grover.com/ HTTP 307
https://redirects.tradedoubler.com/projectr/?utm_medium=affiliates*_td_*KEEP_NEWEST&utm_campaign=blackfridaysale*_td_*KEEP_NEWEST&utm_source=tradedoubler*_td_*KEEP_NEWEST&uid=9&oid=13&affid=12&sub1=blackfridaysale&_td_deeplink=https://www.grover.com/nl-en&tduid=b657248c3d2b3cb53abf523f46b6c3c6 HTTP 302
https://www.grover.com/nl-en?tduid=b657248c3d2b3cb53abf523f46b6c3c6&utm_medium=affiliates&utm_campaign=blackfridaysale&utm_source=tradedoubler&uid=9&oid=13&affid=12&sub1=blackfridaysale

Request Chain 74

https://hlmiq.com/to2/monday3.com/ HTTP 307
https://monday.com/lp/management/general/?gspk=c2VyZ2V5Z2F5ZGFy&gsxid=YFaOZcLq4xQs&sid1=8e39685e-87bb-420c-a32b-dd7cbd249781&sid2=5cd34b4e7c4b96329115c62d&utm_adgroup=sergeygaydar&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack

Request Chain 75

https://hlmiq.com/to2/dhgate/ HTTP 307
https://de.dhgate.com/?f=bm|aff|admitad|1019090|36728b1ff118ba3e273efb0cedbce06b|197649||

Request Chain 76

https://www.getyourguide.com/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22 HTTP 302
https://www.getyourguide.nl/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=9R5FDH94Q8VZPEAME3M6J8YBZQDNXNUP&locale_autoredirect_optout=true

Request Chain 77

https://hlmiq.com/to2/semrush.com/ HTTP 307
https://www.semrush.com/partner/seomartinPro14/?irclickid=3UcW8fWa%3AxyNRII33iXY9wFaUkAykfQ3XUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius&utm_term=

Request Chain 78

https://hlmiq.com/to2/notino.nl/ HTTP 307
https://www.notino.nl/?utm_source=cj&utm_medium=affiliate&utm_campaign=1613009&utm_term=7561038&cjevent=4094bc92ae0011ed831f005a0a18ba73&cjdata=MXxZfDB8WXww

Request Chain 79

https://hlmiq.com/to2/ibood.be/ HTTP 307
https://www.ibood.com/pl/pl/?wgu=284355_91011_16765558824997_4446089c9d&wgexpiry=1708091882&utm_source=YIELDKIT HTTP 302
https://www.ibood.com/offers/pl/s-pl/h?wgu=284355_91011_16765558824997_4446089c9d&wgexpiry=1708091882&utm_source=YIELDKIT

Request Chain 80

https://hlmiq.com/to2/kayak.nl/ HTTP 307
https://www.kayak.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=32921&enc_refid=0%3A%3A207463%3A%3Av030300011382cb9ed44d70f2499f9a2b31b40c13ea78%3A%3A%3A%3A1676548741&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=32921&url=https%3A%2F%2Fwww.kayak.nl%2F HTTP 301
https://www.kayak.nl/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=32921

Request Chain 81

https://hlmiq.com/to2/hp.nl/ HTTP 307
https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fstore.hp.com%2FNetherlandsStore%2FDefault.aspx%3Fjumpid%3Daf_6g14fxqzub*td_true*_td_spaceport_encode=-1&utm_source=affiliate&utm_medium=instantink&utm_campaign=ebuyclub+NL&utm_content=21963464&utm_term=af_e87dbaa2e8&tduid=6bc6936cac4f44cbe0c6d113e0073938&_td_deeplink=https%3A%2F%2Fstore.hp.com%2FNetherlandsStore%2FDefault.aspx%3Fjumpid%3Daf_6g14fxqzub*td_false*_td_spaceport_encode=-1&_td_softclick=248492&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub+NL&utm_content=21963464&_td_url=https://www.hp.com/nl-nl/shop/GenericLandingPage.aspx?tduid=6bc6936cac4f44cbe0c6d113e0073938&_td_deeplink=https%3A%2F%2Fstore.hp.com%2FNetherlandsStore%2FDefault.aspx%3Fjumpid%3Daf_6g14fxqzub HTTP 302
https://www.hp.com/nl-nl/shop/GenericLandingPage.aspx?tduid=6bc6936cac4f44cbe0c6d113e0073938&url=https://store.hp.com/NetherlandsStore/Default.aspx?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub+NL&utm_content=21963464 HTTP 302
https://store.hp.com/NetherlandsStore/Default.aspx?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub%20NL&utm_content=21963464 HTTP 301
https://www.hp.com/nl-nl/shop/?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub%20NL&utm_content=21963464

Request Chain 82

https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0gmWBGWa-xyNRII33iXY9wFaUkAyk4VPXUjWwE0&irgwc=1 HTTP 302
https://www.lightinthebox.com/nl/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0gmWBGWa-xyNRII33iXY9wFaUkAyk4VPXUjWwE0&irgwc=1

Request Chain 83

https://hlmiq.com/to2/iherb/ HTTP 307
https://www.iherb.com/?clickref=1101lwzFPyaR&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 301
https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 302
https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

Request Chain 84

https://is.gd/l613Pb HTTP 301
https://www.tomtop.com/?aid=agru

Request Chain 85

https://hlmiq.com/to2/crocs.eu/ HTTP 307
https://www.crocs.eu/?ClickID=2CgV0aWa-xyNRII33iXY9wFaUkAyk9xGXUjWwE0&irgwc=1&adid=aff_impact_eu_x_x_Sub%20Networks_Adpump_1141115_x_x_x_x

Request Chain 87

https://hlmiq.com/to2/transavia.es/ HTTP 307
https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av030300011382228446c18be7419a8ed6ea66e004b4e6%3A%3A%3A%3A1676556962&url=https%3A%2F%2Fwww.transavia.com%2F%3Futm_source%3Daffiliate%26utm_medium%3Dlinkgenerator%26utm_campaign%3DHVTO_ES_191269_YieldKit HTTP 301
https://www.transavia.com/?utm_source=affiliate&utm_medium=linkgenerator&utm_campaign=HVTO_ES_191269_YieldKit

Request Chain 88

https://hlmiq.com/to2/mediamarkt.nl/ HTTP 307
https://redirects.tradedoubler.com/projectr/?_td_ifelse=telefoonabonnementen*td_string*https://www.mediamarkt.nl/*td_true*_td_url=https://telefoonabonnementen.mediamarkt.nl/td_redirect/?tduid=3f2b82428d460ca4a98d5b00443d415c&url=https://www.mediamarkt.nl/*td_false*utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=aff-other%20affiliate*_td_*KEEP_NEWEST&utm_campaign=rt_affiliate_performance_sp_na_blackfridaysale*_td_*KEEP_NEWEST&utm_term=0*_td_*KEEP_NEWEST&tduid=3f2b82428d460ca4a98d5b00443d415c&_td_deeplink=https://www.mediamarkt.nl/ HTTP 302
https://www.mediamarkt.nl/?utm_source=tradedoubler&utm_medium=aff-other%20affiliate&utm_campaign=rt_affiliate_performance_sp_na_blackfridaysale&utm_term=0&tduid=3f2b82428d460ca4a98d5b00443d415c

Request Chain 91

https://hlmiq.com/to2/dress-for-less.nl/ HTTP 307
https://redirects.tradedoubler.com/projectr/?utm_medium=affiliate*_td_*KEEP_NEWEST&utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_campaign=3290894*_td_*KEEP_NEWEST&o=D6717-31-12&tduid=885abde13159fc59a5a0aabbf7edc99a&_td_deeplink=https://www.dress-for-less.nl/ HTTP 302
https://www.dress-for-less.nl/?utm_medium=affiliate&utm_source=tradedoubler&utm_campaign=3290894&o=D6717-31-12&tduid=885abde13159fc59a5a0aabbf7edc99a

Request Chain 92

https://www.hotelscombined.nl/?a_aid=172493 HTTP 302
https://www.hotelscombined.nl/

Request Chain 94

https://www.thelotter.net/?tl_affid=9175 HTTP 301
https://www.thelotter.net/de/?tl_affid=9175

Request Chain 95

https://hlmiq.com/to2/bol.com/ HTTP 307
https://www.bol.com/nl/?Referrer=ADVNLPPcef172004fcf26f700ea111e48000008429&utm_source=8429&utm_medium=Affiliates&utm_campaign=CPS&utm_content=txl HTTP 301
https://www.bol.com/nl/nl/?Referrer=ADVNLPPcef172004fcf26f700ea111e48000008429&utm_source=8429&utm_medium=Affiliates&utm_campaign=CPS&utm_content=txl

Request Chain 96

https://hlmiq.com/to2/myprotein.com/ HTTP 307
https://www.myprotein.com/?affil=awin&utm_content=https%3A%2F%2Fcityads.com&utm_term=Cashback&utm_source=AWin-565015&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=565015&awc=10423_1676556182_6b974266958342165c57d54f6da75aa3

Request Chain 97

https://hlmiq.com/to2/only.com/ HTTP 307
https://www.only.com/?clickref=1101lwzFNXIK&utm_source=phgagru&utm_medium=affiliate&utm_campaign=brand-1101l5810-CA-partnerize HTTP 307
https://www.only.com/de-de?clickref=1101lwzFNXIK&utm_source=phgagru&utm_medium=affiliate&utm_campaign=brand-1101l5810-CA-partnerize

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
grif14.freehat.cc/
Redirect Chain

http://grif-fan.ru/
https://grif14.freehat.cc/

31 KB
9 KB

150ms
100ms

Document
text/html

2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.33

Resource Hash

6e12e36b6f8ddf8c1a5b4f1b72cffe021d79f0edf0b7c232a9a28f619c7ada24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79a70c3daee80e37-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 14:42:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc4RpB4yQdcjKapVSb3ewr7kr2DsCk%2BkkJJL4bbe3DUDrjDDV7Mn1wFcyOTfxMuyL38qMUJk%2BEtTuPYd%2B3Ueyen5tvnjQKS4jesrI%2FPD5ElEtdTGOIqFaBl0dSLzhtxaq6Ef6oZEKdUcLoWVPnVVJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-powered-by: PHP/7.2.33
x-powered-cms: Bitrix Site Manager (46077e13ed188e6f15af019c6c96e49f)

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 14:39:03 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://grif14.freehat.cc/
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Pragma: no-cache
Server: nginx/1.20.1
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.2.33
X-Powered-CMS: Bitrix Site Manager (46077e13ed188e6f15af019c6c96e49f)

GET
H2 200 jquery-1.9.1.min.js Show response
grif14.freehat.cc/bitrix/templates/lalapaluza/js/ 90 KB
33 KB 30ms
25ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/lalapaluza/js/jquery-1.9.1.min.js

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1751f65f18c4497771601702504b81736c149539dc1494c1178bf4253e6f7238

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 07 Apr 2021 06:58:11 GMT
server: cloudflare
etag: W/"606d5803-169e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL%2BNkhx7t4MadDXdwKa9JPQnRszKWYqcoahKkNDZ6qNZGUbLFK9%2B2dJ4eA4U8SaEeoFsntf0g35oAp6g7ibDwtauHbXFbHt62jcfuWwhxjMDCeKwsnlNGBgy3uEGf84eRfn1rwA1j4idqYsuqZU3Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e5fd50e37-AMS
expires: Mon, 06 Mar 2023 08:50:13 GMT

GET
H2 200 core.css
grif14.freehat.cc/bitrix/js/main/core/css/ 3 KB
1 KB 25ms
20ms Stylesheet
text/css 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/main/core/css/core.css?16146677573934

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2eb4b18549b75a7f1e41cdcfe69c85e1311cb25a1816a07be9bd65e1297ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144312
cf-polished: origSize=3934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 02 Mar 2021 06:49:17 GMT
server: cloudflare
etag: W/"603ddfed-f5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3r%2FmtoyAX1Jg5ZAtVE1KQWSrN1Zm0Nx13qMzxQGl8F%2B7n9xmi%2FLcYwd23QkALRQa4%2FU2ePQ7EDihiMskjDCC9iYad0PV%2BYfXtju0ir2ghT4mdCk0chDeONYKpc0bar4UwG%2BHpYiYh0qvoNtDYGfGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fd70e37-AMS
expires: Mon, 06 Mar 2023 08:50:13 GMT

GET
H2 200 ss.css
grif14.freehat.cc/bitrix/js/socialservices/css/ 5 KB
2 KB 28ms
22ms Stylesheet
text/css 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/socialservices/css/ss.css?15959520355122

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00fa49b9119d2e4ff6b92325d22dd986ffa468f796233122d6c614c290a7ff96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144312
cf-polished: origSize=5122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Jul 2020 16:00:35 GMT
server: cloudflare
etag: W/"5f204ba3-1402"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZQMnGIZoPw6ak0yZ%2BognKbypRU8CNL8ngXcYaTV62h911tjErvl%2FB4x7NEt%2BAGhsa3fMyvuRGH9eUgH5jgLDIHEGRi8FTloJVTfwewfEgcIxzYrD2er89MJYB7w9N48uOi2OHQ4X967laprl%2F3OWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fd90e37-AMS
expires: Mon, 06 Mar 2023 08:50:13 GMT

GET
H2 200 owl.carousel.css
grif14.freehat.cc/bitrix/templates/.default/js/owl-carousel/ 1 KB
741 B 26ms
21ms Stylesheet
text/css 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/.default/js/owl-carousel/owl.carousel.css?13999173801476

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139074
cf-polished: origSize=1476
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 12 May 2014 17:56:20 GMT
server: cloudflare
etag: W/"53710b44-5c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2B%2F6DRj%2BCUpjCW4nx4MW%2Fzs7qiWTE9N%2FEBpqsoaqkSiw%2FyhRdalFiuteIXTAAkHx%2Fq6Zb4brJv%2B6OkVaSrKrs0uPLq9kPv4Mhg0HoFiW%2Bsw3lafAP1hL2B2piyJSvAQgoMN%2F5x6gCdNrrXfbAKpG7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fda0e37-AMS
expires: Sat, 18 Mar 2023 00:04:11 GMT

GET
H2 200 styles.css
grif14.freehat.cc/bitrix/templates/lalapaluza/ 21 B
405 B 26ms
21ms Stylesheet
text/css 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/lalapaluza/styles.css?164147972033

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5c461b162aa5ade65e20e4de5b95af953f226a0647d206b5ead3ddd0d46776

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1808876
cf-polished: origSize=33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21
cf-bgj: minify
last-modified: Thu, 06 Jan 2022 14:35:20 GMT
server: cloudflare
etag: "61d6fe28-21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWG%2Fm5McuNOB%2F2MoECjuT56PCFTthfZuX8o7yCa8ZlPU5F5hM6IUkk7JisMtP%2BTJYywBMLCYyrGEVBnDWPucC%2BFZPIJPHylY%2BHAtqgiyWKZe69%2BWj4wdnAD0EQp5E2dPIwKL3xIMKEq2%2FHkIVMzY%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c3e6fdb0e37-AMS
expires: Sun, 26 Feb 2023 16:14:09 GMT

GET
H2 200 template_styles.css
grif14.freehat.cc/bitrix/templates/lalapaluza/ 75 KB
16 KB 39ms
34ms Stylesheet
text/css 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2c23d7afb36ccd93bfa7743b993dae09eb20572a268542b9fb980cde776e62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
cf-polished: origSize=108422
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 14 May 2021 04:57:43 GMT
server: cloudflare
etag: W/"609e0347-1a786"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQJPKkqdt13tMF5YmfE3kSr%2B5dfEouyLpQsil14y%2B%2BYiu7LOYHDYD3nyze38a2wlZIuiSxuiqrFZACtUyGyXpuIuwjzZkp4YV56pfVo6Vvb3a7iVGeaBiY7d6HoNvPVNWEood6hsD0A8RPKJScAp3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fdc0e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 core.js Show response
grif14.freehat.cc/bitrix/js/main/core/ 371 KB
98 KB 43ms
39ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/main/core/core.js?1623777799564150

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a45dca3e9d0c3d49528e7fe94ee0b471ba2ad97bee0b3f393ba22e46e80ed5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 798038
cf-polished: origSize=564150
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Jun 2021 17:23:19 GMT
server: cloudflare
etag: W/"60c8e207-89bb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juNM4f76tSlDc6tbrs8OmEh1G4iREEq3PzZ5sfcX5Fu03N5m%2B5ae70h90uCRJW5Zyrxq5EumHTX78BLUxftEipFd7N5oyseR0tc3sC6Dhps%2BRVzCoaTyz2E2DMbVAeenmp2AbH5oNGqRQm%2F3%2FVHEaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fde0e37-AMS
expires: Fri, 10 Mar 2023 09:01:27 GMT

GET
H2 200 protobuf.js Show response
grif14.freehat.cc/bitrix/js/pull/protobuf/ 107 KB
28 KB 41ms
37ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/pull/protobuf/protobuf.js?1595952090274055

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74710549120008d63ac49f5467cca6dcbedf4d06367fd46aa2afa304394ae325

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
cf-polished: origSize=274055
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Jul 2020 16:01:30 GMT
server: cloudflare
etag: W/"5f204bda-42e87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0pg7wYeCfkpJS1bVeF0pwbV%2FvsbxMJJBRlottJ50i4f8Qp6ZiZSpZyYQ2NRFtH4t0HeESb%2BxnghYu7oip0bLN3BtY3X9%2BQe6%2B57gV%2Fpj%2FXpX%2Bg9jgR9krc6dR6gmbYDkhGGiOyWLgNuybyTx32o3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fe00e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 model.js Show response
grif14.freehat.cc/bitrix/js/pull/protobuf/ 21 KB
3 KB 27ms
23ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/pull/protobuf/model.js?159595209070928

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6c81a83d7c40c24b1e657215130483684ca11cab0c92dff431d23a6777c280

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
cf-polished: origSize=70928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Jul 2020 16:01:30 GMT
server: cloudflare
etag: W/"5f204bda-11510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEEcTn12WOHcs4IUe5J3Zlc0OFKJZPKPoFLkC2jcZgAFmawlt%2FGU6MAmeZ5ka%2BVUuddiKy5szGZnAzyM%2F73Q2UiapBBD7PzjQ5yRdOQMDbjYn14vFtGF4AAz3zMRuI9h2mR3yqVNAR6rR6aSeBPZlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fe10e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 core_promise.js Show response
grif14.freehat.cc/bitrix/js/main/core/ 3 KB
1 KB 27ms
23ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/main/core/core_promise.js?15595818825220

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d20617651ca3f9277c612399addcedcf0392840642af4e031443a5c2dee4ec5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12048
cf-polished: origSize=5220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Jun 2019 17:11:22 GMT
server: cloudflare
etag: W/"5cf554ba-1464"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKxiZbpUma5zDPFGoYs5QiQaJnOvWy0EUAzmtJfMGP4SFCl2QXXeU6xBiUjVYJTIGOjeO7T%2Fmj%2FZDOHy41wBrMV5Cpym9OB%2BgEOp2%2F%2BMrR5Ri2RcbqvnyOT17Y8GdWz5YBLpgfGX93ZDKcKmhOujFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e6fe20e37-AMS
expires: Sun, 19 Mar 2023 11:21:17 GMT

GET
H2 200 rest.client.js Show response
grif14.freehat.cc/bitrix/js/rest/client/ 12 KB
4 KB 43ms
39ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/rest/client/rest.client.js?160285114717414

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b68ffea3f0a34e38bfff20ec1aa638a463241f98be73d25affdc5903a845759

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
cf-polished: origSize=17414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Oct 2020 12:25:47 GMT
server: cloudflare
etag: W/"5f89914b-4406"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2DFRBKB14XbHOQ1OYSeiyjWGS6NSN64Pcf4Z6SYmzXUk5mtzbRly2NQjbFkM2sS56sWKzYYRcfVsux%2B9YnX4ZqG0fjAr3vxyiPZwmoNu0UEM0JUSsUd7cYfR227qraSVJpVvw%2B%2Brs5%2BFfrIiBFlbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ff30e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 pull.client.js Show response
grif14.freehat.cc/bitrix/js/pull/client/ 52 KB
13 KB 44ms
41ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/js/pull/client/pull.client.js?162377785568656

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad1dce471aafe345cbbe7eb4c40c7c93018ec5a8b95ae7519fd5eb70c19a580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
cf-polished: origSize=68656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Jun 2021 17:24:15 GMT
server: cloudflare
etag: W/"60c8e23f-10c30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJTS6yxYpsELz8II7Op6D7p6aW%2FAL2TFTtsc9YcMNXoHXTest7rXmWuwtQogib%2BEDEV0N%2BkEZXqi9BeeJOzI9kcWnjwEbM%2FPNQq1nAvrCCpjQshWnALW7SNIjWamMQHI7kJ8yz6den3zbBigPQO2KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ff40e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 common.js Show response
grif14.freehat.cc/bitrix/templates/lalapaluza/js/ 12 KB
5 KB 43ms
39ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/lalapaluza/js/common.js?1667059001

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61cf02a68fe18bce4397e8cfdc20d4bd7ee3241436110917f39d89360b9fc375

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
cf-polished: origSize=15873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 Oct 2022 15:56:41 GMT
server: cloudflare
etag: W/"635d4d39-3e01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhy9%2BOF2cm%2FNo0e1DXRGLDxOEJaX2LPUJPWgVrUFucp5JG305IEBp1k8wHHonTEw7gUt8df7YorWODmpgmbnEU51bZU2mhlZihpeLwaU3f%2BW7o%2BD07E%2BC0sMdEueOxxj%2BNWCTX54bYhVic3iLFcmSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ff50e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 906867.js Show response
handred.ru/ 302 B
418 B 559ms
222ms Script
application/javascript 87.236.16.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://handred.ru/906867.js
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.kryton.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: ae9baaa2d7646be2970d4597b98c7ea70aa26be54c84adc1c2e972228477f9b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
content-length: 302
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery.jscrollpane.min.js Show response
grif14.freehat.cc/bitrix/templates/.default/js/ 14 KB
5 KB 44ms
41ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/.default/js/jquery.jscrollpane.min.js?141337779614260

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c547ddf55c2a34c8431007c859dd455e1a9cca474e3dceb8d8afb97a673273bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Oct 2014 12:56:36 GMT
server: cloudflare
etag: W/"543e6f04-37b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scgVUEtNfXNff58AUC2VzS2bA5xh9WGHYkT7rqModcPbmuNsm82zPiF%2BXdPNyqmsMCwo2vl3gBffq0nyPsfVdUou9gQhfkVv643YOBXZjQ7w25ZjiJEJfAPgP3DmmRAoE5DT0PgdqDFbdf13Mat%2BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ff70e37-AMS
expires: Mon, 06 Mar 2023 08:29:15 GMT

GET
H2 200 jquery.mousewheel.js Show response
grif14.freehat.cc/bitrix/templates/.default/js/ 2 KB
1 KB 43ms
40ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/.default/js/jquery.mousewheel.js?13841502153846

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1944de148837d0ae19df67bd7f5a034020422cadb6541b2c7ef8ce8d0d017c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 798038
cf-polished: origSize=3846
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Nov 2013 06:10:15 GMT
server: cloudflare
etag: W/"528074c7-f06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FVsEkKyrS1XnwphntCndCuNrLOSc9ov049jHrHYJQs443ZFr2fRP4uzaXdsDz5GOWM8Jz7hOd7mTwkb%2BsyCTyG%2BxUpro1iunSolL9u3n45GGgXk2HlTvOsTegQjEzMK8PIhqoqa1TWq0braOlLEEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ff80e37-AMS
expires: Fri, 10 Mar 2023 09:01:27 GMT

GET
H2 200 script.js Show response
grif14.freehat.cc/bitrix/templates/.default/components/bitrix/asd.elements.list/lp_mainbanners/ 400 B
601 B 43ms
40ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/.default/components/bitrix/asd.elements.list/lp_mainbanners/script.js?1414137124456

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d855527c5196dd1c9701e8ac62a013a3998b960659ae46201480ad0e698a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204804
cf-polished: origSize=456
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Oct 2014 07:52:04 GMT
server: cloudflare
etag: W/"544a0524-1c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY%2Fg%2BeE7hGU4Wga%2BHCkZAwW7DhySC5iQabrAuTx01J%2FOr4Z1QWJYWE%2B7LL6E7YdWOgSx83dcSRw8fuG8v59EftGJXQbea6wJyKnglsv7S2Y07N0bYCvt6vsjm2AW2iolE%2FHReN9VLWFH3DXd8SHSbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ff90e37-AMS
expires: Fri, 17 Mar 2023 05:48:41 GMT

GET
H2 200 owl.carousel.min.js Show response
grif14.freehat.cc/bitrix/templates/.default/js/owl-carousel/ 23 KB
7 KB 42ms
40ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grif14.freehat.cc/bitrix/templates/.default/js/owl-carousel/owl.carousel.min.js?139991693823890

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1178092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 May 2014 17:48:58 GMT
server: cloudflare
etag: W/"5371098a-5d52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y2JQFLmkYg6I8vzV%2FWsnFvGjE7%2F6%2B0XoUoi4%2B3pFN4QThu2SaPfAe7XE6ZHZSKb4oRWjysdAjseIwvy0VHMW6m9g0I4KOhkwv%2BiiE52WzUDqdTO%2BqNb37k5nZR5eoN9t16CIdwBE2LgwiqgdWFaRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 79a70c3e7ffb0e37-AMS
expires: Sun, 05 Mar 2023 23:27:13 GMT

GET
H/1.1 200
OK geo.php Show response
dominantroute.com/services/ 34 B
195 B 78ms
17ms Script
text/javascript 193.200.64.20
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dominantroute.com/services/geo.php
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: etarg.network
Software: nginx /
Resource Hash: 3d91bc785d55a0066c1d0fa79ece2b5688483236b571796aced8077eaf9ceebc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 14:42:05 GMT
Server: nginx
Connection: keep-alive
Content-Length: 34
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK vid_vpaut_script.js Show response
videoroll.net/js/ 58 KB
59 KB 226ms
108ms Script
application/javascript 82.202.165.19
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://videoroll.net/js/vid_vpaut_script.js
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.165.19 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: videoroll.net
Software: nginx /
Resource Hash: 7b00a403ad9dea561bf177af1d30ad6200e7273044bdb436ec4baa4eb3ec08c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 14:42:05 GMT
Last-Modified: Mon, 30 Jan 2023 06:34:36 GMT
Server: nginx
ETag: "63d764fc-e9eb"
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59883

GET
H/1.1 200
OK ok9.js Show response
odnaknopka.ru/ 143 B
379 B 206ms
23ms Script
text/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/ok9.js
Requested by: Host: handred.ru
URL: https://handred.ru/906867.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 14:42:05 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
ETag: a3c0e7d515106e68f018b942173cd913
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8

GET
H2 200 ba.js Show response
bitrix.info/ 7 KB
3 KB 111ms
31ms Script
application/javascript 54.76.156.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.info/ba.js

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.156.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-156-35.eu-west-1.compute.amazonaws.com

Software

nginx/1.10.1 /

Resource Hash

897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Wed, 19 May 2021 09:38:44 GMT
server: nginx/1.10.1
etag: W/"60a4dca4-1a03"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=172800
expires: Sat, 18 Feb 2023 14:42:05 GMT

GET
H/1.1 200
OK e.js Show response
cdn.trafficbass.com/libs/ 8 KB
4 KB 69ms
19ms Script
application/javascript 178.162.196.152
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trafficbass.com/libs/e.js

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

178.162.196.152 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

16103661642748ad79471678e485351ee19a083e6c9532ca8b961a3753577af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 14:42:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 31 Oct 2022 14:23:40 GMT
Server: nginx
ETag: W/"635fda6c-2027"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: X-PINGOTHER
Expires: Fri, 17 Feb 2023 14:42:05 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 250ms
121ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-e31c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58140
expires: Thu, 16 Feb 2023 15:42:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
36ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 13:12:07 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5398
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Feb 2023 15:12:07 GMT

GET
H3 200 menu-img__auction.png
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 1 KB
2 KB 24ms
23ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/menu-img__auction.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ded9ba15903d6514c5c47942d75eeaf742f13afcf11f1552e183587c63e2c8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4584
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1479
last-modified: Tue, 15 Apr 2014 14:41:06 GMT
server: cloudflare
etag: "534d4502-5c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6jPa%2BPvfVF1nr2BcCIBak4JC91ECXaJ4QrSJH8rDWnEyrWXao%2BF2DEKXZOHpY6e0mjw299cx%2FMYRo1s5%2FUHOzjXBKo5TCbjYLOvwJ9brQlOMQ7NkPG4f9CSXwVidJGNlcEhEipCqkloGPLkQZUMhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c41fbf7b791-AMS
expires: Thu, 23 Feb 2023 13:25:41 GMT

GET
H3 200 search-submit.png
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 1 KB
2 KB 65ms
62ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/search-submit.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9157777153a30c788f63aa232693b1544cf007a40c07ec16bd396d1b359ffd4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 531877
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1453
last-modified: Wed, 24 Dec 2014 10:29:53 GMT
server: cloudflare
etag: "549a95a1-5ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31oZiuwLSMfiVwTNFvNFRrN9xMnEQVtJmtW9jqBX2M7nkvih4LMlISv49lBL65UzA2WDTg8gTlnax0tbL08vI1DNQa34Hwgm3pahdrgBCBZ9BPOmBTM%2B0jAW%2FHGoVueBgxTsdH7vyEPeX81lSspnPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c41fbfcb791-AMS
expires: Fri, 17 Feb 2023 10:57:28 GMT

GET
H3 200 orange-noise.jpg
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 27 KB
28 KB 23ms
20ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/orange-noise.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36bc95bd291505d6ad6dbf1d2fb15be33f111770b1e657bd27d7bac9bd4d8267

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28036
last-modified: Wed, 06 Apr 2011 15:46:14 GMT
server: cloudflare
etag: "4d9c8ac6-6d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhuQpuM3ZttgQbp0czu%2B6PHdQPEFOADK3Pxau6640araahABKgl9b9MIPtqKMXEAMm8KyTqazKANdh0YrtGHh2zhs%2B3UDfM62rVF2lSNqfIrAx1m6nE%2BBXe%2FaB7noRRfj%2BT%2F5FjdhWeRgO0tFWLFQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c41fc00b791-AMS
expires: Thu, 23 Feb 2023 10:58:45 GMT

GET
H3 200 dirty_joe.png
grif14.freehat.cc/upload/resize_cache/iblock/c25/e61tqxv9l2zw4cssai5e2q0y8hlk09qi/600_450_175511db9cefbc414a902a46f1b8fae16/ 269 KB
270 KB 80ms
77ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/c25/e61tqxv9l2zw4cssai5e2q0y8hlk09qi/600_450_175511db9cefbc414a902a46f1b8fae16/dirty_joe.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514d53f2d4607c2e2cdd3915d81da6d6547b31ae77dafa588c396b2bb19c6d2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76747
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 275604
last-modified: Wed, 11 Jan 2023 03:46:27 GMT
server: cloudflare
etag: "63be3113-43494"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgLWv%2BHK7g%2FT%2BqtFGHLC%2BsX%2FFvOvMei5vLXUo5nkXD%2BucNg9d%2BaAYZ9PiTjMYJnr7D8V1JcLdIOFdvZFLfbtAox77sIZTQAdbXoR18VqrSoPe1rAkWLZpB%2FMhbmLpxKGppvIiWsLfh0Fho4lVZyjWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c41fc01b791-AMS
expires: Wed, 22 Feb 2023 17:22:58 GMT

GET
H3 200 Macx08_307_02_0066_webres.jpg
grif14.freehat.cc/upload/resize_cache/iblock/2eb/i3utfsqejpn9kb26cxhji7jgryrbokd5/550_309_175511db9cefbc414a902a46f1b8fae16/ 63 KB
63 KB 105ms
102ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/2eb/i3utfsqejpn9kb26cxhji7jgryrbokd5/550_309_175511db9cefbc414a902a46f1b8fae16/Macx08_307_02_0066_webres.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ef553180a4c5c228ea7f9922174d673ce8bdf64953492e90fc6d898c0e7ef5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466611
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64013
last-modified: Mon, 12 Dec 2022 05:52:37 GMT
server: cloudflare
etag: "6396c1a5-fa0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F01vBeiYNPZBnuz%2FcpQzWYic7rrnk5zN2TdhachHaKlfV%2Fm8NxUWG9J6NfKrYcALdZ4SiYh652HEm4ceTZOa2NUQGSp35GjIYezOx8TJtKCRnWI40phkK1dzLnq1CATeVZgrEXHsO5jnpQScWy2Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c41fc03b791-AMS
expires: Sat, 18 Feb 2023 05:05:14 GMT

GET
H3 200 bresize_macx04_013_04_0035r-_1_.jpg
grif14.freehat.cc/upload/resize_cache/iblock/c3b/mpa0tzx5m1guugevef5ywaic3nddnfo0/600_450_175511db9cefbc414a902a46f1b8fae16/ 212 KB
212 KB 110ms
106ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/c3b/mpa0tzx5m1guugevef5ywaic3nddnfo0/600_450_175511db9cefbc414a902a46f1b8fae16/bresize_macx04_013_04_0035r-_1_.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096bc32901bfbc816796b69350857cbe432703fb2f479eef7c656c8fe7779226

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 216632
last-modified: Mon, 05 Dec 2022 08:35:05 GMT
server: cloudflare
etag: "638dad39-34e38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rM9dNXU5zmGLzG6CY5hUQs%2BF%2BWLxl5cErPuPnkjrCuYE0h80TwrEZl%2BWcz0ZOAzT0S%2BCji5z6rKZ24TfF3Ue9mqc7imcDrdXX%2BIYO4%2BLcdNad%2FK5mCHKFbip0rkhaxjC2KFK8D1JmfXNCcqfA7LrEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c08b791-AMS
expires: Wed, 22 Feb 2023 16:56:40 GMT

GET
H3 200 resize_macx01_050_04_0085.jpg
grif14.freehat.cc/upload/resize_cache/iblock/f6c/c4fa6vxwan5kz29rewsn9lshbyf0tmhq/600_450_175511db9cefbc414a902a46f1b8fae16/ 144 KB
145 KB 120ms
116ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/f6c/c4fa6vxwan5kz29rewsn9lshbyf0tmhq/600_450_175511db9cefbc414a902a46f1b8fae16/resize_macx01_050_04_0085.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41178a0077ae257fba86ff1c65936a8775f337d412f94940737f27dec2c87214

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169900
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147770
last-modified: Mon, 21 Nov 2022 03:17:31 GMT
server: cloudflare
etag: "637aedcb-2413a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQHyT7ny4v94mqXH7ukXVDm050CH5yuvdcGd19%2B9vxYUSB89enO6SrcuL3fXSuBx7j8nyDtKzXg9zeSjwOOiC0GKe9Yb0salDU%2Bi7Uz80jmU664J4lAteVrSVKBDl5pcPYkSssSXhBy8tNtBjtqtrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c09b791-AMS
expires: Tue, 21 Feb 2023 15:30:25 GMT

GET
H3 200 resize_macx07_081_04a_0014.jpg
grif14.freehat.cc/upload/resize_cache/iblock/5d3/5vyl1y6idmqnq3kp5bzz3ge1041xqebx/600_450_175511db9cefbc414a902a46f1b8fae16/ 165 KB
166 KB 124ms
120ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/5d3/5vyl1y6idmqnq3kp5bzz3ge1041xqebx/600_450_175511db9cefbc414a902a46f1b8fae16/resize_macx07_081_04a_0014.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72cc135a939978413e9311102941f7f6d3fad17aa01792b14abd2228e513f26d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466611
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 169378
last-modified: Mon, 14 Nov 2022 03:31:32 GMT
server: cloudflare
etag: "6371b694-295a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CscJe%2FR5zFWdGQTxIMQCA%2Bieks6THPLjlXen%2FqWQnmBS6Kezx8748lDFVP%2BDW8bYkKfADMe6ZKQNE4iWkYuA7esPuMDzYUj5YlhGcF1auChxhuPoVMJEC3Ky23YSWN7%2BvKI2%2F05wn8Cy8CvE%2FP4iaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c0bb791-AMS
expires: Sat, 18 Feb 2023 05:05:14 GMT

GET
H3 200 macx03_001_02a_0192.jpg
grif14.freehat.cc/upload/resize_cache/iblock/1d8/zm7x46knjzimt6sk751ults6wi3441r2/600_450_175511db9cefbc414a902a46f1b8fae16/ 281 KB
281 KB 36ms
32ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/1d8/zm7x46knjzimt6sk751ults6wi3441r2/600_450_175511db9cefbc414a902a46f1b8fae16/macx03_001_02a_0192.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ea26f34cfdd7d28bc24092f7bfaf247d64870ccafd77a479d94ece2e62c35f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 287360
last-modified: Mon, 31 Oct 2022 03:38:03 GMT
server: cloudflare
etag: "635f431b-46280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33KGtS36Qo%2BqT%2FnwEk3FE8rnkJpLKnbAKZ%2FsIuZWkCYmnYD4lt%2BsR9C6ilpkem3utKj2gemWo9p5xdlfRAt37mE7PSfW%2BLi%2FAL17ASTblK8pOWcEyfpIOZTii7GbIuO76YCliU%2FyOL4Znp2HTeSEwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c0cb791-AMS
expires: Wed, 22 Feb 2023 02:26:54 GMT

GET
H3 200 resize_macx06_322_04_0077.jpg
grif14.freehat.cc/upload/resize_cache/iblock/fc1/9lp5bbbab1o2sqg3615u4wr7du947qsi/600_450_175511db9cefbc414a902a46f1b8fae16/ 178 KB
179 KB 139ms
135ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/fc1/9lp5bbbab1o2sqg3615u4wr7du947qsi/600_450_175511db9cefbc414a902a46f1b8fae16/resize_macx06_322_04_0077.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87d86bea2ea6631cb56f624570dce11d6be78bbc94acbc4b78c9fbe8497873d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182411
last-modified: Mon, 24 Oct 2022 05:56:53 GMT
server: cloudflare
etag: "63562925-2c88b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSwhx2ljf1nZKom8DecqUql4WqngelaWCVt6r4yv7PNCfTmUOH97fgCA4BSY%2B3O%2BRGMp3rQ0LkNTFgj%2BGdDqUFRzx9%2B2Fwl%2Fe%2F9moix0A0f3H%2FHVrmah037K9DpzTbMQZFIruMn8FqPbeuLfAZzJfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c0db791-AMS
expires: Wed, 22 Feb 2023 16:56:40 GMT

GET
H3 200 resize_macx05_318_03a_0208.jpg
grif14.freehat.cc/upload/resize_cache/iblock/644/hho736lqx1tkmuubbq80c0mocnpgzvez/600_450_175511db9cefbc414a902a46f1b8fae16/ 200 KB
200 KB 157ms
153ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/644/hho736lqx1tkmuubbq80c0mocnpgzvez/600_450_175511db9cefbc414a902a46f1b8fae16/resize_macx05_318_03a_0208.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce879dfaaa3f2585c8924844561fa5f286bee750ea260f5e867cca53747613b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466611
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 204364
last-modified: Mon, 17 Oct 2022 04:30:25 GMT
server: cloudflare
etag: "634cda61-31e4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNT8aSIlC9qNJx6Gg8yGuqqHvniS6N4CYX1DTQD9fMPGqKX7T9U0p3vL8epUAAcKTP%2Fb48mCLQW3LN7E9qa8aQ%2BDknJO%2BzHh%2FBGf7IhBqjIpHPPM6p4ANP59%2BZhVM5uF6FRUQ%2FfxLd76HWqiLaTm8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c0eb791-AMS
expires: Sat, 18 Feb 2023 05:05:14 GMT

GET
H3 200 resize_lacx20_013_03_0006.jpg
grif14.freehat.cc/upload/resize_cache/iblock/ded/d36qxkww1c9tr8wi95cir8s2os0anz0c/600_450_175511db9cefbc414a902a46f1b8fae16/ 169 KB
169 KB 143ms
140ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/upload/resize_cache/iblock/ded/d36qxkww1c9tr8wi95cir8s2os0anz0c/600_450_175511db9cefbc414a902a46f1b8fae16/resize_lacx20_013_03_0006.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c8d39475311cf0f7b590c6c576a60fb35a63cc4a801befa4945cb67be2c1ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 172601
last-modified: Mon, 10 Oct 2022 06:36:13 GMT
server: cloudflare
etag: "6343bd5d-2a239"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teaHGH5PzOrA8Qcx4JuEdVYs9xZqzaU0l5sZpVW3fhcPEzZhcLuGQ%2FCo%2Fcb0VqQ3MtcIMtgeVyQqdwgzVHo7CosGWFUQ483wd85ONixzEOoNCD%2FRX3fcS2JB78%2B0py1kU4xbo7z5r8U6JltfTb5h5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c10b791-AMS
expires: Wed, 22 Feb 2023 16:56:40 GMT

GET
H3 200 icons_v5.png
grif14.freehat.cc/bitrix/js/socialservices/css/ 33 KB
34 KB 148ms
145ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/js/socialservices/css/icons_v5.png?v=3
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/js/socialservices/css/ss.css?15959520355122
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4adebce2db38f2bf0e18a8bd994cbf3315436010ea711d963a02462cd0249753

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/js/socialservices/css/ss.css?15959520355122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169900
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34141
last-modified: Tue, 28 Jul 2020 16:01:04 GMT
server: cloudflare
etag: "5f204bc0-855d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHdoffe343aOaHJ3OFmNylruKeI7c9T8yoDttz%2Be4XRYPopJsQ1TIMQ%2BA%2Fx8Ej3NhkBI3Xw%2FZ8k3YU%2Fr8poFNUm2bsDXVfY7Xh42VUR84JyJZkWbqI7smQkoQN9TdsyPnbgzpPdXGuJnd4F3gKaiZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c11b791-AMS
expires: Tue, 21 Feb 2023 15:30:25 GMT

GET
H3 200 ftr-back.jpg
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 2 KB
3 KB 149ms
146ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/ftr-back.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a109ebaf631b0158fe177dd776051b61c7e7f0cf6d5c547cf9801debb339b2e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2517
last-modified: Sat, 02 Apr 2011 16:28:46 GMT
server: cloudflare
etag: "4d974ebe-9d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOb8kDZyPVsBFbCNCAkKtSUiVlQsav38WW%2FqCkESY12x9Uur4iVngbqwyTItThKNb%2BMu4JibXt%2FoRGNpbjLonmS1p5Dta0LGIaqMI16ddxOU85QdwrT0cISk8OmH%2F8lMFIpwQbVFN9sVAiofG%2ByDmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c13b791-AMS
expires: Thu, 23 Feb 2023 06:25:52 GMT

GET
H3 200 footer-logo.jpg
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 6 KB
7 KB 152ms
150ms Image
image/jpeg 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/footer-logo.jpg
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c891ca7084ef754bed6ce8fec143c1ecebfa51a64652e053707322dc0252f5f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6634
last-modified: Wed, 17 Sep 2014 05:56:56 GMT
server: cloudflare
etag: "541922a8-19ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZpWvaakoXxq%2FnKFe0blxP6BHL%2Bi85wz09xDMV%2BTSaV6XwFVrYLDCLl%2BBABa6Yt7TQ4KtrlOlmPuwioY37RxfGrTxVWqsXfwlh1HYj6SeGp%2BhHQV%2F17%2Fh6brvv0pQZXkFXPanZx%2BCrVzeOBcuRnmvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c14b791-AMS
expires: Thu, 23 Feb 2023 10:58:46 GMT

GET
H3 200 yandex-64.png
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 1 KB
2 KB 152ms
151ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/yandex-64.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d376d2c0d989e18873a346dce7d39f0274f906a502225beb58748c1a339a224

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1323
last-modified: Wed, 17 Sep 2014 06:46:07 GMT
server: cloudflare
etag: "54192e2f-52b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhM7RYEjjlKKgQFE6JsNAJxCjakSkL0gquOFTAsTd%2Fk3J6d8YWe71fNtmGi3LY2uSs79uxQk9kKBbMzt094u7pTInaoY2sXZhhLpQ2PAaOZer1MPkhQV8l%2FTar1CIK4Zz9nImStZEosagjk1K%2BWNRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c16b791-AMS
expires: Thu, 23 Feb 2023 10:58:46 GMT

GET
H3 200 webmoney-64.png
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 1 KB
2 KB 153ms
151ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/webmoney-64.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 959dc3e09f570d86198a8719d412dffe967df1e4b0bde5cd058da2fcb1ec144d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1277
last-modified: Wed, 17 Sep 2014 06:46:27 GMT
server: cloudflare
etag: "54192e43-4fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7P%2FGY%2FbIeSh0J0%2BoThlZ96%2Bs98DFA4QOVzYEdvbvANW0vOvWVDTLBpDnpwu%2BEWQc7RAPJhT5a3B40MvPgGlfzxFQk7WFLOVenF7QIK8Qs%2B7pSrsqhnCyPnlwW6QruWfAhHw7nWI8sQ55MC2YMPwjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c18b791-AMS
expires: Thu, 23 Feb 2023 10:58:46 GMT

GET
H3 200 visa-64.png
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 1 KB
2 KB 153ms
151ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/visa-64.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d92a71977f2f773411ef01dfda7786f8390241cb3b3563cbd5f8e6ff0e0dcff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 547849
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1475
last-modified: Wed, 17 Sep 2014 06:46:17 GMT
server: cloudflare
etag: "54192e39-5c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy9wHqQog5GEAvA%2Brs745fcqfe8fyJdYyVaEP3YUcZppdduhMDnWfruFkcUo0VEdS0R2TLUiJg%2B8xib%2B6X50Od60jPeybKE5PjmzMcjzHRWYlA3rhoGZGRuWh4h9HaqWV16Q1x8j5PApxq0xqejh0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c1ab791-AMS
expires: Fri, 17 Feb 2023 06:31:16 GMT

GET
H3 200 mastercard-64.png
grif14.freehat.cc/bitrix/templates/lalapaluza/img/ 2 KB
3 KB 153ms
152ms Image
image/png 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/img/mastercard-64.png
Requested by: Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b814ff04a64e51ee8711569095a473bc83ceaf36fd16208dcf8523c678d2ccbc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/bitrix/templates/lalapaluza/template_styles.css?1620968263108422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2388
last-modified: Wed, 17 Sep 2014 06:46:38 GMT
server: cloudflare
etag: "54192e4e-954"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bd%2F5JHNHRtyRtubwFjMPTW6xDQoVeuZ%2FK5bjtGY4xzBkLEA9gxnagESM20q4LX0PBaqVLP3Xi1W%2FrpXoNNrrgM%2FI73g7maDRkEsCMNr27OGyN0DebDwBGIq%2BUDoJqzbBV%2B59zDSpRvMGwFuEIBe9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 79a70c420c1cb791-AMS
expires: Thu, 23 Feb 2023 10:58:46 GMT

GET
H2 204 load Show response
z.cdn.trafficbass.com/ 0
277 B 66ms
20ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficbass.com/load?z=1969983558&div=2wb4jj5yngo&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=915&pl=3&mi=4&me=8&hc=4&n=1676558525820&url=grif14.freehat.cc%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&zyx=1174057926
Requested by: Host: cdn.trafficbass.com
URL: https://cdn.trafficbass.com/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Thu, 16 Feb 2023 14:42:05 GMT
cache-control: no-cache, must-revalidate
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 204 load Show response
z.cdn.trafficbass.com/ 0
278 B 64ms
19ms Script
text/plain 213.227.149.183
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.trafficbass.com/load?z=1555192603&div=pf7vcdxdbz4&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=915&pl=3&mi=4&me=8&hc=4&n=1676558525820&url=grif14.freehat.cc%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&zyx=1174057926
Requested by: Host: cdn.trafficbass.com
URL: https://cdn.trafficbass.com/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Thu, 16 Feb 2023 14:42:05 GMT
cache-control: no-cache, must-revalidate
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 bx_stat Show response
bitrix.info/ 42 B
380 B 45ms
43ms XHR
application/javascript 54.76.156.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bitrix.info/bx_stat
Requested by: Host: bitrix.info
URL: https://bitrix.info/ba.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.156.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-156-35.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.1 /
Resource Hash: a6ef562428798dd8ddfd85ccfd5a79ca7b5c088aec9ed0357b6fdd72435d66f5

Request headers

Referer: https://grif14.freehat.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://grif14.freehat.cc
date: Thu, 16 Feb 2023 14:42:05 GMT
access-control-allow-credentials: true
content-type: application/javascript
server: nginx/1.10.1
etag: 28465582ceaea0902e5923aea7ba89c7
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 56ms
56ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2004150101&t=pageview&_s=1&dl=https%3A%2F%2Fgrif14.freehat.cc%2F&ul=en-us&de=UTF-8&dt=%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1631275493&gjid=494615062&cid=972154511.1676558526&tid=UA-6196517-2&_gid=1684711060.1676558526&_r=1&_slc=1&z=1044814282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grif14.freehat.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:42:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://grif14.freehat.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK stat.js Show response
odnaknopka.ru/ 771 B
960 B 24ms
24ms Script
application/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/stat.js
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/ok9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f838aff91193ccc738d27beb8e135871dcc19a04871d325b0dfa4a883a2c5b90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 14:42:05 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1

200
OK

/ Show response
hlmiq.com/vu/nl/ Frame D338
Redirect Chain

https://googie-anaiytlcs.com/stat
https://hlmiq.com/vu/nl/

188 B
380 B

235ms
25ms

Document
text/html

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlmiq.com/vu/nl/
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f10db360fc698014e33075be53230e53366fc31053e0d36ed94fa4953ea55888

Request headers

Referer: https://grif14.freehat.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 14:42:06 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 14:42:06 GMT
Location: https://hlmiq.com/vu/nl/
Server: nginx/1.12.2
Transfer-Encoding: chunked

GET
H2

200

continuation_default.htm Show response
sale.aliexpress.ru/ru/__pc/ Frame 6880
Redirect Chain

https://feneteko.com/a
https://s.click.aliexpress.com/e/_DkvbRPd?af=a;14185&cn=-&cv=719967&dp=212.7.210.177
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2614185%26cn%3D-%26cv%3D719967%26dp%3D212.7.210.177%26af...
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=6a9c528a68834c9fb85fc3c2e6c6c48d&xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%261418...
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_...

15 KB
5 KB

59ms
59ms

Document
text/html

47.246.133.88
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d

Requested by

Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

47.246.133.88 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Tengine /

Resource Hash

4cbc50b868354039b7452633b5b5aaa7d0c25d72b0251b797bee708fc59e0299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grif14.freehat.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-transform,public,max-age=90,s-maxage=120
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 16 Feb 2023 14:42:08 GMT
eagleeye-traceid: 211675ce16765585288704995ef5be
p3p: CP="CAO PSA OUR"
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-language: en-US
content-length: 0
content-type: text/html;charset=UTF-8
date: Thu, 16 Feb 2023 14:42:08 GMT
eagleeye-traceid: 211675d116765585288141904ef460
location: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d
p3p: CP="CAO PSA OUR"
server: Tengine
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.ru/watch/21568060/
Redirect Chain

https://mc.yandex.ru/watch/21568060?wmode=7&page-url=https%3A%2F%2Fgrif14.freehat.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
https://mc.yandex.ru/watch/21568060/1?wmode=7&page-url=https%3A%2F%2Fgrif14.freehat.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

428 B
511 B

65ms
65ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/21568060/1?wmode=7&page-url=https%3A%2F%2Fgrif14.freehat.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A294280219848%3Ahid%3A273266523%3Az%3A0%3Ai%3A20230216144206%3Aet%3A1676558526%3Ac%3A1%3Arn%3A72485567%3Arqn%3A1%3Au%3A1676558526437258652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C34%2C100%2C14%2C110%2C0%2C%2C569%2C34%2C%2C%2C%2C844%3Aco%3A0%3Acpf%3A1%3Ans%3A1676558524904%3Arqnl%3A1%3Ast%3A1676558526%3At%3A%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cc42efe7ef632e86ec83fcdc6309dddbd8078bf10f10f4af186fa901242e4d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:42:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 16-Feb-2023 14:42:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://grif14.freehat.cc
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Thu, 16-Feb-2023 14:42:06 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:42:06 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16-Feb-2023 14:42:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/21568060/1?wmode=7&page-url=https%3A%2F%2Fgrif14.freehat.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A294280219848%3Ahid%3A273266523%3Az%3A0%3Ai%3A20230216144206%3Aet%3A1676558526%3Ac%3A1%3Arn%3A72485567%3Arqn%3A1%3Au%3A1676558526437258652%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C34%2C100%2C14%2C110%2C0%2C%2C569%2C34%2C%2C%2C%2C844%3Aco%3A0%3Acpf%3A1%3Ans%3A1676558524904%3Arqnl%3A1%3Ast%3A1676558526%3At%3A%D0%93%D1%80%D0%B8%D1%84%D1%84%D0%B8%D0%BD%D1%8B%20%D0%B2%20HD-%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%2C%20%D1%84%D0%B0%D0%BD-%D1%81%D0%B0%D0%B9%D1%82%2C%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B8%D0%BC%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%B5%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D0%B9%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://grif14.freehat.cc
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 16-Feb-2023 14:42:06 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
137 B 64ms
64ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: grif14.freehat.cc
URL: https://grif14.freehat.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://grif14.freehat.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:06 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 16 Feb 2023 15:42:06 GMT

GET
H/1.1 200
OK / Show response
hlmiq.com/vu/nl/ Frame ECD8 4 KB
1 KB 25ms
25ms Document
text/html 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlmiq.com/vu/nl/?
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 37e80c609be3376340468947fff6aec5a88fa0f2184e9780291a53b2dde908d5

Request headers

Referer: https://hlmiq.com/vu/nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 14:42:06 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

/ Show response
www.udemy.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/udemy4.com/
https://www.udemy.com/?ranMID=39197&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HkPD7KolsqsrI4o6Aw65ow&LSNPUBID=hL6ObH*7r3M&utm_source=aff-campaign&utm_medium=udemyads

0
0

1270ms
1215ms

Script
text/html

2606:4700::6812:a05a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.udemy.com/?ranMID=39197&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HkPD7KolsqsrI4o6Aw65ow&LSNPUBID=hL6ObH*7r3M&utm_source=aff-campaign&utm_medium=udemyads
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700::6812:a05a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.udemy.com/?ranMID=39197&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HkPD7KolsqsrI4o6Aw65ow&LSNPUBID=hL6ObH*7r3M&utm_source=aff-campaign&utm_medium=udemyads
Date: Thu, 16 Feb 2023 14:42:06 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.airhelp.com/ru/ Frame ECD8
Redirect Chain

https://www.airhelp.com/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
https://www.airhelp.com/ru/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045

0
0

43ms
43ms

Script
text/html

2606:4700::6810:970f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airhelp.com/ru/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700::6810:970f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
age: 242
vary: Accept-Encoding
content-type: text/html
location: https://www.airhelp.com/ru/?utm_medium=affiliate&utm_source=pap&utm_campaign=aff-agru&utm_content=&a_aid=agru&a_bid=2d914045
cache-control: public, max-age=86400
cf-ray: 79a70c464dd030d6-FRA
expires: Fri, 17 Feb 2023 14:42:06 GMT

GET
H2

200

/ Show response
www.bonprix.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/bonprix.nl/
https://redirects.tradedoubler.com/projectr/?landmark=Entry&typ=AFF&anbieter=Tradedoubler&iwl=501&wkz=94&version=deeplink&promo=0&matchkey=2031206&aktion=31*_td_*KEEP_NEWEST&entrysourceID=tradedoub...
https://www.bonprix.nl/?landmark=Entry&typ=AFF&anbieter=Tradedoubler&iwl=501&wkz=94&version=deeplink&promo=0&matchkey=2031206&aktion=31&entrysourceID=tradedoubler31:Tradedoubler~2031206~22449~31~MC...
https://www.bonprix.nl/?typ=AFF&anbieter=Tradedoubler&version=deeplink&promo=0&matchkey=2031206&aktion=31

0
0

270ms
270ms

Script
text/html

23.62.220.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bonprix.nl/?typ=AFF&anbieter=Tradedoubler&version=deeplink&promo=0&matchkey=2031206&aktion=31
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 23.62.220.19 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 14:42:06 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
location: https://www.bonprix.nl/?typ=AFF&anbieter=Tradedoubler&version=deeplink&promo=0&matchkey=2031206&aktion=31
cache-control: no-cache, no-store
x-cnection: close
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=36
content-length: 239
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 j19u1ne5 Show response
offer.alibaba.com/cps/ Frame ECD8 0
0 634ms
235ms Script
text/html 79.133.177.226
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=14f6c3e79cce2d39bd89cc29ce5f33bc&pid=656490
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.coursera.org/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/coursera2.org/
https://www.coursera.org/?irclickid=Rr6V7sWa9xyNRII33iXY9wFaUkAyk42GXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c

0
0

848ms
774ms

Script
text/html

13.225.78.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coursera.org/?irclickid=Rr6V7sWa9xyNRII33iXY9wFaUkAyk42GXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 13.225.78.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-48.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.coursera.org?irclickid=Rr6V7sWa9xyNRII33iXY9wFaUkAyk42GXUjWwE0&irgwc=1&utm_medium=partners&utm_source=impact&utm_campaign=1310690&utm_content=b2c
Date: Thu, 16 Feb 2023 14:42:06 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

429

/
www.expedia.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/expedia.nl/
https://www.expedia.nl/?siteid=100723&affcid=nl.network.cj.7561038.13957630.MCNL_-4043700144543189619&cjevent=8dafa061adff11ed81dff6e20a18b8fa

0
0

475ms
220ms

Script
text/html

23.35.208.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expedia.nl/?siteid=100723&affcid=nl.network.cj.7561038.13957630.MCNL_-4043700144543189619&cjevent=8dafa061adff11ed81dff6e20a18b8fa
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 23.35.208.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-208-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.expedia.nl/?siteid=100723&affcid=nl.network.cj.7561038.13957630.MCNL_-4043700144543189619&cjevent=8dafa061adff11ed81dff6e20a18b8fa
Date: Thu, 16 Feb 2023 14:42:06 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

404

in
www.momondo.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/momondo.nl/
https://www.momondo.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=20485&enc_refid=0%3A%3A207463%3A%3Av030300011382659ba6d0f1b242ee9c46ae1467a73085%3A%3A%3A%3A1676551202&utm_s...

0
0

152ms
82ms

Script
text/html

151.101.1.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.momondo.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=20485&enc_refid=0%3A%3A207463%3A%3Av030300011382659ba6d0f1b242ee9c46ae1467a73085%3A%3A%3A%3A1676551202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=20485&url=https%3A%2F%2Fmomondo.nl%2F
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 151.101.1.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.momondo.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=20485&enc_refid=0%3A%3A207463%3A%3Av030300011382659ba6d0f1b242ee9c46ae1467a73085%3A%3A%3A%3A1676551202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=20485&url=https%3A%2F%2Fmomondo.nl%2F
Date: Thu, 16 Feb 2023 14:42:06 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.fruugo.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/fruugo.nl/
https://redirects.tradedoubler.com/projectr/?ac=tradedoubler&tduid=f4428c9614c71ce140a7f8c199aa5a03&_td_deeplink=https://www.fruugo.nl
https://www.fruugo.nl/?ac=tradedoubler&tduid=f4428c9614c71ce140a7f8c199aa5a03

0
0

236ms
119ms

Script
text/html

104.109.54.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fruugo.nl/?ac=tradedoubler&tduid=f4428c9614c71ce140a7f8c199aa5a03
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 104.109.54.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-54-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.fruugo.nl?ac=tradedoubler&tduid=f4428c9614c71ce140a7f8c199aa5a03
Date: Thu, 16 Feb 2023 14:42:06 GMT
Cache-control: no-cache="set-cookie"
Server: Apache/2.4.55 (Ubuntu)
Connection: keep-alive
Content-Length: 1
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.xcams.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/xcams.com/
https://www.xcams.com/chatfs/random/?dsclr=false&comfrom=978654&cf2=147931&cfsa2=gOvl0pruSyLrUMMcf0=pc2&cfsa1=O211
https://www.xcams.com/?dsclr=false&comfrom=978654&cf2=147931&cfsa2=gOvl0pruSyLrUMMcf0%3Dpc2&cfsa1=O211

0
0

118ms
118ms

Script
text/html

91.237.218.76
DNXNETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xcams.com/?dsclr=false&comfrom=978654&cf2=147931&cfsa2=gOvl0pruSyLrUMMcf0%3Dpc2&cfsa1=O211
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 91.237.218.76 , Luxembourg, ASN212882 (DNXNETWORK, LU),
Reverse DNS: proxyovcsf.dnx.lu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:06 GMT
content-security-policy: frame-ancestors whitelabel.camspower.com cams.dnxlive.com
strict-transport-security: max-age=2592000
server: AdvancedTurboProxy
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR NID TAIa HISa OUR NOR PRE"
location: /?dsclr=false&comfrom=978654&cf2=147931&cfsa2=gOvl0pruSyLrUMMcf0%3Dpc2&cfsa1=O211
cache-control: max-age=0, must-revalidate, private
03-benchmark-time-affiliation-listener: 8
expires: Thu, 16 Feb 2023 14:42:06 GMT

GET
H2

200

/ Show response
nl.hotels.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/hotels.nl/
https://nl.hotels.com/&btn_ref=org-6658d51db36e0f38&btn_reach_pub=7561038&btn_reach_pub_name=Plebicom%20-%20eBuyClub&btn_mobile_url=https://nl.hotels.com/?rffrid=aff.hcom.nl.002.003.1613009.cjaff.k...
https://nl.hotels.com/?wapa6=MCNL_-626871157351080534%2CMCNL_-626871157351080534&cjevent=ed930afdae0111ed80a3005b0a18ba74&sub_publisher=1613009%2C1613009&sub_site=7561038%2C7561038&affcid=HCOM-BENE...

0
0

825ms
824ms

Script
text/html

2a02:26f0:dc:18d::277d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nl.hotels.com/?wapa6=MCNL_-626871157351080534%2CMCNL_-626871157351080534&cjevent=ed930afdae0111ed80a3005b0a18ba74&sub_publisher=1613009%2C1613009&sub_site=7561038%2C7561038&affcid=HCOM-BENELUX.NETWORK.CJ.7561038&sub_ad=13830885%2C13830885&rffrid=aff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027%2Caff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027&btn_network_ref=ed930afdae0111ed80a3005b0a18ba74
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2a02:26f0:dc:18d::277d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:42:07 GMT
strict-transport-security: max-age=31536000
x-b3-traceid: 4ceb3faa6e9d43d593b3670d6931ad24, 7e7a14f90dc55e9e84f56d4f8a97ac0c
location: /?wapa6=MCNL_-626871157351080534%2CMCNL_-626871157351080534&cjevent=ed930afdae0111ed80a3005b0a18ba74&sub_publisher=1613009%2C1613009&sub_site=7561038%2C7561038&affcid=HCOM-BENELUX.NETWORK.CJ.7561038&sub_ad=13830885%2C13830885&rffrid=aff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027%2Caff.hcom.nl.002.003.1613009.cjaff.kwrd%3Ded930afdae0111ed80a3005b0a18ba74.CID%3D1556901.TYPE%3D416027&btn_network_ref=ed930afdae0111ed80a3005b0a18ba74
x-edgeconnect_guid_debug: ,
cache-control: max-age=0, no-cache, no-store
x-cgp-info: noJvmRouteSet;160b6412-ae08-11ed-866a-0242afbaa1d5
trace-id: 4ceb3faa-6e9d-43d5-93b3-670d6931ad24
content-length: 0
x-client-ipv6: true
expires: Thu, 16 Feb 2023 14:42:07 GMT

GET

index.html
www.cos.com/en_eur/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/cos.com/
https://www.cos.com/sling/servlet/default/rakuten.rakuten?ranMID=46463&siteID=hL6ObH.7r3M-HqLE0dyeIFm_71AxpyNcLQ&url=https%3A%2F%2Fwww.cos.com%2F%3Futm_source%3Dadmitad%26utm_medium%3Daffiliate%26u...
https://www.cos.com/?utm_source=admitad&utm_medium=affiliate&utm_campaign=1&utm_content=10&utm_term=1266330&ranMID=46463&ranEAID=hL6ObH*7r3M&ranSiteID=hL6ObH.7r3M-HqLE0dyeIFm_71AxpyNcLQ
https://www.cos.com/content/cos/page.countryselector.nl_NL.en_eur.EUR.jsp?utm_source=admitad&utm_medium=affiliate&utm_campaign=1&utm_content=10&utm_term=1266330&ranMID=46463&ranEAID=hL6ObH*7r3M&ran...
http://www.cos.com/en_eur/index.html

0
0

GET
H2

200

/ Show response
nl.stripchat.com/ Frame ECD8
Redirect Chain

https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
https://nl.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727

0
0

409ms
394ms

Script
text/html

2606:4700:311f::6812:3f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nl.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700:311f::6812:3f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:06 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: deny
content-type: text/html
location: https://nl.stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
cf-ray: 79a70c4638a3b8b5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
www.viator.com/ Frame ECD8 0
0 596ms
447ms Script
text/html 104.64.162.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viator.com/?pid=P00062740&mcid=42383&medium=link
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.162.198 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-162-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 deals Show response
www.agoda.com/ Frame ECD8 0
0 344ms
73ms Script
text/html 23.37.37.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.agoda.com/deals?pcs=1&cid=1818886
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.37.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-37-249.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 / Show response
www.xcams.com/ Frame ECD8 0
0 115ms
115ms Script
text/html 91.237.218.76
DNXNETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xcams.com/?dsclr=false&comfrom=984133&cf2=&cfsa2=&cf0=pc2&cfsa1=O211
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.237.218.76 , Luxembourg, ASN212882 (DNXNETWORK, LU),
Reverse DNS: proxyovcsf.dnx.lu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2

200

/ Show response
de.bongacams.com/ Frame ECD8
Redirect Chain

https://bongacams.com/track?c=287325
https://bngtrk.com/hit.php?c=287325
https://bongacams.com/?bcs=cmljYTEzYWUxNTBiYzNlOGQ1OWFlZTViOGNkNWQ0MTA4NTI0OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
https://de.bongacams.com/?bcs=cmljYTEzYWUxNTBiYzNlOGQ1OWFlZTViOGNkNWQ0MTA4NTI0OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

0
0

255ms
176ms

Script
text/html

195.85.23.96
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://de.bongacams.com/?bcs=cmljYTEzYWUxNTBiYzNlOGQ1OWFlZTViOGNkNWQ0MTA4NTI0OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 195.85.23.96 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS: net-96-23-conversasro.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=utf-8
location: https://de.bongacams.com/?bcs=cmljYTEzYWUxNTBiYzNlOGQ1OWFlZTViOGNkNWQ0MTA4NTI0OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
cache-control: no-cache, no-store, must-revalidate
x-zone: m3-4-web50
cf-ray: 79a70c49fb0c37f2-FRA

GET
H2

200

/ Show response
www.coop.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/coop.nl/
https://www.coop.nl/?utm_source=TakeAds+GmbH&utm_medium=affiliate&utm_campaign=101248-3CeXyf7Iiic66vHZCLJZzcH4CeeYhH0C2QiEafbZcnkxcL&awc=12871_1676556182_e4e4c3763d4022b287c5f4dc38a6126a

0
0

1201ms
1101ms

Script
text/html

54.72.146.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coop.nl/?utm_source=TakeAds+GmbH&utm_medium=affiliate&utm_campaign=101248-3CeXyf7Iiic66vHZCLJZzcH4CeeYhH0C2QiEafbZcnkxcL&awc=12871_1676556182_e4e4c3763d4022b287c5f4dc38a6126a
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 54.72.146.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-146-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.coop.nl/?utm_source=TakeAds+GmbH&utm_medium=affiliate&utm_campaign=101248-3CeXyf7Iiic66vHZCLJZzcH4CeeYhH0C2QiEafbZcnkxcL&awc=12871_1676556182_e4e4c3763d4022b287c5f4dc38a6126a
Date: Thu, 16 Feb 2023 14:42:06 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.miniinthebox.com/nl/ Frame ECD8
Redirect Chain

https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=32ERiPW8yxyNRII33iXY9wFaUkAyhQU%3AXUjWwE0&irgwc=1
https://www.miniinthebox.com/nl/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=32ERiPW8yxyNRII33iXY9wFaUkAyhQU%3AXUjWwE0&irgwc=1

0
0

390ms
390ms

Script
text/html

23.36.162.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.miniinthebox.com/nl/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=32ERiPW8yxyNRII33iXY9wFaUkAyhQU%3AXUjWwE0&irgwc=1
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 23.36.162.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

vela_v
strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 14:42:07 GMT
x-content-type-options: nosniff
vela_v_c
p3p: CP="CAO PSA OUR"
vela_w_c
vela_is_first_visit
server-timing: edge; dur=1, origin; dur=142, cdn-cache; desc=MISS, ak_p; desc="465710_399431126_2161659448_14583_4962_18_0";dur=1
x-xss-protection: 1;mode=block
pragma: no-cache
vela_device
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/html; charset=UTF-8
location: https://www.miniinthebox.com/nl/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=32ERiPW8yxyNRII33iXY9wFaUkAyhQU%3AXUjWwE0&irgwc=1
vela_s
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
vela_w
vela_s_c
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET

fr
www.kobo.com/fr/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/kobo.com/
https://www.kobo.com/fr/fr?utm_source=linkshare_fr&utm_medium=affiliate&utm_campaign=Linkbux&utm_term=lb_lcp3af&ranMID=39331&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-uDykYk31zZkBSE1zDgiatg&siteID=...

0
0

GET
H2

200

nl-en Show response
www.grover.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/grover.com/
https://redirects.tradedoubler.com/projectr/?utm_medium=affiliates*_td_*KEEP_NEWEST&utm_campaign=blackfridaysale*_td_*KEEP_NEWEST&utm_source=tradedoubler*_td_*KEEP_NEWEST&uid=9&oid=13&affid=12&sub1...
https://www.grover.com/nl-en?tduid=b657248c3d2b3cb53abf523f46b6c3c6&utm_medium=affiliates&utm_campaign=blackfridaysale&utm_source=tradedoubler&uid=9&oid=13&affid=12&sub1=blackfridaysale

0
0

401ms
342ms

Script
text/html

2606:4700:10::ac43:1f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.grover.com/nl-en?tduid=b657248c3d2b3cb53abf523f46b6c3c6&utm_medium=affiliates&utm_campaign=blackfridaysale&utm_source=tradedoubler&uid=9&oid=13&affid=12&sub1=blackfridaysale
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700:10::ac43:1f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.grover.com/nl-en?tduid=b657248c3d2b3cb53abf523f46b6c3c6&utm_medium=affiliates&utm_campaign=blackfridaysale&utm_source=tradedoubler&uid=9&oid=13&affid=12&sub1=blackfridaysale
Date: Thu, 16 Feb 2023 14:42:07 GMT
Server: Apache/2.4.55 (Ubuntu)
Connection: keep-alive
Content-Length: 1
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
monday.com/lp/management/general/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/monday3.com/
https://monday.com/lp/management/general/?gspk=c2VyZ2V5Z2F5ZGFy&gsxid=YFaOZcLq4xQs&sid1=8e39685e-87bb-420c-a32b-dd7cbd249781&sid2=5cd34b4e7c4b96329115c62d&utm_adgroup=sergeygaydar&utm_campaign=ww-m...

0
0

606ms
511ms

Script
text/html

13.32.27.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://monday.com/lp/management/general/?gspk=c2VyZ2V5Z2F5ZGFy&gsxid=YFaOZcLq4xQs&sid1=8e39685e-87bb-420c-a32b-dd7cbd249781&sid2=5cd34b4e7c4b96329115c62d&utm_adgroup=sergeygaydar&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 13.32.27.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-73.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://monday.com/lp/management/general/?gspk=c2VyZ2V5Z2F5ZGFy&gsxid=YFaOZcLq4xQs&sid1=8e39685e-87bb-420c-a32b-dd7cbd249781&sid2=5cd34b4e7c4b96329115c62d&utm_adgroup=sergeygaydar&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack
Date: Thu, 16 Feb 2023 14:42:07 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
de.dhgate.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/dhgate/
https://de.dhgate.com/?f=bm|aff|admitad|1019090|36728b1ff118ba3e273efb0cedbce06b|197649||

0
0

1167ms
1032ms

Script
text/html

2606:2800:235:1c73:1f86:1376:22ce:2cd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.dhgate.com/?f=bm|aff|admitad|1019090|36728b1ff118ba3e273efb0cedbce06b|197649||
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:2800:235:1c73:1f86:1376:22ce:2cd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://de.dhgate.com/?f=bm|aff|admitad|1019090|36728b1ff118ba3e273efb0cedbce06b|197649||
Date: Thu, 16 Feb 2023 14:42:07 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.getyourguide.nl/ Frame ECD8
Redirect Chain

https://www.getyourguide.com/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22
https://www.getyourguide.nl/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=9R5FDH94Q8VZPEAME3M6J8YBZQDNXNUP&locale_autoredirect_optout=true

0
0

393ms
229ms

Script
text/html

2606:4700::6812:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getyourguide.nl/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=9R5FDH94Q8VZPEAME3M6J8YBZQDNXNUP&locale_autoredirect_optout=true
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700::6812:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 d08ef1d82ea76b1946793490968859d0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 322e5f0c-7383-4bfb-ac1d-fa4cd6cf4d6f
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-gyg-view-id: obyliwjkzh4roaleipzbg7efcl8w7sd0
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://www.getyourguide.nl/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22&visitor-id=9R5FDH94Q8VZPEAME3M6J8YBZQDNXNUP&locale_autoredirect_optout=true
cache-control: private, no-store, max-age=0, s-max-age=0, must-revalidate
cf-ray: 79a70c49fa4a30cf-FRA
x-amz-cf-id: N_8A686MjhVXZ_EfhZ3jiPhJ6viN_AR9_TCZyGPlVcD24Q8nFSJPwQ==

GET
H2

200

/ Show response
www.semrush.com/partner/seomartinPro14/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/semrush.com/
https://www.semrush.com/partner/seomartinPro14/?irclickid=3UcW8fWa%3AxyNRII33iXY9wFaUkAykfQ3XUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&u...

0
0

218ms
173ms

Script
text/html

34.120.45.191
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semrush.com/partner/seomartinPro14/?irclickid=3UcW8fWa%3AxyNRII33iXY9wFaUkAykfQ3XUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius&utm_term=
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 34.120.45.191 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 191.45.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.semrush.com/partner/seomartinPro14/?irclickid=3UcW8fWa%3AxyNRII33iXY9wFaUkAykfQ3XUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius&utm_term=
Date: Thu, 16 Feb 2023 14:42:07 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.notino.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/notino.nl/
https://www.notino.nl/?utm_source=cj&utm_medium=affiliate&utm_campaign=1613009&utm_term=7561038&cjevent=4094bc92ae0011ed831f005a0a18ba73&cjdata=MXxZfDB8WXww

0
0

190ms
83ms

Script
text/html

62.44.0.166
QUANTCOM-AS Quant...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.notino.nl/?utm_source=cj&utm_medium=affiliate&utm_campaign=1613009&utm_term=7561038&cjevent=4094bc92ae0011ed831f005a0a18ba73&cjdata=MXxZfDB8WXww
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 62.44.0.166 Brno, Czech Republic, ASN29208 (QUANTCOM-AS Quantcom a.s., CZ),
Reverse DNS: www.notino.nl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.notino.nl/?utm_source=cj&utm_medium=affiliate&utm_campaign=1613009&utm_term=7561038&cjevent=4094bc92ae0011ed831f005a0a18ba73&cjdata=MXxZfDB8WXww
Date: Thu, 16 Feb 2023 14:42:07 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

h Show response
www.ibood.com/offers/pl/s-pl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/ibood.be/
https://www.ibood.com/pl/pl/?wgu=284355_91011_16765558824997_4446089c9d&wgexpiry=1708091882&utm_source=YIELDKIT
https://www.ibood.com/offers/pl/s-pl/h?wgu=284355_91011_16765558824997_4446089c9d&wgexpiry=1708091882&utm_source=YIELDKIT

0
0

15ms
15ms

Script
text/html

34.107.132.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ibood.com/offers/pl/s-pl/h?wgu=284355_91011_16765558824997_4446089c9d&wgexpiry=1708091882&utm_source=YIELDKIT
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 34.107.132.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.132.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:08 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
vary: Accept
content-type: text/plain; charset=utf-8
location: /offers/pl/s-pl/h?wgu=284355_91011_16765558824997_4446089c9d&wgexpiry=1708091882&utm_source=YIELDKIT
x-cloud-trace-context: 52d4f64ce01059f7cf5f773dda88affb
cache-control: private
function-execution-id: imuaxwlmdrgw
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137

GET
H2

200

/ Show response
www.kayak.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/kayak.nl/
https://www.kayak.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=32921&enc_refid=0%3A%3A207463%3A%3Av030300011382cb9ed44d70f2499f9a2b31b40c13ea78%3A%3A%3A%3A1676548741&utm_sou...
https://www.kayak.nl/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=32921

0
0

287ms
286ms

Script
text/html

2a04:4e42:400::285
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kayak.nl/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=32921
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2a04:4e42:400::285 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

x-sn-waf-code
strict-transport-security: max-age=10886400; preload
date: Thu, 16 Feb 2023 14:42:08 GMT
server: KAYAK/1.0
report-to: { "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
location: https://www.kayak.nl/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=32921
cache-control: no-cache
permissions-policy: camera=(), microphone=(), midi=(), geolocation=(self), usb=()
accept-ranges: bytes
content-length: 0

GET
H2

200

/ Show response
www.hp.com/nl-nl/shop/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/hp.nl/
https://redirects.tradedoubler.com/projectr/?_td_ifelse=hpinstantink*td_string*https%3A%2F%2Fstore.hp.com%2FNetherlandsStore%2FDefault.aspx%3Fjumpid%3Daf_6g14fxqzub*td_true*_td_spaceport_encode=-1&...
https://www.hp.com/nl-nl/shop/GenericLandingPage.aspx?tduid=6bc6936cac4f44cbe0c6d113e0073938&url=https://store.hp.com/NetherlandsStore/Default.aspx?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_med...
https://store.hp.com/NetherlandsStore/Default.aspx?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub%20NL&utm_content=21963464
https://www.hp.com/nl-nl/shop/?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub%20NL&utm_content=21963464

0
0

250ms
250ms

Script
text/html

2a02:26f0:6c00::210:bb5a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hp.com/nl-nl/shop/?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub%20NL&utm_content=21963464
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2a02:26f0:6c00::210:bb5a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:42:08 GMT
strict-transport-security: max-age=expireTime
server: AkamaiGHost
location: https://www.hp.com/nl-nl/shop/?jumpid=af_6g14fxqzub&utm_source=affiliate&utm_medium=cpa&utm_campaign=ebuyclub%20NL&utm_content=21963464
cache-control: max-age=0, no-cache, no-store
server-timing: ak_p; desc="465710_34650893_375341726_17_14425_18_0";dur=1
content-length: 0
expires: Thu, 16 Feb 2023 14:42:08 GMT

GET
H2

200

/ Show response
www.lightinthebox.com/nl/ Frame ECD8
Redirect Chain

https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0gmWBGWa-xyNRII33iXY9wFaUkAyk4VPXUjWwE0&irgwc=1
https://www.lightinthebox.com/nl/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0gmWBGWa-xyNRII33iXY9wFaUkAyk4VPXUjWwE0&irgwc=1

0
0

313ms
312ms

Script
text/html

23.36.162.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightinthebox.com/nl/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0gmWBGWa-xyNRII33iXY9wFaUkAyk4VPXUjWwE0&irgwc=1
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 23.36.162.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

vela_v
strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 14:42:07 GMT
x-content-type-options: nosniff
vela_v_c
p3p: CP="CAO PSA OUR"
mpulse_origin_time: 128
vela_w_c
vela_is_first_visit
server-timing: ak_p; desc="465710_399431126_2161659421_13846_6325_18_0";dur=1
content-length: 0
x-xss-protection: 1;mode=block
pragma: no-cache
vela_device
mpulse_cdn_cache: MISS
x-frame-options: allow-from https://gw.lightinthebox.com
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/html; charset=UTF-8
location: https://www.lightinthebox.com/nl/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0gmWBGWa-xyNRII33iXY9wFaUkAyk4VPXUjWwE0&irgwc=1
access-control-allow-origin: 0
vela_s
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vela_w
access-control-allow-headers: Keep-Alive,User-Agent,Cache-Control,Content-Type,token
vela_s_c
expires: Thu, 16 Feb 2023 14:42:07 GMT

GET
H2

200

/ Show response
de.iherb.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/iherb/
https://www.iherb.com/?clickref=1101lwzFPyaR&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

0
0

54ms
45ms

Script
text/html

104.18.6.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 104.18.6.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
datacenter: production/catalog/frankfurt
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
location: https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
cache-control: no-cache
x-client-id: page-home
buildnumber: 1812
cf-ray: 79a70c520ec2921d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 827abfcb372287da2025761a8cc4ab39

GET
H2

200

/ Show response
www.tomtop.com/ Frame ECD8
Redirect Chain

https://is.gd/l613Pb
https://www.tomtop.com/?aid=agru

0
0

739ms
352ms

Script
text/html

54.70.31.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tomtop.com/?aid=agru
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 54.70.31.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-31-69.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

location: https://www.tomtop.com?aid=agru
date: Thu, 16 Feb 2023 14:42:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a70c4c4d8a9b31-FRA
content-type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.crocs.eu/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/crocs.eu/
https://www.crocs.eu/?ClickID=2CgV0aWa-xyNRII33iXY9wFaUkAyk9xGXUjWwE0&irgwc=1&adid=aff_impact_eu_x_x_Sub%20Networks_Adpump_1141115_x_x_x_x

0
0

1112ms
1001ms

Script
text/html

2606:4700::6812:1b75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crocs.eu/?ClickID=2CgV0aWa-xyNRII33iXY9wFaUkAyk9xGXUjWwE0&irgwc=1&adid=aff_impact_eu_x_x_Sub%20Networks_Adpump_1141115_x_x_x_x
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700::6812:1b75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.crocs.eu?ClickID=2CgV0aWa-xyNRII33iXY9wFaUkAyk9xGXUjWwE0&irgwc=1&adid=aff_impact_eu_x_x_Sub%20Networks_Adpump_1141115_x_x_x_x
Date: Thu, 16 Feb 2023 14:42:08 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET /
www.wish.com/ Frame ECD8 0
0

GET
H2

200

/ Show response
www.transavia.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/transavia.es/
https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=167422&cid=27843&data=12%3A%3A191269%3A%3Av030300011382228446c18be7419a8ed6ea66e004b4e6%3A%3A%3A%3A1676556962&url=https%3A%2F%2Fwww.transavi...
https://www.transavia.com/?utm_source=affiliate&utm_medium=linkgenerator&utm_campaign=HVTO_ES_191269_YieldKit

0
0

138ms
44ms

Script
text/html

45.223.19.47
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transavia.com/?utm_source=affiliate&utm_medium=linkgenerator&utm_campaign=HVTO_ES_191269_YieldKit
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 45.223.19.47 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

location: https://www.transavia.com/?utm_source=affiliate&utm_medium=linkgenerator&utm_campaign=HVTO_ES_191269_YieldKit
date: Thu, 16 Feb 2023 14:42:08 GMT
content-type: text/html;charset=UTF-8
server: NOYB 2.0.0
x-powered-by: NOYB 2.0.0
p3p: CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://tm.tradetracker.net/public/w3c/p3p.xml"

GET
H2

200

/ Show response
www.mediamarkt.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/mediamarkt.nl/
https://redirects.tradedoubler.com/projectr/?_td_ifelse=telefoonabonnementen*td_string*https://www.mediamarkt.nl/*td_true*_td_url=https://telefoonabonnementen.mediamarkt.nl/td_redirect/?tduid=3f2b8...
https://www.mediamarkt.nl/?utm_source=tradedoubler&utm_medium=aff-other%20affiliate&utm_campaign=rt_affiliate_performance_sp_na_blackfridaysale&utm_term=0&tduid=3f2b82428d460ca4a98d5b00443d415c

0
0

650ms
494ms

Script
text/html

2606:4700:90:0:8426:3d75:9f41:f87a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediamarkt.nl/?utm_source=tradedoubler&utm_medium=aff-other%20affiliate&utm_campaign=rt_affiliate_performance_sp_na_blackfridaysale&utm_term=0&tduid=3f2b82428d460ca4a98d5b00443d415c
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 2606:4700:90:0:8426:3d75:9f41:f87a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.mediamarkt.nl/?utm_source=tradedoubler&utm_medium=aff-other%20affiliate&utm_campaign=rt_affiliate_performance_sp_na_blackfridaysale&utm_term=0&tduid=3f2b82428d460ca4a98d5b00443d415c
Date: Thu, 16 Feb 2023 14:42:08 GMT
Server: Apache/2.4.55 (Ubuntu)
Connection: keep-alive
Content-Length: 1
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
changelly.com/ Frame ECD8 0
0 131ms
71ms Script
text/html 2606:4700:20::ac43:48ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 403 /
www.tiqets.com/en/andalucia-attractions-r74/ Frame ECD8 0
0 89ms
20ms Script
application/json 13.224.189.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiqets.com/en/andalucia-attractions-r74/?partner=mtac
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-56.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.dress-for-less.nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/dress-for-less.nl/
https://redirects.tradedoubler.com/projectr/?utm_medium=affiliate*_td_*KEEP_NEWEST&utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_campaign=3290894*_td_*KEEP_NEWEST&o=D6717-31-12&tduid=885abde13159fc5...
https://www.dress-for-less.nl/?utm_medium=affiliate&utm_source=tradedoubler&utm_campaign=3290894&o=D6717-31-12&tduid=885abde13159fc59a5a0aabbf7edc99a

0
0

674ms
599ms

Script
text/html

104.17.145.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dress-for-less.nl/?utm_medium=affiliate&utm_source=tradedoubler&utm_campaign=3290894&o=D6717-31-12&tduid=885abde13159fc59a5a0aabbf7edc99a
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 104.17.145.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.dress-for-less.nl/?utm_medium=affiliate&utm_source=tradedoubler&utm_campaign=3290894&o=D6717-31-12&tduid=885abde13159fc59a5a0aabbf7edc99a
Date: Thu, 16 Feb 2023 14:42:08 GMT
Server: Apache/2.4.55 (Ubuntu)
Connection: keep-alive
Content-Length: 1
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.hotelscombined.nl/ Frame ECD8
Redirect Chain

https://www.hotelscombined.nl/?a_aid=172493
https://www.hotelscombined.nl/

0
0

657ms
657ms

Script
text/html

151.101.193.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotelscombined.nl/
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

x-sn-waf-code
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
strict-transport-security: max-age=10886400; preload
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
server: KAYAK/1.0
date: Thu, 16 Feb 2023 14:42:08 GMT
content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to: { "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
location: /
permissions-policy: camera=(), microphone=(), midi=(), geolocation=(self), usb=()
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 403 /
kinsta.com/ Frame ECD8 0
0 79ms
26ms Script
text/html 2606:4700:4400::ac40:917d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kinsta.com/?kaid=ARRPTWYMWIMC
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:917d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.thelotter.net/de/ Frame ECD8
Redirect Chain

https://www.thelotter.net/?tl_affid=9175
https://www.thelotter.net/de/?tl_affid=9175

0
0

965ms
965ms

Script
text/html

107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelotter.net/de/?tl_affid=9175
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 14:42:07 GMT
server
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://www.thelotter.net/de/?tl_affid=9175
access-control-allow-origin: *
x-iinfo: 4-7315578-7315581 NNNY CT(1 2 0) RT(1676558527749 17) q(0 0 0 1) r(1 1) U11
cache-control: public, max-age=10
server-name: simba2
access-control-allow-headers: *
content-length: 160
x-ua-compatible: IE=edge

GET
H/1.1

200
OK

/ Show response
www.bol.com/nl/nl/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/bol.com/
https://www.bol.com/nl/?Referrer=ADVNLPPcef172004fcf26f700ea111e48000008429&utm_source=8429&utm_medium=Affiliates&utm_campaign=CPS&utm_content=txl
https://www.bol.com/nl/nl/?Referrer=ADVNLPPcef172004fcf26f700ea111e48000008429&utm_source=8429&utm_medium=Affiliates&utm_campaign=CPS&utm_content=txl

0
0

31ms
31ms

Script
text/html

185.14.169.119
BOL-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bol.com/nl/nl/?Referrer=ADVNLPPcef172004fcf26f700ea111e48000008429&utm_source=8429&utm_medium=Affiliates&utm_campaign=CPS&utm_content=txl
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: HTTP/1.1
Server: 185.14.169.119 Utrecht, Netherlands, ASN199408 (BOL-COM, NL),
Reverse DNS: pro-web-proxy-vip.bol.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Date: Thu, 16 Feb 2023 14:42:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: report-uri https://cspreport.bol.com/report/b/15000 ; default-src https://tpc.googlesyndication.com https://www.bol.com ; connect-src https://*.adyen.com https://*.akstat.io https://*.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googlesyndication.com https://*.gstatic.com https://*.mpstat.us https://*.s-bol.com https://aai.bol.com https://api.bol.com https://c.go-mpulse.net https://chat1.bol.com https://chatr.bol.com https://fbstatic-a.akamaihd.net https://firefly.bol.com https://suggestions.bol.com https://txrx.bol.com https://www.bol.com ; font-src data: https://*.s-bol.com https://fonts.gstatic.com https://secure.ogone.com https://www.bol.com ; frame-src https://*.2mdn.net https://*.adyen.com https://*.akstat.io https://*.doubleclick.net https://*.mpstat.us https://*.safeframe.googlesyndication.com https://*.youtube-nocookie.com https://bolfelicitatie.b05-apps.nl https://chat1.bol.com https://chatr.bol.com https://info.bol.com https://platform.twitter.com https://s-static.ak.facebook.com https://secure.ogone.com https://tpc.googlesyndication.com https://view.publitas.com https://www.bol.com https://www.facebook.com https://www.google.com ; img-src blob: data: https://*.2mdn.net https://*.adyen.com https://*.akstat.io https://*.contentstack.com https://*.contentstack.eu https://*.doubleclick.net https://*.google-analytics.com https://*.google.be https://*.google.nl https://*.krxd.net https://*.moatads.com https://*.mpstat.us https://*.s-bol.com https://adservice.google.be https://adservice.google.com https://adservice.google.nl https://bol.com https://bol.ugc.bazaarvoice.com https://cbks0.googleapis.com https://cbks1.googleapis.com https://csi.gstatic.com https://ds-aksb-a.akamaihd.net https://fbstatic-a.akamaihd.net https://img.youtube.com https://kbimages1-a.akamaihd.net https://khms0.googleapis.com https://khms1.googleapis.com https://m.bol.com https://maps.googleapis.com https://maps.gstatic.com https://mts0.googleapis.com https://mts1.googleapis.com https://pagead2.googlesyndication.com https://partner.bol.com https://photos-eu.bazaarvoice.com https://platform.twitter.com https://secure.ogone.com https://ssl.gstatic.com https://static.bol.com https://swa.bol.com https://syndication.twitter.com https://tpc.googlesyndication.com https://txrx.bol.com https://view.publitas.com https://weblog.bol.com https://www.bol.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.ups.com ; media-src blob: https://*.kobo.com https://*.phononet.de https://*.s-bol.com https://bolfelicitatie.b05-apps.nl https://rovimusic.rovicorp.com https://static.bol.com https://www.bol.com ; object-src https://bolfelicitatie.b05-apps.nl https://st1.streamzilla.jet-stream.nl https://view.publitas.com https://www.bol.com ; script-src 'unsafe-eval' 'unsafe-inline' data: https://*.2mdn.net https://*.adyen.com https://*.doubleclick.net https://*.google-analytics.com https://*.krxd.net https://*.moatads.com https://*.s-bol.com https://*.youtube-nocookie.com https://aai.bol.com https://adservice.google.be https://adservice.google.com https://adservice.google.nl https://ajax.googleapis.com https://apis.google.com https://bol.com https://c.go-mpulse.net https://cbks0.googleapis.com https://cdn.ampproject.org https://cdn.syndication.twimg.com https://cdn.syndication.twitter.com https://chat1.bol.com https://connect.facebook.net https://d31qbv1cthcecs.cloudfront.net https://ds-aksb-a.akamaihd.net https://fbstatic-a.akamaihd.net https://firefly.bol.com https://maps.googleapis.com https://maps.gstatic.com https://mts0.googleapis.com https://mts1.googleapis.com https://pagead2.googlesyndication.com https://partner.bol.com https://partner.googleadservices.com https://platform.twitter.com https://s.ytimg.com https://secure.ogone.com https://static.bol.com https://tpc.googlesyndication.com https://translate.googleapis.com https://tu.tu-vms.com https://txrx.bol.com https://view.publitas.com https://weblog.bol.com https://www.bol.com https://www.google.com https://www.googletagmanager.com https://www.googletagservices.com https://www.gstatic.com ; style-src 'unsafe-inline' https://*.s-bol.com https://bol.com https://fonts.googleapis.com https://partner.bol.com https://platform.twitter.com https://secure.ogone.com https://static.bol.com https://txrx.bol.com https://view.publitas.com https://www.bol.com ; worker-src blob: https://www.bol.com ; frame-ancestors 'self'
x-envoy-upstream-service-time: 28
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
pragma: no-cache
Server: envoy
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
location: /nl/nl/?Referrer=ADVNLPPcef172004fcf26f700ea111e48000008429&utm_source=8429&utm_medium=Affiliates&utm_campaign=CPS&utm_content=txl
cache-control: no-cache, no-store, must-revalidate, private
Keep-Alive: timeout=1, max=100
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/ Show response
www.myprotein.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/myprotein.com/
https://www.myprotein.com/?affil=awin&utm_content=https%3A%2F%2Fcityads.com&utm_term=Cashback&utm_source=AWin-565015&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=5650...

0
0

169ms
37ms

Script
text/html

31.177.17.7
THEHUTGROUPLIMITED

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myprotein.com/?affil=awin&utm_content=https%3A%2F%2Fcityads.com&utm_term=Cashback&utm_source=AWin-565015&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=565015&awc=10423_1676556182_6b974266958342165c57d54f6da75aa3
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 31.177.17.7 , United Kingdom, ASN197651 (THEHUTGROUPLIMITED, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

Location: https://www.myprotein.com/?affil=awin&utm_content=https%3A%2F%2Fcityads.com&utm_term=Cashback&utm_source=AWin-565015&utm_medium=affiliate&utm_campaign=AffiliateWin&sv1=affiliate&sv_campaign_id=565015&awc=10423_1676556182_6b974266958342165c57d54f6da75aa3
Date: Thu, 16 Feb 2023 14:42:09 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

de-de Show response
www.only.com/ Frame ECD8
Redirect Chain

https://hlmiq.com/to2/only.com/
https://www.only.com/?clickref=1101lwzFNXIK&utm_source=phgagru&utm_medium=affiliate&utm_campaign=brand-1101l5810-CA-partnerize
https://www.only.com/de-de?clickref=1101lwzFNXIK&utm_source=phgagru&utm_medium=affiliate&utm_campaign=brand-1101l5810-CA-partnerize

0
0

22ms
22ms

Script
text/html

34.149.145.178
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.only.com/de-de?clickref=1101lwzFNXIK&utm_source=phgagru&utm_medium=affiliate&utm_campaign=brand-1101l5810-CA-partnerize
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/nl/?
Protocol: H2
Server: 34.149.145.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 178.145.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Feb 2023 14:42:08 GMT
x-correlation-id: d3122975f9674efd95a2dbb795675ff1
via: 1.1 google
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
strict-transport-security: max-age=1; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
location: https://www.only.com/de-de?clickref=1101lwzFNXIK&utm_source=phgagru&utm_medium=affiliate&utm_campaign=brand-1101l5810-CA-partnerize
cache-control: no-store
x-content-typeoptions: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 base.css
i.alicdn.com/ams-static/3.0.0/global/ Frame 6880 62 KB
6 KB 1117ms
27ms Stylesheet
text/css 104.109.58.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.css

Requested by

Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-58-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 14:42:10 GMT
x-swift-cachetime: 31212872
fw_ip: 23.54.74.61, 104.109.58.65
x-readtime: 2697
server-timing: rt;dur=2.702,eagleid;desc=0819529616608066570447455e
x-swift-savetime: Mon, 22 Aug 2022 00:56:28 GMT
content-length: 5387
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Sep 2022 22:16:56 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1660806660
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fdfc7efadefe6c61f3328d48de7b301be3617112567202689
cache-control: max-age=26700857
served-from: 88.221.57.219
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_SANTACLARA_20940, NL_AMSTERDAM_60781
x-new-origin: 1
eagleid: 0819529616608066570447455e, 4f85b09616611297885732842e
expires: Fri, 22 Dec 2023 15:36:27 GMT

GET base.js
i.alicdn.com/ams-static/3.0.0/global/ Frame 6880 0
0

GET
H2 200 index.js Show response
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 6880 51 KB
18 KB 1117ms
27ms Script
application/javascript 104.109.58.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-58-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 14:42:10 GMT
x-swift-cachetime: 16621214
fw_ip: 92.122.108.58, 104.109.58.65
x-readtime: 726
server-timing: rt;dur=0.730,eagleid;desc=a3b5319a16410635039861132e
x-swift-savetime: Thu, 23 Jun 2022 09:58:10 GMT
content-length: 17480
x-xss-protection: 1; mode=block
last-modified: Sat, 09 Jul 2022 08:15:47 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1641063504
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf155e7c93143559fa037c0d4bc6cb9e0f983328d48de7b301be72f877a8d9336e5e
cache-control: max-age=12114634
served-from: 139.45.207.46
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_ASHBURN_20940, NL_AMSTERDAM_60781
x-new-origin: 1
eagleid: a3b5319a16410635039861132e, 2ff62b1916559782909203330e
expires: Thu, 06 Jul 2023 19:52:44 GMT

GET
H2 200 ae-header-ru.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame 6880 97 KB
11 KB 348ms
116ms Stylesheet
text/css 104.109.58.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-58-65.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 16 Feb 2023 14:42:09 GMT
content-encoding: br
x-oss-request-id: 60F95B1A8C29133032F208FB
content-md5: okrp/0QFbl1eCReKmGgLqA==
x-swift-cachetime: 18130167
x-swift-savetime: Fri, 24 Dec 2021 15:39:15 GMT
content-length: 10289
x-oss-object-type: Normal
last-modified: Fri, 24 Dec 2021 15:39:17 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1626954522
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15093277
served-from: 23.61.0.74
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: GB_LONDON_34164, NL_AMSTERDAM_60781
x-oss-hash-crc64ecma: 1856276477348331625
eagleid: a3b521a416403603557284486e
x-oss-server-time: 61
expires: Thu, 10 Aug 2023 07:16:46 GMT

GET
H2 200 footer.css
i.alicdn.com/ae-footer/20190918153024/buyer/front/ Frame 6880 2 KB
1 KB 1123ms
34ms Stylesheet
text/css 104.109.58.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-58-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 14:42:10 GMT
x-swift-cachetime: 31536000
fw_ip: 23.50.118.63, 104.109.58.65
x-readtime: 265
server-timing: rt;dur=0.269,eagleid;desc=7400519c16716044448271249e
x-swift-savetime: Wed, 21 Dec 2022 06:34:05 GMT
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 06:34:06 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1671604445
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100d52e858d73970bd3328d48de7b301be72f877a8d9336e5e
cache-control: max-age=26581859
served-from: 23.50.117.133
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: DE_FRANKFURT_34164, NL_AMSTERDAM_60781
x-new-origin: 1
eagleid: 7400519c16716044448271249e, 7400519c16716044448271249e
expires: Thu, 21 Dec 2023 06:33:09 GMT

GET
H2 200 ae-header.js Show response
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame 6880 478 KB
108 KB 23ms
23ms Script
application/javascript 104.109.58.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-58-65.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:42:10 GMT
content-encoding: br
x-oss-request-id: 6114A0D5DDB569303695924D
content-md5: 39oy7Iof2Tc675JC/1pTow==
x-swift-cachetime: 30136508
x-swift-savetime: Sat, 28 Aug 2021 09:02:17 GMT
content-length: 109875
x-oss-object-type: Normal
last-modified: Mon, 03 Jan 2022 18:06:06 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1628741845
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16162774
served-from: 23.212.50.121
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_SANJOSE_35994, NL_AMSTERDAM_60781
x-oss-hash-crc64ecma: 13718294925075259392
eagleid: a3b510a016412331636588346e
x-oss-server-time: 142
expires: Tue, 22 Aug 2023 16:21:44 GMT

GET
H2 200 js.js Show response
g.alicdn.com/ae-traffic-kn/cont-default/0.0.1/js/ Frame 6880 259 KB
81 KB 364ms
21ms Script
application/javascript 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/ae-traffic-kn/cont-default/0.0.1/js/js.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&14185&cn=-&cv=719967&dp=212.7.210.177&aff_fcid=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd&terminal_id=6a9c528a68834c9fb85fc3c2e6c6c48d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 261953db27cc0855b121008b1c606de50a2f3f5aecc60873ebb9751b66fd9203

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 04:40:52 GMT
content-encoding: gzip
via: cache26.l2de2[43,5,200-0,C], cache2.l2de2[7,0], cache2.l2de2[9,0], ens-cache7.de4[0,0,200-0,H], ens-cache3.de4[2,0]
x-oss-request-id: 63EDB3D4502B6E3539D0B979
content-md5: kuJE0GWh5VsdCB/MTAH96Q==
age: 36077
x-swift-cachetime: 86400
x-cache: HIT TCP_MEM_HIT dirn:8:157247028
x-swift-savetime: Thu, 16 Feb 2023 04:40:52 GMT
content-length: 82481
x-bucket-code: 3
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1676522452
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3461275387047287842
eagleid: 2ff62b1b16765585292383456e
x-oss-server-time: 33

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cos.com
URL: http://www.cos.com/en_eur/index.html

Domain: www.kobo.com
URL: https://www.kobo.com/fr/fr?utm_source=linkshare_fr&utm_medium=affiliate&utm_campaign=Linkbux&utm_term=lb_lcp3af&ranMID=39331&ranEAID=wizKxmN8no4&ranSiteID=wizKxmN8no4-uDykYk31zZkBSE1zDgiatg&siteID=wizKxmN8no4-uDykYk31zZkBSE1zDgiatg

Domain: www.wish.com
URL: https://www.wish.com/?irclickid=QK6ztTWaYxyNRII33iXY9wFaUkAykN3WXUjWwE0&utm_source=Impact&utm_medium=affiliate&utm_campaign=CITYADS%20MEDIA%20POLSKA%E2%80%8A&utm_term=1234031&utm_content=966Z1Y5iqcZrgch&from_ad=1234031&irgwc=1

Domain: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/global/base.js

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

166 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grif-fan.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: HoZsT6ksXSlix8UTHrrLuG7Tx20l4AMP
.grif14.freehat.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: pBx3FOe2EPHJkr7Xzy77AgSMY4Gpym3e
grif14.freehat.cc/	1970-01-20 18:05:45	Name: ASD_TIME_ZONE Value: 0
.bitrix.info/	1970-01-20 19:18:38	Name: bx_user_id Value: 28465582ceaea0902e5923aea7ba89c7
z.cdn.trafficbass.com/	1970-01-20 19:18:38	Name: AU Value: 45d0153c52c9c078
.freehat.cc/	1970-01-20 19:18:38	Name: _ga Value: GA1.2.972154511.1676558526
.freehat.cc/	1970-01-20 09:44:04	Name: _gid Value: GA1.2.1684711060.1676558526
.freehat.cc/	1970-01-20 09:42:38	Name: _gat Value: 1
grif14.freehat.cc/	1970-01-20 19:18:38	Name: BX_USER_ID Value: 28465582ceaea0902e5923aea7ba89c7
.freehat.cc/	1970-01-20 18:28:14	Name: _ym_uid Value: 1676558526437258652
.freehat.cc/	1970-01-20 18:28:14	Name: _ym_d Value: 1676558526
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1145828801676558526
.yandex.ru/	1970-01-20 19:18:38	Name: i Value: 88GeC30Roi0D754SIsSKpUC2nInsDXQkv7JWvRlY6MHFjqhriXt9hgxGiXdBzvSTZ5hJaGFq4/v5vXWcc1UxUQgVJZY=
.yandex.ru/	1970-01-20 18:28:14	Name: yandexuid Value: 4531713511676558526
.yandex.ru/	1970-01-20 18:28:14	Name: yuidss Value: 4531713511676558526
.yandex.ru/	1970-01-20 18:28:14	Name: ymex Value: 1708094526.yc.1676558526#1708094526.yrts.1676558526#1708094526.yrtsi.1676558526
.freehat.cc/	1970-01-20 09:43:50	Name: _ym_isad Value: 2
.freehat.cc/	1970-01-20 09:42:40	Name: _ym_visorc Value: w
stripchat.com/	1970-01-20 09:44:01	Name: __cflb Value: 02DiuFntVtrkFMde1diEyW45v2RDjfSg66B1LqXjg6eyi
redirects.tradedoubler.com/	1970-01-20 09:42:38	Name: AWSELBCORS Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44C6284783DD3A44B4296A014025AD53248C1BA03E231E71D15DBA2CF9A7C59ACA2
nl.stripchat.com/	1970-01-20 09:44:01	Name: __cflb Value: 02DiuFntVtrkFMde1dhS7BRXaJvQBjr8PvjrvpUGY46ZA
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=lzrgjuyncljv&acs_rt=6a9c528a68834c9fb85fc3c2e6c6c48d
.aliexpress.com/	1970-01-20 19:18:38	Name: aeu_cid Value: bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd
.aliexpress.com/	1970-01-20 11:52:14	Name: xman_t Value: AfJ34mdSAatKxOgIGm36UZwWESeK37HUg5pwUJDHWKEBW61pPOHsNvL53IzOiGoF
.aliexpress.com/	1970-01-20 19:18:38	Name: xman_f Value: /vDEB0e4I3XuH3amjGfADStci3FD78S4YUCa/nxBTOkuwNj7L3Ax0SDbOA29wHKbyjB8yySHQdt/R7MW+TJjZHMiVKsOuLI4XVG/uX8qldEgOnVkqL3Mhw==
.aliexpress.com/	1970-01-20 19:18:38	Name: af_ss_a Value: 1
.expedia.nl/	1970-01-20 09:42:40	Name: HMS Value: c370e249-f7ed-41f8-818c-af61ed6544b4
.expedia.nl/	1970-01-20 19:18:38	Name: MC1 Value: GUID=e21c7b599b684366be46820f98746e9c
.expedia.nl/	1970-01-20 19:18:38	Name: DUAID Value: e21c7b59-9b68-4366-be46-820f98746e9c
.expedia.nl/	1970-01-20 19:18:38	Name: OIP Value: gdpr\|-1
.bongacams.com/	1970-01-20 09:42:40	Name: __cf_bm Value: uyCDJ57TAgPW9Rj.VLXKrWRQhDQya64dve7ATdSgMCE-1676558526-0-ATlZiTSjyVy8/9ho9PkfYqmJtZVbs6qxa+61Na0UpyN93lWJpXwLzV5OWWgaJPbJnZEMJQ0GfhXs4pDCeKhH3CY=
www.viator.com/	1970-01-20 19:18:38	Name: x-viator-tapersistentcookie-xs Value: c0c52fc1-920d-4ed2-a44d-7538b07eb94f
.bongacams.com/	1969-12-31 23:59:59	Name: bonga20120608 Value: cf81cf8a1d5f65a339d6334333523cba
.aliexpress.ru/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=w748s1f43hbw&acs_rt=400ebbfdf6914c22885f6d3dfd057ba6
.aliexpress.ru/	1970-01-20 11:52:14	Name: xman_t Value: G9+XzK5yZ7/jeZmumyV0oHT0pMvxmorCcpYXXxsSDXUEJ9nyyeqgb6d9JkpiQ/f3
.getyourguide.com/	1970-01-20 19:18:38	Name: visitor_id Value: 9R5FDH94Q8VZPEAME3M6J8YBZQDNXNUP
.getyourguide.com/	1970-01-20 09:42:40	Name: __cf_bm Value: z8m2UQMaCW3ODSRGSJwgzRBrb_mTUcafekw6TO9I6y8-1676558527-0-ARSvXsFsLTX+RwGduy1mbeDPoiXS/0prN7svaBbsLZNSoJiHrSrmxqE55OMM8jZZ25/7XvJPLiJQB2az9um/Tis=
.hotels.com/	1970-01-20 09:42:40	Name: HMS Value: b06e9a30-d3f1-4e2b-92a5-6fac11287fd1
.hotels.com/	1970-01-20 19:18:38	Name: MC1 Value: GUID=d9708a3826a04be28495b1f03e1e85ba
.hotels.com/	1970-01-20 19:18:38	Name: DUAID Value: d9708a38-26a0-4be2-8495-b1f03e1e85ba
.hotels.com/	1970-01-20 19:18:38	Name: OIP Value: gdpr\|-1
.hotels.com/	1970-01-20 09:52:43	Name: CRAS Value: HCOM-BENELUX.NETWORK.CJ.7561038
nl.hotels.com/	1970-01-20 11:09:02	Name: akacd_pr_20 Value: 1681742527~rv=19~id=ae81babc3b540638f5f6b0b11ec078d8
.aliexpress.com/	1970-01-20 19:18:38	Name: xman_us_f Value: x_l=0&acs_rt=6a9c528a68834c9fb85fc3c2e6c6c48d&x_as_i=%7B%22aeuCID%22%3A%22bb1013d9fdbe443fb91d9c41b7c7e31b-1676558526837-04084-_DkvbRPd%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_DkvbRPd%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22716815331%22%2C%22tagtime%22%3A1676558526837%7D
.bongacams.com/	1970-01-20 14:01:50	Name: BONGAH_HIT Value: 13ae150bc3e8d59aee5b8cd5d4108524%3A%3A183346%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2023-02-16%2016%3A42%3A07
.bongacams.com/	1970-01-20 18:28:14	Name: sg Value: 213
.bongacams.com/	1970-01-20 18:28:14	Name: warning18 Value: %5B%22de_DE%22%5D
.getyourguide.nl/	1970-01-20 19:18:38	Name: visitor_id Value: 9R5FDH94Q8VZPEAME3M6J8YBZQDNXNUP
.getyourguide.nl/	1970-01-20 09:42:40	Name: __cf_bm Value: DKmbrP.t9TTueUabhU_Xb_kAlnDpibvm1IE_oh8OUZw-1676558527-0-AYWFB6Edrf6/sKJ4HVAPJC3ezqCWHp6OvzxByINUQi7Pbv1wpYJMU43p0anVwCkdIgO4Lhe1rj33P2+MHnMfJ2A=
.lightinthebox.com/	1970-01-20 18:28:14	Name: first_visit_time Value: 9908212bfc38284226194b6a1c84bca5
.lightinthebox.com/	1970-01-20 09:42:40	Name: vela_s_c Value: 42
.lightinthebox.com/	1970-01-20 09:43:07	Name: vela_v_c Value: 42
.lightinthebox.com/	1970-01-20 09:52:43	Name: vela_w_c Value: 42
.lightinthebox.com/	1970-01-20 10:25:50	Name: vela_m_c Value: 42
.lightinthebox.com/	1970-01-20 11:52:14	Name: vela_3m_c Value: 42
.lightinthebox.com/	1970-01-20 10:25:50	Name: vela_m_ca Value: 42
.lightinthebox.com/	1970-01-20 09:42:40	Name: vela_s Value: 63ee40bf71ac3
.lightinthebox.com/	1970-01-20 10:25:50	Name: vela_m Value: 63ee40bf71ac9
.lightinthebox.com/	1970-01-20 11:52:14	Name: vela_3m Value: 63ee40bf71acd
.lightinthebox.com/	1970-01-20 09:43:07	Name: vela_v Value: 63ee40bf71ad3
.lightinthebox.com/	1970-01-20 09:52:43	Name: vela_w Value: 63ee40bf71ad7
.lightinthebox.com/	1970-01-20 09:44:04	Name: vela_device Value: desktop
.lightinthebox.com/	1970-01-20 18:28:14	Name: vela_is_first_visit Value: 1
.lightinthebox.com/	1970-01-20 10:47:26	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.lightinthebox.com/	1970-01-20 11:52:14	Name: feature Value: V1213594_A
.lightinthebox.com/	1970-01-20 10:25:50	Name: local Value: nl%7CNL%7CEUR
.udemy.com/	1970-01-20 09:42:40	Name: __cf_bm Value: d_FwFcpmxQuyb.ScCqqgzmZCxkPv6WLo82kYGT6tlZw-1676558527-0-AU9qSWw7ntLvLybR8euuWNcMejJxo1wmJ9+UkfcmJHXDopGOXiM7EPF6AH9sO6eXBkM2tfLPj6z6kBY0z1EZsQ4=
.udemy.com/	1969-12-31 23:59:59	Name: __cfruid Value: 93614870a845be171538d50b39cf6a229ee7a7c0-1676558527
.miniinthebox.com/	1970-01-20 18:28:14	Name: first_visit_time Value: 9908212bfc38284226194b6a1c84bca5
.miniinthebox.com/	1970-01-20 09:42:40	Name: vela_s_c Value: 42
.miniinthebox.com/	1970-01-20 09:43:07	Name: vela_v_c Value: 42
.miniinthebox.com/	1970-01-20 09:52:43	Name: vela_w_c Value: 42
.miniinthebox.com/	1970-01-20 10:25:50	Name: vela_m_c Value: 42
.miniinthebox.com/	1970-01-20 11:52:14	Name: vela_3m_c Value: 42
.miniinthebox.com/	1970-01-20 10:25:50	Name: vela_m_ca Value: 42
.miniinthebox.com/	1970-01-20 09:42:40	Name: vela_s Value: 63ee40bf7c016
.miniinthebox.com/	1970-01-20 10:25:50	Name: vela_m Value: 63ee40bf7c01c
.miniinthebox.com/	1970-01-20 11:52:14	Name: vela_3m Value: 63ee40bf7c021
.miniinthebox.com/	1970-01-20 09:43:07	Name: vela_v Value: 63ee40bf7c027
.miniinthebox.com/	1970-01-20 09:52:43	Name: vela_w Value: 63ee40bf7c02c
.miniinthebox.com/	1970-01-20 09:44:04	Name: vela_device Value: desktop
.miniinthebox.com/	1970-01-20 18:28:14	Name: vela_is_first_visit Value: 1
.miniinthebox.com/	1970-01-20 10:47:26	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.miniinthebox.com/	1970-01-20 10:25:50	Name: local Value: nl%7CNL%7CEUR
.changelly.com/	1970-01-20 14:10:28	Name: WTP_AB_variant Value: 4
.changelly.com/	1970-01-20 18:38:19	Name: DirectBuy_ABvariant Value: new
.changelly.com/	1970-01-20 11:11:55	Name: Promocodes_ABvariant Value: default
.changelly.com/	1970-01-20 11:11:55	Name: first_visit_by_promo Value: 1
.changelly.com/	1970-01-20 18:38:19	Name: device_id Value: e563c381-2914-45c4-a556-e3ec7711489a
.changelly.com/	1969-12-31 23:59:59	Name: ref_id Value: t68bpi9bnrma1q8f
.changelly.com/	1970-01-20 10:27:16	Name: ipcountry Value: NL
.changelly.com/	1969-12-31 23:59:59	Name: time Value: 1676558527767
.changelly.com/	1970-01-20 11:52:14	Name: __zrtbanner49 Value: cbbd63fb-bdfb-4913-a637-246d1f27d3c1
.hotels.com/	1970-01-20 19:18:38	Name: linfo Value: v.4,\|0\|0\|255\|1\|0\|\|\|\|\|\|\|\|1043\|0\|0\|\|0\|0\|0\|-1\|-1
.hotels.com/	1969-12-31 23:59:59	Name: CRQSS Value: e\|9
.hotels.com/	1970-01-20 19:18:38	Name: CRQS Value: t\|3105`s\|300000009`l\|nl_NL`c\|EUR
.hotels.com/	1970-01-20 19:18:38	Name: currency Value: EUR
.hotels.com/	1969-12-31 23:59:59	Name: iEAPID Value: 9
.hotels.com/	1970-01-20 09:59:18	Name: tpid Value: v.1,3105
.hotels.com/	1970-01-20 19:18:38	Name: cesc Value: %7B%22aff%22%3A%5B%22AFF.HCOM-BENELUX.NETWORK.CJ.7561038%22%2C1676558527973%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1676558527973%5D%2C%22hitNumber%22%3A%5B%221%22%2C1676558527973%5D%2C%22visitNumber%22%3A%5B%221%22%2C1676558527973%5D%2C%22cidVisit%22%3A%5B%22AFF.HCOM-BENELUX.NETWORK.CJ.7561038%22%2C1676558527973%5D%2C%22entryPage%22%3A%5B%22noonewillmatchthis%22%2C1676558527973%5D%2C%22rffrid%22%3A%5B%22AFF.HCOM.NL.002.003.1613009.CJAFF.KWRD%3DED930AFDAE0111ED80A3005B0A18BA74.CID%3D1556901.TYPE%3D416027%2CAFF.HCOM.NL.002.003.1613009.CJAFF.KWRD%3DED930AFDAE0111ED80A3005B0A18BA74.CID%3D1556901.TYPE%3D416027%22%2C1676558527973%5D%2C%22cid%22%3A%5B%22AFF.HCOM-BENELUX.NETWORK.CJ.7561038%22%2C1676558527973%5D%7D
.thelotter.net/	1970-01-20 18:27:17	Name: visid_incap_2436245 Value: PL28ExkvTzCqFlDW9wvdQb9A7mMAAAAAQUIPAAAAAAC7Okh3Vyhl45+soThKJX0A
.thelotter.net/	1969-12-31 23:59:59	Name: incap_ses_281_2436245 Value: Bgm/LDl+9SsjrQ4LdVDmA79A7mMAAAAAJN/e6P979ieGeYiSB5oFsA==
www.hotelscombined.nl/	1970-01-20 19:18:38	Name: Apache Value: 1AfSsQ-AAABhlqs7dc-c6-XL1Gag
www.hotelscombined.nl/	1970-01-20 09:42:41	Name: cluster Value: 5
www.hotelscombined.nl/	1969-12-31 23:59:59	Name: kayak.t Value: 2$GEXYPFf1yJP26HRBao
www.hotelscombined.nl/	1969-12-31 23:59:59	Name: p1.med.sid Value: R-5lmmNqxHHBSqsuu9uBKmn-X_v5zDoBvCWmGpDnaq5kJfsf1dJiQZwWa70L_6oIB
www.hotelscombined.nl/	1970-01-20 10:25:50	Name: kanid Value: kan_172493
www.hotelscombined.nl/	1970-01-20 19:18:38	Name: languageCode Value: NL
www.hotelscombined.nl/	1970-01-20 19:18:38	Name: currencyCode Value: EUR
www.hotelscombined.nl/	1970-01-20 10:25:50	Name: a_aid Value: 172493
www.hotelscombined.nl/	1969-12-31 23:59:59	Name: brandId Value:
www.hotelscombined.nl/	1969-12-31 23:59:59	Name: label Value:
www.hotelscombined.nl/	1970-01-20 10:25:50	Name: Mobile Value: 0
www.hotelscombined.nl/	1970-01-20 10:25:50	Name: visitor Value: id=32a6b7fa-9bbd-41ba-b670-6b7ad8188b08&tracked=false
www.hotelscombined.nl/	1970-01-20 09:42:52	Name: visit Value: date=2023-02-17T01:42:08.024093+11:00&id=05169402-c282-4508-847a-33e331be1f09
www.hotelscombined.nl/	1969-12-31 23:59:59	Name: QueryBasedAffiliate Value: 11
www.notino.nl/	1970-01-20 10:47:22	Name: CommissionJunction Value: 1
www.notino.nl/	1970-01-20 10:40:10	Name: CJEVENT Value: 4094bc92ae0011ed831f005a0a18ba73
www.notino.nl/	1970-01-20 11:09:02	Name: source Value: cj
www.notino.nl/	1970-01-20 09:44:04	Name: lastSource Value: cj
www.notino.nl/	1970-01-20 10:47:26	Name: source45 Value: cj
.notino.nl/	1970-01-20 18:28:14	Name: USER Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaG9wIjoibm90aW5vLm5sIiwiY2dycCI6IjM1OSIsImxhbmciOiIyMCIsImx0YWciOiJubC1OTCIsImN1cnIiOiIxIiwiY2xpZW50Ijoid2ViIiwiZ3JkIjoiNjA2MDgwNzcxNTQyMDgwODIiLCJzaWQiOiIxRUFDMDAwMC00MTdGLUQyMTYtRkJCRS0wOERCMTAyQkZBRDIiLCJyb2xlIjoiQW5vbnltb3VzIiwiY2FydCI6IjFFQUMwMDAwLTQxN0YtRDIxNi1GQkY1LTA4REIxMDJCRkFEMiIsImlhdCI6MTY3NjU1ODUyOCwiaXNzIjoibm90aW5vIn0.x9i1ObmDv_7HqwAqsklcjyZvFI9LH0eo2hd6Kk0Pxpc
.notino.nl/	1970-01-20 11:52:14	Name: ab80 Value: 2
.notino.nl/	1970-01-20 11:52:14	Name: ab235 Value: 2
.notino.nl/	1970-01-20 18:28:14	Name: grd Value: 60608077154208082
.notino.nl/	1970-01-20 18:28:14	Name: npcount Value: 1
.notino.nl/	1969-12-31 23:59:59	Name: lpv Value: Lw==
www.coop.nl/	1970-01-20 09:52:43	Name: AWSALBCORS Value: pH46UwTzp0z9tHxTgxEvQYwb7OSch+HFkPuUNr/CKjUbXfEaOJWLisnpsgtMqZiL/t6srYm+KxQ75sl5lhhtlfMYDOEw9S8YtoGpDsM334Xm7aY8JNC8mXfcnz6Z
www.kayak.nl/	1970-01-20 19:18:38	Name: Apache Value: IAEa_FAAoCYABQAAAAAACQ-AAABhlqs7sE-c6-ZoMbPg
www.kayak.nl/	1970-01-20 09:42:41	Name: cluster Value: 5
www.kayak.nl/	1969-12-31 23:59:59	Name: kayak.t Value: z0vdvuByb05P5uJ893PZ
www.kayak.nl/	1970-01-20 14:01:50	Name: p1.med.token Value: UCjiq7NcLwlrTrviQpiqHc
www.kayak.nl/	1969-12-31 23:59:59	Name: p1.med.sid Value: R-5qvSv89ZklizwNDuaPRCv-dG_2HZ73aemwC9KxHjj0omDfCpCZ1z_ID89s_6OPR
www.kayak.nl/	1970-01-20 10:25:50	Name: kanid Value: tradetracker
www.kayak.nl/	1970-01-20 10:25:50	Name: kanlabel Value: AUkgZtJ5S4YSbVlyYWK543NVCX-u13XoVvigeTBcUdF6zTR2OySr7BsF79D36QTqw5G6_13OnGJ7Ln01CMPuct1ReUqs0uq8M5h0QhkEccQTmrT-gTqZDmjz5HqPdg5eSpv2LH4kEfYcqpnCk8ngz9fBe8hIw4bWGCUZM6g9RNF7OcHkQNOKllnMyT8RSk03Ygkn4Lgxdf64xnAAjFh0jol92-k3AeAW8VITt_W4O2x9UaAze0Ar3zYOMIG5t3kWxQ
.iherb.com/	1970-01-20 18:28:14	Name: iher-pref1 Value: storeid%3D0
.iherb.com/	1970-01-20 18:28:14	Name: ih-preference Value: store%3D0
.iherb.com/	1970-01-20 09:52:43	Name: ihr-ea Value: PerformanceHorizon-1101lwzFPyaR
.iherb.com/	1970-01-20 09:42:40	Name: __cf_bm Value: xIn7BVDWA9pJ74rpsUIoO2uESvqyKvYsEe_2YwcaLo0-1676558528-0-AeW+Io/kmXGrei+fqBh3ZntC5jkwe/e608KjMfhRBBbBJOnux1rZx9VdPLxHIvjdXe9O9x+rqspAn217/DGYShVCfRZ7eA23nnwJEdxQG7BH
www.kayak.nl/	1969-12-31 23:59:59	Name: kayak.mc Value: AZr3RXdeaB5vcdReK-uqUT4xcjSGQTmmH5a5auZDgOiul4DAExN1S0iGGjbfmmjOLQTnmj9SNOmYYyM__XmtV3H4Ok9MnJs7wIc9B3OmB6tYvlwKnfNpTZSSd8fYkqvJdvEj8F1hTcexQS53GJQnWQ7vhlITmAQ1ftpDKUkUxYE3Ylo3fAPfD6toHfyXE0pBQ0Uvqt7k12pFd80aFuntbbtEwFCiYTEkOvYi7UNIeeYKLgDPhShlhQ7SPkgOzamV-TxNEVdIru_DxzYw3aqYnlRjAp0biyTbuZFnAZ-PK8HURSRVi4NYolXboGEfuiXsKiMOxsKiQLwg2I0TILmhHHGfwLWwqz7ruHskgiDSmUzOxYJku1tf4H-fh4vWz4qt_L9Ic4NDpYeFRG-07ALhw44VjKwy-Dljlzey4NA8_Qe6Zjm7Ry73JJpvR5ZnU_BBZx6m6Qz4ARJn-vUY6zhdjndY1kGET92n2zSnfv0A-UFSh5ZcG4Q_WEf51NAqA3pfCcK8jTbCJY1ofQZz4nd6cr5aA6bomuAIH6tyEPbmoxsp
.tradetracker.net/	1970-01-20 12:06:34	Name: TTcst_167422 Value: 12%3A%3A191269%3A%3Av030300011382228446c18be7419a8ed6ea66e004b4e6%3A%3A%3A%3A1676556962%3A%3A27843
www.hotelscombined.nl/	1969-12-31 23:59:59	Name: kayak.mc Value: Afu4KbxumOx5v_qtcTIb1mZM2wQvR_E66RNiGKgq8jAq2sUF9QQKji-aUfit8R9mJ5laaXQF1qmny9FzxjQVbQTCCAzUOeD8qfE0xLHSV86MuaVraRVPtMxyvQ9pkr4oJeR7Im_Ql0fjVNDMzkcwj8a9BShoKk8eEN05I6gD4Fzeh8Hzq6q4XNlaZHvvedDYTQONxsD49n59m4Q_x8VpjEU4s9KLq2qV56YAcspzF8Y-
www.hp.com/	1969-12-31 23:59:59	Name: NLISCS.NET_SessionId Value: dguevnl4dmn2a1atwtulzg22
www.hp.com/	1970-01-20 11:50:48	Name: hpiscssid_CG1926 Value: 0=anon\|35e9b053-a0ef-4d66-9d4a-94b3f1ed7715\|dguevnl4dmn2a1atwtulzg22\|16-2-2023 14:42:08
www.hp.com/	1969-12-31 23:59:59	Name: akavpau_wwwHPcom_ISCS_VP Value: 1676558828~id=100234bbd05138687da9366190720bf6
.aliexpress.ru/	1970-01-20 19:18:38	Name: xman_us_f Value: x_l=0&acs_rt=6a9c528a68834c9fb85fc3c2e6c6c48d
.aliexpress.ru/	1970-01-20 19:18:38	Name: xman_f Value: IPbkw4CRaynmEUqIbqy2WjCa41jpcqK228/rHIlomGkxqWRd2DQ0z/yPFvuTfnUJ2ob5cp2R4rPNeAKIFig0A2lc1rYZlCh+PyULBkBqf5+Tzfwl8HWEmA==
www.thelotter.net/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kpnvylf5s0vrhgh102ey4bb1
.www.bol.com/	1969-12-31 23:59:59	Name: shopping_session_id Value: 485412c9e9b46cbd4ca750b99a885654689354f7828f1de6a16ce585b8ceff51
.mediamarkt.nl/	1970-01-20 09:42:40	Name: __cf_bm Value: ruinbPznm6zR3vSNXUBMQsULY5HGzjKBsMlH7vmlwUA-1676558529-0-AQ2x/X/lEpjy8m7sm7+8dfWPNoIxRzPPtH7RiYwgXc6GuyodgGsdAYJ5r2nqX+aNbmnOKWsLgAif2zu79ttPWKw=
.mediamarkt.nl/	1969-12-31 23:59:59	Name: _cfuvid Value: T_SRbw3QQFOJ72kUKwHLLpNo_t4uwZqHGaCcH63kBKM-1676558529209-0-604800000
.myprotein.com/	1970-01-20 19:18:38	Name: chumewe_user Value: d90ab810-5864-4ede-8486-4a0c977b7a71
.myprotein.com/	1970-01-20 09:42:52	Name: chumewe_sess Value: 60811377-f045-46f5-af6f-43a2debe6f73
.myprotein.com/	1970-01-20 18:28:35	Name: locale_V6 Value: en_GB
www.myprotein.com/	1969-12-31 23:59:59	Name: csrf_token Value: 03617733697609603767
www.crocs.eu/	1969-12-31 23:59:59	Name: dwsecuretoken_cb531e02a96a7f546e0b6a3693b41cec Value: "ZX081QYfNGSRbWj55qwi7GPXzBKpJ2AKtQ=="
.crocs.eu/	1970-01-20 09:42:40	Name: __cf_bm Value: xm4WnFrMz3A8FbUuUlCAkA8krG_I.HEEy3J_IjT.Mos-1676558529-0-Af/nmytc95+qzduIQdtUDa4t55mZGG63wwGY7w7HsA5bVToO4E+alRen259ZuaTrVvxKUFdx7WxRfQDU3V+2UFo=
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: dwac_eb5ac175ba713cff640839a320 Value: Y5VedQnvZpiFo2agsAY2ajm6kI4WmZI3Ezc%3D\|dw-only\|\|\|EUR\|false\|Europe%2FBerlin\|true
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: cqcid Value: adrvPnbCvWnyYUmbOd8l8CsaqR
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: cquid Value: \|\|
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: sid Value: Y5VedQnvZpiFo2agsAY2ajm6kI4WmZI3Ezc
www.dress-for-less.nl/	1970-01-20 14:01:50	Name: dwanonymous_e02d787320d6f2cde18c13fb655cac42 Value: adrvPnbCvWnyYUmbOd8l8CsaqR
www.dress-for-less.nl/	1970-01-20 18:28:14	Name: TRADEDOUBLER Value: 885abde13159fc59a5a0aabbf7edc99a
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: __cq_dnt Value: 0
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: dw_dnt Value: 0
www.dress-for-less.nl/	1969-12-31 23:59:59	Name: dwsid Value: 5Bb2-WQWNwXDz-3bvAKzm745OAJ7YMOqVVtyex3v1L-h3kfdzlXq1BfNX5XZu77Wp3QG0l6th89-7Cyo3dd4wg==

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.momondo.nl/in?a=tradetracker&encoder=19_4&enc_pubid=207463&enc_bid=0&enc_pid=20485&enc_refid=0%3A%3A207463%3A%3Av030300011382659ba6d0f1b242ee9c46ae1467a73085%3A%3A%3A%3A1676551202&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=207463&utm_content=20485&url=https%3A%2F%2Fmomondo.nl%2F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.expedia.nl/?siteid=100723&affcid=nl.network.cj.7561038.13957630.MCNL_-4043700144543189619&cjevent=8dafa061adff11ed81dff6e20a18b8fa Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://hlmiq.com/vu/nl/? Message: Mixed Content: The page at 'https://grif14.freehat.cc/' was loaded over HTTPS, but requested an insecure script 'http://www.cos.com/en_eur/index.html'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.tiqets.com/en/andalucia-attractions-r74/?partner=mtac Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://kinsta.com/?kaid=ARRPTWYMWIMC Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.alicdn.com
bitrix.info
bngtrk.com
bongacams.com
cdn.trafficbass.com
changelly.com
de.bongacams.com
de.dhgate.com
de.iherb.com
dominantroute.com
feneteko.com
g.alicdn.com
googie-anaiytlcs.com
grif-fan.ru
grif14.freehat.cc
handred.ru
hlmiq.com
i.alicdn.com
is.gd
kinsta.com
login.aliexpress.com
login.aliexpress.ru
mc.yandex.ru
monday.com
nl.hotels.com
nl.stripchat.com
odnaknopka.ru
offer.alibaba.com
redirects.tradedoubler.com
s.click.aliexpress.com
sale.aliexpress.ru
sc.tradetracker.net
store.hp.com
stripchat.com
videoroll.net
www.agoda.com
www.airhelp.com
www.bol.com
www.bonprix.nl
www.coop.nl
www.cos.com
www.coursera.org
www.crocs.eu
www.dress-for-less.nl
www.expedia.nl
www.fruugo.nl
www.getyourguide.com
www.getyourguide.nl
www.google-analytics.com
www.grover.com
www.hotelscombined.nl
www.hp.com
www.ibood.com
www.iherb.com
www.kayak.nl
www.kobo.com
www.lightinthebox.com
www.mediamarkt.nl
www.miniinthebox.com
www.momondo.nl
www.myprotein.com
www.notino.nl
www.only.com
www.semrush.com
www.thelotter.net
www.tiqets.com
www.tomtop.com
www.transavia.com
www.udemy.com
www.viator.com
www.wish.com
www.xcams.com
z.cdn.trafficbass.com
i.alicdn.com
www.cos.com
www.kobo.com
www.wish.com
104.109.54.129
104.109.58.65
104.109.95.134
104.17.145.36
104.18.228.43
104.18.6.193
104.64.162.198
107.154.132.27
13.224.189.56
13.225.78.48
13.32.27.73
142.132.202.70
151.101.1.29
151.101.193.29
163.181.56.193
176.9.60.211
178.162.196.152
185.14.169.119
193.200.64.20
195.85.23.88
195.85.23.96
213.227.149.183
23.35.208.181
23.36.162.214
23.37.37.249
23.62.220.19
2606:2800:235:1c73:1f86:1376:22ce:2cd
2606:4700:10::ac43:1f1c
2606:4700:20::6819:e935
2606:4700:20::ac43:48ad
2606:4700:3038::6815:ea93
2606:4700:311f::6812:3f7e
2606:4700:4400::ac40:917d
2606:4700:90:0:8426:3d75:9f41:f87a
2606:4700::6810:970f
2606:4700::6812:1b75
2606:4700::6812:1f3d
2606:4700::6812:a05a
2a00:1450:400d:80c::200e
2a02:26f0:6c00:185::23a2
2a02:26f0:6c00::210:bb5a
2a02:26f0:dc:18d::277d
2a02:6b8::1:119
2a04:4e42:400::285
31.177.17.7
31.192.112.221
34.107.132.69
34.120.45.191
34.149.145.178
34.243.127.224
45.223.19.47
47.246.133.23
47.246.133.88
5.61.58.130
52.211.185.157
54.70.31.69
54.72.146.178
54.76.156.35
62.44.0.166
79.133.177.226
82.202.165.19
87.236.16.24
91.237.218.76
00fa49b9119d2e4ff6b92325d22dd986ffa468f796233122d6c614c290a7ff96
06ea26f34cfdd7d28bc24092f7bfaf247d64870ccafd77a479d94ece2e62c35f
096bc32901bfbc816796b69350857cbe432703fb2f479eef7c656c8fe7779226
0ad1dce471aafe345cbbe7eb4c40c7c93018ec5a8b95ae7519fd5eb70c19a580
16103661642748ad79471678e485351ee19a083e6c9532ca8b961a3753577af6
1751f65f18c4497771601702504b81736c149539dc1494c1178bf4253e6f7238
1944de148837d0ae19df67bd7f5a034020422cadb6541b2c7ef8ce8d0d017c79
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261
261953db27cc0855b121008b1c606de50a2f3f5aecc60873ebb9751b66fd9203
28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff
29ef553180a4c5c228ea7f9922174d673ce8bdf64953492e90fc6d898c0e7ef5
2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc
36bc95bd291505d6ad6dbf1d2fb15be33f111770b1e657bd27d7bac9bd4d8267
37e80c609be3376340468947fff6aec5a88fa0f2184e9780291a53b2dde908d5
3d91bc785d55a0066c1d0fa79ece2b5688483236b571796aced8077eaf9ceebc
41178a0077ae257fba86ff1c65936a8775f337d412f94940737f27dec2c87214
4adebce2db38f2bf0e18a8bd994cbf3315436010ea711d963a02462cd0249753
4cbc50b868354039b7452633b5b5aaa7d0c25d72b0251b797bee708fc59e0299
4d376d2c0d989e18873a346dce7d39f0274f906a502225beb58748c1a339a224
4ded9ba15903d6514c5c47942d75eeaf742f13afcf11f1552e183587c63e2c8f
514d53f2d4607c2e2cdd3915d81da6d6547b31ae77dafa588c396b2bb19c6d2c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58c8d39475311cf0f7b590c6c576a60fb35a63cc4a801befa4945cb67be2c1ca
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c6c81a83d7c40c24b1e657215130483684ca11cab0c92dff431d23a6777c280
61cf02a68fe18bce4397e8cfdc20d4bd7ee3241436110917f39d89360b9fc375
6a2eb4b18549b75a7f1e41cdcfe69c85e1311cb25a1816a07be9bd65e1297ebf
6d92a71977f2f773411ef01dfda7786f8390241cb3b3563cbd5f8e6ff0e0dcff
6e12e36b6f8ddf8c1a5b4f1b72cffe021d79f0edf0b7c232a9a28f619c7ada24
72cc135a939978413e9311102941f7f6d3fad17aa01792b14abd2228e513f26d
74710549120008d63ac49f5467cca6dcbedf4d06367fd46aa2afa304394ae325
7b00a403ad9dea561bf177af1d30ad6200e7273044bdb436ec4baa4eb3ec08c2
7b68ffea3f0a34e38bfff20ec1aa638a463241f98be73d25affdc5903a845759
897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710
8b5c461b162aa5ade65e20e4de5b95af953f226a0647d206b5ead3ddd0d46776
90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f
9157777153a30c788f63aa232693b1544cf007a40c07ec16bd396d1b359ffd4a
959dc3e09f570d86198a8719d412dffe967df1e4b0bde5cd058da2fcb1ec144d
a109ebaf631b0158fe177dd776051b61c7e7f0cf6d5c547cf9801debb339b2e1
a45dca3e9d0c3d49528e7fe94ee0b471ba2ad97bee0b3f393ba22e46e80ed5d0
a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49
a6ef562428798dd8ddfd85ccfd5a79ca7b5c088aec9ed0357b6fdd72435d66f5
ae9baaa2d7646be2970d4597b98c7ea70aa26be54c84adc1c2e972228477f9b9
b814ff04a64e51ee8711569095a473bc83ceaf36fd16208dcf8523c678d2ccbc
c547ddf55c2a34c8431007c859dd455e1a9cca474e3dceb8d8afb97a673273bc
c891ca7084ef754bed6ce8fec143c1ecebfa51a64652e053707322dc0252f5f0
cc42efe7ef632e86ec83fcdc6309dddbd8078bf10f10f4af186fa901242e4d5e
ce879dfaaa3f2585c8924844561fa5f286bee750ea260f5e867cca53747613b1
d20617651ca3f9277c612399addcedcf0392840642af4e031443a5c2dee4ec5a
d2c23d7afb36ccd93bfa7743b993dae09eb20572a268542b9fb980cde776e62d
d87d86bea2ea6631cb56f624570dce11d6be78bbc94acbc4b78c9fbe8497873d
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762
f10db360fc698014e33075be53230e53366fc31053e0d36ed94fa4953ea55888
f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
f838aff91193ccc738d27beb8e135871dcc19a04871d325b0dfa4a883a2c5b90
f9d855527c5196dd1c9701e8ac62a013a3998b960659ae46201480ad0e698a18

grif14.freehat.cc Open in urlscan Pro 2606:4700:3038::6815:ea93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

63 %HTTPS

29 %IPv6

64 Domains

73 Subdomains

53 IPs

10 Countries

2376 kBTransfer

3836 kBSize

166 Cookies

8 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

grif14.freehat.cc Open in urlscan Pro
2606:4700:3038::6815:ea93 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

63 %
HTTPS

29 %
IPv6

64
Domains

73
Subdomains

53
IPs

10
Countries

2376 kB
Transfer

3836 kB
Size

166
Cookies

106 HTTP transactions
0 data transactions