urlscan.io logo urlscan.io
SecurityTrails logo

other.landerhd.com Open in urlscan Pro
188.240.52.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Effective URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 21 domains to perform 73 HTTP transactions. The main IP is 188.240.52.20, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is other.landerhd.com.
TLS certificate: Issued by R3 on June 8th 2023. Valid for: 3 months.
This is the only time other.landerhd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    2606:4700:3034::6815:1bab (United States)

ASN13335 (CLOUDFLARENET, US)
otodiva.com
2    91.238.104.193 (Ukraine)

ASN50321 (BYTES-AS, UA)
click.clickandanalytics.com
cdn.clickandanalytics.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    194.135.30.210 (Madrid, Spain)

ASN50321 (BYTES-AS, UA)
statistic.scriptsplatform.com
get.clickandanalytics.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    185.56.234.205 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
qzgxqt.com
2    2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
azkcqs.com
2    2a02:b4a:1:7::9273:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ecrwqu.com
1    18.195.149.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
dratingmaject.com
16    188.240.52.20 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 188-240-52-20.colo.transip.net
bf233.trknovi.com
other.landerhd.com
novidash.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2620:100:6022:18::a27d:4212 (United States)

ASN19679 (DROPBOX, US)
www.dropbox.com
2    2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)
www.spotify.com
accounts.spotify.com
1    34.205.67.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-67-164.compute-1.amazonaws.com
botd.fpapi.io
Apex Domain
Subdomains		 Transfer
25 otodiva.com
otodiva.com
495 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2556
www.google.com — Cisco Umbrella Rank: 10
accounts.google.com — Cisco Umbrella Rank: 67
4 KB
7 novidash.com
novidash.com
14 KB
5 landerhd.com
other.landerhd.com
39 KB
4 trknovi.com
bf233.trknovi.com
14 KB
4 qzgxqt.com
qzgxqt.com — Cisco Umbrella Rank: 723061
100 KB
3 clickandanalytics.com
click.clickandanalytics.com
cdn.clickandanalytics.com
get.clickandanalytics.com — Cisco Umbrella Rank: 711952 Failed
5 KB
2 spotify.com
www.spotify.com — Cisco Umbrella Rank: 1469
accounts.spotify.com — Cisco Umbrella Rank: 8951
944 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
19 KB
2 ecrwqu.com
ecrwqu.com — Cisco Umbrella Rank: 159798
580 B
2 azkcqs.com
azkcqs.com — Cisco Umbrella Rank: 20786
201 B
2 google.de
www.google.de — Cisco Umbrella Rank: 4752
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
402 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
141 KB
1 fpapi.io
botd.fpapi.io — Cisco Umbrella Rank: 406679
681 B
1 dropbox.com
www.dropbox.com — Cisco Umbrella Rank: 2734
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 dratingmaject.com
dratingmaject.com
699 B
1 scriptsplatform.com
statistic.scriptsplatform.com — Cisco Umbrella Rank: 608751
2 KB
0 themedemos.net Failed
themedemos.net Failed
73 21
Domain Requested by
25 otodiva.com 1 redirects otodiva.com
7 novidash.com otodiva.com
6 accounts.google.com 4 redirects other.landerhd.com
5 other.landerhd.com bf233.trknovi.com
other.landerhd.com
4 bf233.trknovi.com 1 redirects qzgxqt.com
bf233.trknovi.com
4 qzgxqt.com qzgxqt.com
2 cdn.jsdelivr.net other.landerhd.com
2 ecrwqu.com 1 redirects qzgxqt.com
2 azkcqs.com qzgxqt.com
2 www.google.de otodiva.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com otodiva.com
www.googletagmanager.com
1 botd.fpapi.io cdn.jsdelivr.net
1 accounts.spotify.com other.landerhd.com
1 www.spotify.com 1 redirects
1 www.dropbox.com other.landerhd.com
1 www.facebook.com other.landerhd.com
1 dratingmaject.com 1 redirects
1 www.google.com
1 get.clickandanalytics.com statistic.scriptsplatform.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.clickandanalytics.com otodiva.com
1 statistic.scriptsplatform.com click.clickandanalytics.com
1 click.clickandanalytics.com otodiva.com
0 themedemos.net Failed otodiva.com
73 26

This site contains links to these domains. Also see Links.

Domain
novidash.com
trknovi.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-13 -
2024-02-13		 a year crt.sh
click.clickandanalytics.com
R3		 2023-05-21 -
2023-08-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
statistic.scriptsplatform.com
R3		 2023-05-15 -
2023-08-13		 3 months crt.sh
cdn.clickandanalytics.com
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
get.clickandanalytics.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
qzgxqt.com
R3		 2023-06-16 -
2023-09-14		 3 months crt.sh
azkcqs.com
R3		 2023-04-27 -
2023-07-26		 3 months crt.sh
ecrwqu.com
R3		 2023-05-16 -
2023-08-14		 3 months crt.sh
*.landerhd.com
R3		 2023-06-08 -
2023-09-06		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.dropbox.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-14 -
2023-11-14		 a year crt.sh
cdn.novidash.com
R3		 2023-05-30 -
2023-08-28		 3 months crt.sh
botd.fpapi.io
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Frame ID: 3AB6209A5EA84D59C4ACCD1E78CD6530
Requests: 73 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ihre AVIRA AntiVirus Lizenz ist abgelaufen!

Page URL History Show full URLs

  1. http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
    https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card Page URL
  2. https://get.clickandanalytics.com/f8c5xq Page URL
  3. https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6M... Page URL
  4. https://ecrwqu.com/cuclc?aid=5455758162445093011&t=1687865618&s=981851 HTTP 302
    https://dratingmaject.com/27aadbeb-e4e9-48b2-9a57-e5c8913d9542?source_id=a456285&campaign_id=981851&co... HTTP 302
    https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRl... Page URL
  5. https://bf233.trknovi.com/smartlink?mongo_id=649ac912c2eaa2512b3be00e&mongo_grouped_id=649ac1413382eb1... HTTP 302
    https://other.landerhd.com/649ac912c2eaa2512b3be00e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

73
Requests

89 %
HTTPS

70 %
IPv6

21
Domains

26
Subdomains

20
IPs

6
Countries

849 kB
Transfer

1491 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
    https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card Page URL
  2. https://get.clickandanalytics.com/f8c5xq Page URL
  3. https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat Page URL
  4. https://ecrwqu.com/cuclc?aid=5455758162445093011&t=1687865618&s=981851 HTTP 302
    https://dratingmaject.com/27aadbeb-e4e9-48b2-9a57-e5c8913d9542?source_id=a456285&campaign_id=981851&country=DE&browser=Chrome&zone_id=a456285&creative_id={CREATIVE_ID}&format=pops&os=Windows&language=de&cost=0.0007&click_id=a2_5455758162445093011_456285_2_0 HTTP 302
    https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359 Page URL
  5. https://bf233.trknovi.com/smartlink?mongo_id=649ac912c2eaa2512b3be00e&mongo_grouped_id=649ac1413382eb141f036664&redirect_url=https%3A%2F%2Fother.landerhd.com%2F649ac912c2eaa2512b3be00e&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjEsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MywibWltZVR5cGVzIjo0LCJzY3JlZW5XaWR0aCI6MTYwMCwic2NyZWVuSGVpZ2h0IjoxMjAwLCJvdXRlcldpZHRoIjoxNjAwLCJvdXRlckhlaWdodCI6MTIwMCwidnciOjE2MDAsInZoIjoxMjAwLCJjb2xvckRlcHRoIjoyNCwiZGV2aWNlTWVtb3J5Ijo4LCJoYXJkd2FyZUNvbmN1cnJlbmN5Ijo0LCJzdGFuZGFsb25lIjowLCJ0aW1lem9uZSI6IkV0Yy9Vbmtub3duIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiV2luMzIiLCJ0b3VjaCI6MCwiaWZyYW1lIjowLCJldmFsIjozMywidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJ3ZWJHTFZlbmRvciI6IkludGVsIEluYy4iLCJ3ZWJHTFJlbmRlcmVyIjoiSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIiwicmVmbWF0Y2giOjAsIm92ZXJmbG93IjowLCJvdmVycmlkZSI6MCwiZHVyYXRpb24iOjQ0fQ==&js=1 HTTP 302
    https://other.landerhd.com/649ac912c2eaa2512b3be00e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
  • https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Request Chain 50
  • https://ecrwqu.com/cuclc?aid=5455758162445093011&t=1687865618&s=981851 HTTP 302
  • https://dratingmaject.com/27aadbeb-e4e9-48b2-9a57-e5c8913d9542?source_id=a456285&campaign_id=981851&country=DE&browser=Chrome&zone_id=a456285&creative_id={CREATIVE_ID}&format=pops&os=Windows&language=de&cost=0.0007&click_id=a2_5455758162445093011_456285_2_0 HTTP 302
  • https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
Request Chain 58
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHqAS4acBEjDQfvjftc5Hgnel48mU9_LU5psL-f9LNvKzwflMNvLVDMVNinnZ5RKKh9__zX HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-368310386%3A1687865619132971&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqtzfk2y0cF3RBjyWGxKzJPcOCgjhluIey-Eg-3LmxH5F3t4mOScvcvHL-k6Cbqr6y9yj&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 59
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGaQsGa_HVnLUoXH3TSTvqDge8vWjrGbJOGak6D75gKX5UQM6ID3O4SctrxLfa1m1VgdZQ9 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-83163301%3A1687865619147008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEd6wSUy7SlUWkwrT1irZYDaH3DyVaLpMOgjx01c6vlTnFLwffFevndnGLEPyBdcJ3WQhff&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 61
  • https://www.spotify.com/de/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico HTTP 302
  • https://accounts.spotify.com/login?continue=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico&_locale=de-DE

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
viewtopic.php
otodiva.com/ip4xl/
Redirect Chain
  • http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
  • https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
79 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a81e5847a503338595d25715de80a0687767083701f797483edabd834b09b8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7ddd6040ba0290e8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 Jun 2023 11:33:37 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://otodiva.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhgI0HbS4RMtfJiBk8Ih6yfcb44QDktczB05ldxLN%2BtBYnpoL1oauI9Py35NdrAuSae%2FKkxQFSDYPku3GBe%2FKnVw1HO6PZUb0P%2FcfhfBxwZSyCZgkzpy1hvOB2ItD1UwgC8GWcwPHKZ%2BVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7ddd603d4c90bb7d-FRA
Connection
keep-alive
Content-Type
text/html
Date
Tue, 27 Jun 2023 11:33:35 GMT
Location
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoYBf1tHGMChlEsgdLi8M7M8bE84H%2BVfuyjKk0xUNq1hECXYfg4DlUM%2BGLzdQ%2FzDWAznK0LuKvi88qeENFWPuxJsfTUCCiodkZhzkfdUkwEKlJVMXCsWf3iAvrDdhkNAYp8rtjPst8haCw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
take
click.clickandanalytics.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.clickandanalytics.com/take
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.238.104.193 , Ukraine, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
d971ad919ca1b24b8d3d4a06eca8ffb097381f37e675d38d8c6e102f3d2c8418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jun 2023 11:33:37 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1798
Expires
0
style.min.css
otodiva.com/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80037
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 07 Apr 2023 16:14:17 GMT
server
cloudflare
etag
W/"64304159-17ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFgHvz9eimRsc95JKqbTF0WdGtKztzKLb0x3PL83u6hjuPHDbmPTEoncdZSo9AE%2BO9HD1LUFqQkNyNutN3qHOZK6Lh%2BEM9o7%2B%2Begbb4%2FP2bmhvenwlo9WRTTOQTQUJLXXiR5mdCW%2Bhou%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604abb9890e8-FRA
expires
Thu, 20 Jun 2024 13:19:39 GMT
style-blocks.css
otodiva.com/wp-content/plugins/magazine-blocks/dist/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/plugins/magazine-blocks/dist/style-blocks.css?ver=1.1.9.1
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743c6c8f358ac6c4030b6bcbbd780524d49fdc959aab0e71e724f3de54cbc941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80038
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:40:59 GMT
server
cloudflare
etag
W/"645e17bb-5ee0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5a6g5VQR%2FM37FU0EtTYpse2DMohTK8R3yfMOABqyEheuO6EAmcNUQltCGO7urHQWP1luZ89cXuZCD5ZVIJI62FnvnCGvBrJm8tz%2Fz7sNDFr0bQa5WkMTuI%2BYdoBktwf9MRmn6fhmPrfcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604abb9a90e8-FRA
expires
Thu, 20 Jun 2024 13:19:39 GMT
classic-themes.min.css
otodiva.com/wp-includes/css/ 		291 B
481 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80038
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 07 Apr 2023 16:14:17 GMT
server
cloudflare
etag
W/"64304159-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMbryBh01H1O5vmoaMZOY6F%2FwLwxs9HMlZ7LRAMPNVB8KGazYPjofek5BRrYUK1QOgRZmwtovec8yi49ZP04ZB6nnjHqjosItb%2FICNy%2Bz2QY0sbTkheqFmdS38DM4scjAZ8lnEZsDQJgSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604abb9b90e8-FRA
expires
Thu, 20 Jun 2024 13:19:39 GMT
style.css
otodiva.com/wp-content/themes/magazinex/ 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7467ed74200638b2f3a06325b10ad6e8036ce69f0befaf41a553b28233070f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80037
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-1214e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtrhWgy8sOfVzDe5ZSC89oH4lXcBDUu6lX6gZgPpEL2YhkyOlDYbNAILY3NVPHZu7yMgkvbgKdDvbN%2B8qDpAJIAzxplPOLFp6xiQuC6rZm%2BDbMqkyUUB9C0k5PTUUMe5cA8iC7AxrjM7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604abb9c90e8-FRA
expires
Thu, 20 Jun 2024 13:19:39 GMT
jquery.min.js
otodiva.com/wp-includes/js/jquery/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba4e253c0fae286682825abf3745e13fe7db1904e2bbb6fc04bc8f4d42ccc80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80037
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 16 Jun 2023 20:02:21 GMT
server
cloudflare
etag
W/"648cbfcd-164d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAsYVsug0dVF3LqbmTDslG5%2B9O4itH86%2BSMs5BJc%2B56Nfavyy9sRiuBeMpVAFKCnPKdHdkngdAnAHWkZSUG8kU2wIWgAhr3SWX3HbNM4eKAYpH7GI3u7albNvuKrIr%2FeoBYeYmwECalBkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604abb9d90e8-FRA
expires
Thu, 20 Jun 2024 13:19:39 GMT
jquery-migrate.min.js
otodiva.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80038
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 07 Apr 2023 16:14:17 GMT
server
cloudflare
etag
W/"64304159-3470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z74cpcJFQfT86OJqAz%2BbUgiXU1f42KkY%2BuOxfoM4L7WJxKci77L95SfGQ1oRUnODGTl1CWCUYyXdlAguIUPWCWKU18LTq3mFNbm8GP8yYb1Xf%2BgMXmhbFObCgJN1k5BtYseqxLjgY6WbUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604abba090e8-FRA
expires
Thu, 20 Jun 2024 13:19:39 GMT
js
www.googletagmanager.com/gtag/ 		175 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109987058-3
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc75754fe863efff7aeb1da0f1aa6475303a98a2d99c10a18808875bf23286a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65206
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Jun 2023 11:33:37 GMT
magazinex-728x90-1.png
themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/ 		0
0
magazinex_footer_logo.png
themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/ 		0
0
viral-emak-emak-masukkan-motor-ke-igd-rumah-sakit-1_11-150x150.jpeg
otodiva.com/wp-content/uploads/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://otodiva.com/wp-content/uploads/2021/08/viral-emak-emak-masukkan-motor-ke-igd-rumah-sakit-1_11-150x150.jpeg
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34df67ff52e988aa49ee28baf9a087f404427c1395f8bc85447b6d1d60e6f922
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
alt-svc
h3=":443"; ma=86400
content-length
6342
x-xss-protection
1; mode=block
last-modified
Thu, 17 Feb 2022 09:33:24 GMT
server
cloudflare
etag
"620e1664-18c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbUPv0zujETWw4Hy2cb9nb6VwnDBbCNISIsf2ICbWuGkztmrfHqIeP38uC9ZSMtsVGGx0cM8ILFBJvRLTNAlkDPfUo91PGgE8ZFf2Br1XBoNNqrrtxQm4IdctHjbJ8GX0zpznU1dgcfW0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
7ddd604e5b9192b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
old-1283201_1280.jpg
otodiva.com/wp-content/uploads/2019/12/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://otodiva.com/wp-content/uploads/2019/12/old-1283201_1280.jpg
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c863cdd62f08d0ce87a9b38e66a98ad4335b7f980b3f61e22b9e1958285a5431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
alt-svc
h3=":443"; ma=86400
content-length
60764
x-xss-protection
1; mode=block
last-modified
Thu, 17 Feb 2022 09:33:25 GMT
server
cloudflare
etag
"620e1665-ed5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcY7HtSYlrlD24MSTLzhJOqHiuuyuMtuEbLa%2Ftr5HZQgE9fLY3UmYzjLsMSuR%2FK%2BZu1MJuesTEey9F0%2BzQ56RedGHOh1Rwzj0xxCL5BEQwQ4pj%2F%2BKBj3ResclKBTsnTE77RV7JVYgypJjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
7ddd604e5b9292b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
petrol-996617_1280.jpg
otodiva.com/wp-content/uploads/2019/12/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://otodiva.com/wp-content/uploads/2019/12/petrol-996617_1280.jpg
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed56f55a3172715bbbf8763b0750fd37b8de0596526a1fc347c540d99f8835ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
alt-svc
h3=":443"; ma=86400
content-length
34890
x-xss-protection
1; mode=block
last-modified
Thu, 17 Feb 2022 09:33:25 GMT
server
cloudflare
etag
"620e1665-884a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rSCuJBlLEf%2BqWVOU2tR7aGloGNH1l8ZLq7QLVNDKJQIumH%2BgCZlcLu9HL%2Ffe9EWQj%2Ff8XXaMv8cNSmufmt5dF8a5VEbxBPXCnTeMkcOUXfLkFsbhEtsGezymLUg%2BOozjln5WOR2BHjakQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
7ddd604e5b9392b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
wp-polyfill-inert.min.js
otodiva.com/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 07 Apr 2023 16:14:17 GMT
server
cloudflare
etag
W/"64304159-1feb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0VUj39dJ2szsLczDxcguupgkKY%2BD59sOS62hpcp2bA4AbZZcPuNEqGjOqbSEo34VIAamUgRJkHJh3mGOs90vFvJE4sdHbV2N7x6MznN5A%2FV1Vy2q7BoC9O%2Bib08m5VrgxOAxrGhyg4Bkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604ae86092b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
regenerator-runtime.min.js
otodiva.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 07 Apr 2023 16:14:17 GMT
server
cloudflare
etag
W/"64304159-19cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cr8e6%2FQV88Jejlie3lkDlT1aOyaBK%2Fllxz1ef0hv9HJIory%2BOOFisx0jHFIO8XZRsarhyrukYt%2BSm3TVS68fGWvp6lXcB3dOSUhitrgsaBWJnVB5540C0NpByc9pbNQpBdhi7yVNL%2FPXtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604b087792b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
wp-polyfill.min.js
otodiva.com/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 25 Feb 2023 10:03:01 GMT
server
cloudflare
etag
W/"63f9dcd5-459f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9DcoFxeFHAwmrpV9%2BAIqgW8KSjueZ4RYT22v8fan%2FBfWmMaje%2BHXANHNUPIzP55IXrrfZmiIiF2%2BQRPLA8v0Xl2s58BRwqCOvvmRTtRx0hZcmJP5WSHa7WDCzaI%2FiEDt54s5iF%2F1o1VLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604b289692b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
dom-ready.min.js
otodiva.com/wp-includes/js/dist/ 		498 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 13 Feb 2023 14:24:32 GMT
server
cloudflare
etag
W/"63ea4820-1f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d34n74Oa2GKuops89Ael0mAjfZnAN7n4eLDhrkXdUNX1vHZePzmzfd1bfIV0mj5oJjJ39Bjel7Pg3QirhHYURPe67RUoxEPjGfVkL6auPdziHwhVQREC6%2FU%2FH5xA3WprvBY23bBh99Z47w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604b48cc92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
frontend.js
otodiva.com/wp-content/plugins/magazine-blocks/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/plugins/magazine-blocks/dist/frontend.js?ver=1.1.9.1
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2feb4868c08bb3b1799ceb7128da7093570e639bbe188d4bd220abd6f73e528c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:40:59 GMT
server
cloudflare
etag
W/"645e17bb-1698"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs8EjLyJSSeMT56Gj7MTj2c5miJ3wIXoMZxMWeIv90RtSpTfzKsqIXdVtlAkX9ztByhr8281H5lfsjEGoBemJjkTI3LbKyWHUj1%2BfMANHja6he8wwd2IXq7ogzBvwBDjT6ikhXvuUzS2aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604b68f792b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
customSlider.js
otodiva.com/wp-content/plugins/magazine-blocks/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/plugins/magazine-blocks/assets/js/customSlider.js?ver=1.1.9.1
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e9f6c65bc1411adba62bd631bbe6f7f1b4d9c1c93c374efafef01fab3bd7008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:40:59 GMT
server
cloudflare
etag
W/"645e17bb-1256"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJLmE4HCY3ahea9bCu1G6g6fXKQ9M5rLVkNTZynqKl9WibfS1q6LfAWZyD8cVPUsA%2B555iK9FtUDa3G4XARHKZEhM3wRBuGCrUSKSJwkpQX6i%2BI%2FtA8Yo2abnXORTMpG02XU6rECZls3VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604b890d92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
mzb.js
otodiva.com/wp-content/plugins/magazine-blocks/assets/js/ 		211 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/plugins/magazine-blocks/assets/js/mzb.js?ver=1.1.9.1
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa5b25dce66e81fa4ea2a4e0c24f730ed6aa49848e1502f2591fa83accc42a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:40:59 GMT
server
cloudflare
etag
W/"645e17bb-d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hl1r1DF5k1EOVtGVwAfYobfsrTVoXDlL6pmqQDAhf3TdgaEV6eMfCZdatFFs44cHL6vWRzrMv6WfIaoQhYfU9HOZfOPLdRZlTYVAmvhm%2FP8lejYsUHcNGDNEelOFLuuWC35fhxKVsWo9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604b992c92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
navigation.min.js
otodiva.com/wp-content/themes/magazinex/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/assets/js/navigation.min.js?ver=1.0.5
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb06b695309d85b738ba623fd53a7ddb21ba298ea8e85115cddfb20d8acc1c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-175b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW6L5rbyBp%2BHxLmpBHlni3dTEpO5%2BT9TegvKbnG2uGXSCsILpMt8DwqvS8i2qPP4%2FBrCs%2B2DdzGCZFnudXs1gQAaUDQcAYNSSAVf5bbN4MSsq3AnWbX4irEP9L46pJGOPSTcl7L8VapMvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604bb93692b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
magazinex.min.js
otodiva.com/wp-content/themes/magazinex/assets/js/ 		1 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/assets/js/magazinex.min.js?ver=1.0.5
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6ca10ddb773f73aeb2c8025606da76b461da9955a01027b682ff86ac3638bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-4b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nQKzNtmnc1RNkigtY1jQio9Wx%2BM2MltwwwHYMRQpwo%2BTqQR%2FWZt%2BW25T5CYcKUc3jg6NQb1dJa9dvUqsbjr0nu2tUQNqRORZRKCswwyeLHF3gia4XvmjGVDKbuEf0m%2FPbG%2B%2B7WCzwBM4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604bd94d92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
jquery.fitvids.min.js
otodiva.com/wp-content/themes/magazinex/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/assets/js/jquery.fitvids.min.js?ver=1.0.5
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e2417c72caf36dafcec1ed424e193196499b7631d115c8d9be8413012122b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-6da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktvjNy1Qb80m3d8xo6Erbqnn4BtLPUp4sTrKX8l0BbtPz89W5RcTpsjIg%2F05DjhYPqMwoqcac42DNm2w09gX%2FHTLrPcnAmJLkdu7zmnPRxH31vDMXdEzl1bQzB18YMWKqRNn0diItEyd5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604bf96692b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
collect
statistic.scriptsplatform.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statistic.scriptsplatform.com/collect
Requested by
Host: click.clickandanalytics.com
URL: https://click.clickandanalytics.com/take
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.135.30.210 Madrid, Spain, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jun 2023 11:33:37 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1229
Expires
0
track
cdn.clickandanalytics.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clickandanalytics.com/track
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.238.104.193 , Ukraine, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jun 2023 11:33:37 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1283
Expires
0
wp-emoji-release.min.js
otodiva.com/wp-includes/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf682317a419b3aad4d721dc064969fc60e1bc0457cc78ba146a0566797f17d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 17 Jun 2023 09:54:02 GMT
server
cloudflare
etag
W/"648d82ba-4f00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI4twSwlmX9fVLHk7vMV3qhCjhF%2F8RgU8kD9JKxpiS6N1DBPYPRsUHtGaxdj8HtGr2bJB6RpwIGY2RXHphnyNekgQvC2mO3wRHEsCYsbSei4EW8y%2BDy4HDu79eSVu2Ih3g4XhtWYUFip%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604e5b9492b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47ba1df252a79655749198b324b69789ce3fff7ab942675876e81436d6fedfdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78152
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Jun 2023 11:33:37 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Jun 2023 10:35:22 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3495
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 27 Jun 2023 12:35:22 GMT
trees.png
themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/ 		0
0
Roboto-Regular.woff
otodiva.com/wp-content/themes/magazinex/assets/fonts/ 		92 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/assets/fonts/Roboto-Regular.woff
Requested by
Host: otodiva.com
URL: https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83580cc1b596024d18a17560d063b51c9def4ea867b76d116e97318d8999d166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Origin
https://otodiva.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-1700c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdPu1ohv6sdVXKym86EUEPSpHvanufiGDWAuoyr9T7asLIlLBLm2HiVOHvyGVs9I6Kpj%2FnyD27MCeu1jFruqqtPNPwms9id3CpEZCEFpU2aOur%2FYlc2d90jOJvCNHRe4cPDiC3agUb6X2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604e8bca92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
Roboto-Bold.woff
otodiva.com/wp-content/themes/magazinex/assets/fonts/ 		92 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/assets/fonts/Roboto-Bold.woff
Requested by
Host: otodiva.com
URL: https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8ec6f5faec93f7b783317bf2adb5c56e2c0d00ca7003dd07edcaf86f719602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Origin
https://otodiva.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-1710c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ui1LXbjA%2FXLW2GArL2ed0ec%2FZ9gojDhqqOrgIxWWsARtjd4E3YjdT27y%2F5eRFpycfc%2BErh263FGF7hMH%2FQO2Zd6P6H88VQ5DYpNoBiN65mFFe2bX4WbhgS%2FqCuohZotEDdo0Eo%2BB4LycAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604e8bcb92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
Roboto-Medium.woff
otodiva.com/wp-content/themes/magazinex/assets/fonts/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://otodiva.com/wp-content/themes/magazinex/assets/fonts/Roboto-Medium.woff
Requested by
Host: otodiva.com
URL: https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a6610b1ace14a1a128da9f7dd1d77bbfaaace7e99fa98e42a26a618d0106ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://otodiva.com/wp-content/themes/magazinex/style.css?ver=1.0.5
Origin
https://otodiva.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86410
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 12 May 2023 10:19:53 GMT
server
cloudflare
etag
W/"645e12c9-17250"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NISj7YKcVNjz3EuE9%2F3p4F%2F9GKnWNEHIb2NV%2FvS2due0FYBLKYnfQpUJvzzTg6IOYYfZ82xFpPHJEI385aPpsfPkYfC0p80yRKI2KUm7H87135xLx68AoVqrv600EnPfDiMImehVz4EYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
7ddd604e8bcd92b1-FRA
expires
Thu, 20 Jun 2024 11:33:26 GMT
magazinex-ret-logo.png
themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/ 		0
0
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LY8D8YR8N2&gtm=45je36q0&_p=329941959&_gaz=1&cid=1552603083.1687865618&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1687865617&sct=1&seg=0&dl=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&dt=Page%20Not%20Found%20-%20MagazineX&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://otodiva.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LY8D8YR8N2&cid=1552603083.1687865618&gtm=45je36q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://otodiva.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LY8D8YR8N2&cid=1552603083.1687865618&gtm=45je36q0&aip=1&z=1347184190
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=329941959&t=pageview&_s=1&dl=https%3A%2F%2Fotodiva.com%2Fip4xl%2Fviewtopic.php%3Fpage%3Dcomerica-bank-credit-card&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20MagazineX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=432489960&gjid=84892739&cid=1552603083.1687865618&tid=UA-109987058-3&_gid=1029580407.1687865618&_r=1&gtm=457e36q0&jsscut=1&z=1182200737
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://otodiva.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://otodiva.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109987058-3&cid=1552603083.1687865618&jid=432489960&gjid=84892739&_gid=1029580407.1687865618&_u=YCDACUAABAAAACAAI~&z=514322693
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://otodiva.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 27 Jun 2023 11:33:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://otodiva.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
f8c5xq
get.clickandanalytics.com/ 		0
0
f8c5xq
get.clickandanalytics.com/ 		290 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.clickandanalytics.com/f8c5xq
Requested by
Host: statistic.scriptsplatform.com
URL: https://statistic.scriptsplatform.com/collect
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.135.30.210 Madrid, Spain, ASN50321 (BYTES-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://otodiva.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
290
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Jun 2023 11:33:38 GMT
Expires
0
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109987058-3&cid=1552603083.1687865618&jid=432489960&_u=YCDACUAABAAAACAAI~&z=733202784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109987058-3&cid=1552603083.1687865618&jid=432489960&_u=YCDACUAABAAAACAAI~&z=733202784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://otodiva.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bot-captcha
qzgxqt.com/ 		25 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
d1b1cee2bc9793fc49a002937e292f05ef6b961bd801154371178865a971adeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Jun 2023 11:33:38 GMT
server
nginx/1.21.1
vary
Accept-Encoding
x-zone
eu4
img2.png
qzgxqt.com/images/bot-captcha/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qzgxqt.com/images/bot-captcha/img2.png
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
last-modified
Mon, 15 May 2023 07:42:12 GMT
server
nginx/1.21.1
etag
"6461e254-1a99"
content-type
image/png
accept-ranges
bytes
x-zone
eu3
content-length
6809
img3.png
qzgxqt.com/images/bot-captcha/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qzgxqt.com/images/bot-captcha/img3.png
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
last-modified
Mon, 15 May 2023 07:42:12 GMT
server
nginx/1.21.1
etag
"6461e254-3038"
content-type
image/png
accept-ranges
bytes
x-zone
eu4
content-length
12344
img1.png
qzgxqt.com/images/bot-captcha/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qzgxqt.com/images/bot-captcha/img1.png
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
last-modified
Mon, 15 May 2023 07:42:12 GMT
server
nginx/1.21.1
etag
"6461e254-10f6e"
content-type
image/png
accept-ranges
bytes
x-zone
eu
content-length
69486
rpe
azkcqs.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1222634&wd=456285&d=qzgxqt.com&tpl=7&rnd=0.9627121502937712&sbid=steaven&sbid2=tranybat
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qzgxqt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Jun 2023 11:33:38 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
rpe
azkcqs.com/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://azkcqs.com/rpe?a=1&s=1&act=12&src=2&p=1054030&st=1222634&wd=456285&d=qzgxqt.com&tpl=7&rnd=0.3810387617109341&sbid=steaven&sbid2=tranybat
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qzgxqt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Jun 2023 11:33:38 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
phtbload
ecrwqu.com/ 		149 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODV9
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qzgxqt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Jun 2023 11:33:38 GMT
content-encoding
gzip
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
smartlink
bf233.trknovi.com/
Redirect Chain
  • https://ecrwqu.com/cuclc?aid=5455758162445093011&t=1687865618&s=981851
  • https://dratingmaject.com/27aadbeb-e4e9-48b2-9a57-e5c8913d9542?source_id=a456285&campaign_id=981851&country=DE&browser=Chrome&zone_id=a456285&creative_id={CREATIVE_ID}&format=pops&os=Windows&langua...
  • https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
Requested by
Host: qzgxqt.com
URL: https://qzgxqt.com/bot-captcha?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
1185e062ddacafd04d35e20d7f4492457b9acd9bd381e1d76d632b22398e70d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qzgxqt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Jun 2023 11:33:38 GMT
expires
-1
pragma
no-cache
server
nginx/1.19.10
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 27 Jun 2023 11:33:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
pragma
no-cache
server
nginx
649ac912c2eaa2512b3be00e
bf233.trknovi.com/smartlink-css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bf233.trknovi.com/smartlink-css/649ac912c2eaa2512b3be00e
Requested by
Host: bf233.trknovi.com
URL: https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
9b3af398b381f6d8468dd65166755d065b136fe48d13d9020488a5d5323e1ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
649ac912c2eaa2512b3be00e
bf233.trknovi.com/smartlink-css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bf233.trknovi.com/smartlink-css/649ac912c2eaa2512b3be00e?fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjEsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MywibWltZVR5cGVzIjo0LCJzY3JlZW5XaWR0aCI6MTYwMCwic2NyZWVuSGVpZ2h0IjoxMjAwLCJvdXRlcldpZHRoIjoxNjAwLCJvdXRlckhlaWdodCI6MTIwMCwidnciOjE2MDAsInZoIjoxMjAwLCJjb2xvckRlcHRoIjoyNCwiZGV2aWNlTWVtb3J5Ijo4LCJoYXJkd2FyZUNvbmN1cnJlbmN5Ijo0LCJzdGFuZGFsb25lIjowLCJ0aW1lem9uZSI6IkV0Yy9Vbmtub3duIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiV2luMzIiLCJ0b3VjaCI6MCwiaWZyYW1lIjowLCJldmFsIjozMywidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJ3ZWJHTFZlbmRvciI6IkludGVsIEluYy4iLCJ3ZWJHTFJlbmRlcmVyIjoiSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIiwicmVmbWF0Y2giOjAsIm92ZXJmbG93IjowLCJvdmVycmlkZSI6MCwiZHVyYXRpb24iOjQ0fQ==
Requested by
Host: bf233.trknovi.com
URL: https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
Primary Request 649ac912c2eaa2512b3be00e
other.landerhd.com/
Redirect Chain
  • https://bf233.trknovi.com/smartlink?mongo_id=649ac912c2eaa2512b3be00e&mongo_grouped_id=649ac1413382eb141f036664&redirect_url=https%3A%2F%2Fother.landerhd.com%2F649ac912c2eaa2512b3be00e&fingerprint=...
  • https://other.landerhd.com/649ac912c2eaa2512b3be00e
10 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://other.landerhd.com/649ac912c2eaa2512b3be00e
Requested by
Host: bf233.trknovi.com
URL: https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
ee9f3fc5bbca9a24aaab5614f2fce4ac8baaa336c23876078ec7563d207c91e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bf233.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5NTg5OSIsImxhbmRlcl9pZCI6IjE0OSJ9&click_id=w2e89oeu975jk3opih6atd4a&subid=b13604bb-9538-4e88-8c89-8e45cc966359
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Jun 2023 11:33:38 GMT
expires
-1
pragma
no-cache
server
nginx/1.19.10
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 27 Jun 2023 11:33:38 GMT
expires
-1
location
https://other.landerhd.com/649ac912c2eaa2512b3be00e
pragma
no-cache
server
nginx/1.19.10
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
00013.png
other.landerhd.com/landingpages/avira-expired/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://other.landerhd.com/landingpages/avira-expired/00013.png
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
e1c1197542245cad6f55ce91299dd16ebe69920245fa15dffff57591301c482f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/649ac912c2eaa2512b3be00e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 13:20:58 GMT
server
nginx/1.19.10
etag
"649990ba-1c0a"
content-type
image/png
accept-ranges
bytes
content-length
7178
x-xss-protection
1; mode=block
00012.png
other.landerhd.com/landingpages/avira-expired/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://other.landerhd.com/landingpages/avira-expired/00012.png
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
97cb949f76141490a12cd87226db38a62f9b8713980ffec83676f171d5be439b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/649ac912c2eaa2512b3be00e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 13:20:58 GMT
server
nginx/1.19.10
etag
"649990ba-33b1"
content-type
image/png
accept-ranges
bytes
content-length
13233
x-xss-protection
1; mode=block
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e378d479ee15f96c3c707798d8adea9971cd74e655282b154fb7d17aa5b62a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Jun 2023 11:33:38 GMT
x-content-type-options
nosniff
content-encoding
br
age
38590
x-jsd-version
3.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15279
x-served-by
cache-fra-eddf8230101-FRA
x-jsd-version-type
version
etag
W/"86c5-EnXMtFm9fS5nP9vqjLwXhc8iJOw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
botd.min.js
cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52e6c3e0c3c2d518f8bf787de1e40e557c21e3b072f29c854f6321053e2fbbf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Jun 2023 11:33:38 GMT
x-content-type-options
nosniff
content-encoding
br
age
37386
x-jsd-version
0.1.20
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3173
x-served-by
cache-fra-eddf8230101-FRA
x-jsd-version-type
version
etag
W/"2349-ZoOIlhfcFugXpJwXzjjzWO/fFjg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHqAS4acBEjDQfvjftc5Hgnel48mU9_LU5psL-f9LNvKzwflMNvLVDMVNi...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-368310386%3A1687865619132971&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqtzfk2y0cF3RBjyWGxKzJPcOCgjhluIey-Eg-3LmxH...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-368310386%3A1687865619132971&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqtzfk2y0cF3RBjyWGxKzJPcOCgjhluIey-Eg-3LmxH5F3t4mOScvcvHL-k6Cbqr6y9yj&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Jun 2023 11:33:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-G8tj9_90xCao31WawwT5Bg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-368310386%3A1687865619132971&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqtzfk2y0cF3RBjyWGxKzJPcOCgjhluIey-Eg-3LmxH5F3t4mOScvcvHL-k6Cbqr6y9yj&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGaQsGa_HVnLUoXH3TSTvqDge8vWjrGbJOGak6D75gKX5UQM6ID3O4...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-83163301%3A1687865619147008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEd6wSUy7SlUWkwrT1irZYDaH3DyVaLpMOgjx01c6vlTn...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-83163301%3A1687865619147008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEd6wSUy7SlUWkwrT1irZYDaH3DyVaLpMOgjx01c6vlTnFLwffFevndnGLEPyBdcJ3WQhff&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H3
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Jun 2023 11:33:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sYQ8Cpr9gthERMqgovXULQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
395
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-83163301%3A1687865619147008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEd6wSUy7SlUWkwrT1irZYDaH3DyVaLpMOgjx01c6vlTnFLwffFevndnGLEPyBdcJ3WQhff&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
login
www.dropbox.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dropbox.com/login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Ficons%2Ficon_spacer-vflN3BYt2.gif
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:100:6022:18::a27d:4212 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
login
accounts.spotify.com/
Redirect Chain
  • https://www.spotify.com/de/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
  • https://accounts.spotify.com/login?continue=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico&_locale=de-DE
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.spotify.com/login?continue=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico&_locale=de-DE
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

sp-trace-id
09e6cabdf45bb75f
date
Tue, 27 Jun 2023 11:33:39 GMT
content-security-policy
base-uri 'none'; connect-src https: wss:; form-action https:; frame-ancestors 'self' https://*.spotify.com https://*.spotify.net; object-src 'none'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
x-powered-by
Express
vary
Accept-Encoding
location
https://accounts.spotify.com/login?continue=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico&_locale=de-DE
x-envoy-upstream-service-time
24
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-join-the-band
https://www.spotify.com/jobs/
lg0034.png
other.landerhd.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://other.landerhd.com/img/lg0034.png
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/649ac912c2eaa2512b3be00e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
cache-control
no-cache, private
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
check009.gif
other.landerhd.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://other.landerhd.com/img/check009.gif
Requested by
Host: other.landerhd.com
URL: https://other.landerhd.com/649ac912c2eaa2512b3be00e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/649ac912c2eaa2512b3be00e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 11:33:38 GMT
cache-control
no-cache, private
content-encoding
gzip
strict-transport-security
max-age=31536000
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e?battery_charging=true&battery_chargingTime=0&battery_dischargingTime=Infinity&battery_level=1
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
9b3af398b381f6d8468dd65166755d065b136fe48d13d9020488a5d5323e1ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
detect
botd.fpapi.io/api/v1/ 		339 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://botd.fpapi.io/api/v1/detect?token=HtazsqGCe7nkVaIHchA&version=0.1.20
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.205.67.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-67-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
27e22e2443f8c12eea2affd7706ac9b248169c2e57cef374f2bffae93425bf09

Request headers

Referer
https://other.landerhd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Jun 2023 11:33:39 GMT
server
nginx
x-amzn-trace-id
Root=1-649ac913-524f5ce50b9e97ba71ff1200
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://other.landerhd.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
content-length
339
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e?fingerprintid=aaa4e5f9b6c4cc4895547765bb3d8a59
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
9b3af398b381f6d8468dd65166755d065b136fe48d13d9020488a5d5323e1ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://other.landerhd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		0
951 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://other.landerhd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e?sop=1&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e?sop=2&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e?sop=3&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1
649ac912c2eaa2512b3be00e
novidash.com/smartlink-css/ 		0
950 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://novidash.com/smartlink-css/649ac912c2eaa2512b3be00e?sop=4&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
Requested by
Host: otodiva.com
URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.240.52.20 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
188-240-52-20.colo.transip.net
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://other.landerhd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jun 2023 11:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx/1.19.10
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
x-xss-protection
1; mode=block
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
themedemos.net
URL
https://themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/magazinex-728x90-1.png
Domain
themedemos.net
URL
https://themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/magazinex_footer_logo.png
Domain
themedemos.net
URL
https://themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/trees.png
Domain
themedemos.net
URL
https://themedemos.net/magazinex/wp-content/uploads/sites/2/2022/09/magazinex-ret-logo.png
Domain
get.clickandanalytics.com
URL
https://get.clickandanalytics.com/f8c5xq

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| dayNames object| monthNames object| now string| back_url string| visit_id string| mongo_id string| domain function| activityWatcher function| leakSocialMediaAccounts function| displayResult undefined| mousePos undefined| previousPos object| mouseLog object| mouseClickLog number| mouseMovements number| mouseDistinctMovements number| mouseDistance number| mouseClicks number| mouseActive number| mouseActivePercentage number| mouseSpeed number| mouseSpeedTotal number| mouseTime number| secsOnPage number| pingInterval function| initFingerprintJS function| initBotd object| Botd object| FingerprintJS

22 Cookies

Domain/Path Name / Value
.otodiva.com/ Name: _ga_LY8D8YR8N2
Value: GS1.1.1687865617.1.0.1687865617.60.0.0
.otodiva.com/ Name: _ga
Value: GA1.2.1552603083.1687865618
.otodiva.com/ Name: _gid
Value: GA1.2.1029580407.1687865618
.otodiva.com/ Name: _gat_gtag_UA_109987058_3
Value: 1
otodiva.com/ Name: simpeladus1
Value: 1
get.clickandanalytics.com/ Name: _subid
Value: 3iq4pqp2aqke9
get.clickandanalytics.com/ Name: 704bf
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEzXCI6MTY4Nzg2NTYxOH0sXCJjYW1wYWlnbnNcIjp7XCI0XCI6MTY4Nzg2NTYxOH0sXCJ0aW1lXCI6MTY4Nzg2NTYxOH0ifQ.vCLB7yMO47eQDAdMVnGMnTXvK9LhAjhPzdIa3cUdbAw
.qzgxqt.com/ Name: truniq
Value: 1
.qzgxqt.com/ Name: tracking
Value: 1
.qzgxqt.com/ Name: prompt
Value: 1
.dratingmaject.com/ Name: 27aadbeb-e4e9-48b2-9a57-e5c8913d9542-v4
Value: 9EjY2yH_iHH-izQaDsl8oZKwzdgb6ZigY6b-WHVKQrI
.dratingmaject.com/ Name: cc-v4
Value: rWJvXF1VdDLKZd5jOaYExbdEqlpLc953LYi9f6xBJ%2BD%2FE96dNaTYNiFcFxJP%2FJzOUXcTRXVvwhVcYWrWbsVNT4iiK%2Ftf7%2F1AFrTHu6FhI8DURBbN7FPaWEKGz5LaWAy4zDfpOkVdllin0gWj9vXU0w%3D%3D
bf233.trknovi.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVlVlgwcG91Z2R1Tm1XQWlrM1RUYmc9PSIsInZhbHVlIjoiWlpVeU5DeTI1OWFURHI4bTVLR01TeUppTUU1bkM3clhmNFNPejlEUVQvdWRCZUcrRkpab09EMHR3K3F5ZG9NOFh0Tmh1M2dNSHE3b3pydHR3RFNDbDc0bTFPTTBYdVU3YU5TRFRQdy9ZMUZZRCtYeWpYSGdsYXBPMWtmaDVid20iLCJtYWMiOiJjZGQxNjEwZGY3MTM0M2U1YTMxNmZmZGIwM2YxMjliM2Y5ZDMyZTFiOTZiYThmODM1OWUxZGFmNThmYWMxZWViIiwidGFnIjoiIn0%3D
bf233.trknovi.com/ Name: novidash_session
Value: eyJpdiI6ImFHNEp1eG5BakRiYnR6RVRFeW45YUE9PSIsInZhbHVlIjoibDZ3cFdCNlZISFNML2QrVnZhelR3enJTR2ZaL3RKQ0Q5SUpJMmw3d1dsZG82TFdCMkRWREZkeXc4MnJVMnl2MWp5UmRaS1gwa3kxdjJjVGZRQ0g1eis4QUwrOWFCZTJMcVBNK0dHSlIwQUhid3I1cytLeW5VZkhiMkhPR1JnM2wiLCJtYWMiOiIwNjRlMWUxY2E0MzZhMTlhYzkwZGE2NjcxMDQxNGVhM2QyMmNmYjkyZTFmODI0MmQ3Y2RlMTU2NzliZWZlNTc3IiwidGFnIjoiIn0%3D
other.landerhd.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVMODk2TDZiVmxaTDIwUEZOa3g2V2c9PSIsInZhbHVlIjoiNFZaV2ZXaGtIUHlQajNYVTFkSm1yQ215bE5YTy9aWVJxSkY5Uyt6UGllYy95dHF2dmp3WWNqRDE2b3ZNS2hhby94L1MrNFY0bWxNSkV3ejNpSlFOK0VkcGJBR0NWY2xwb2xCRFVkWlA5cFVBVElPZldCNUk1dFdoWVNuT0NXQ3QiLCJtYWMiOiJjMTNlOTk5Yjg3ZWRkYmY2YjA4YmViOWY2NWE3YTNkN2QwYTFiNWZjMTAwNDM3MjFkYzgzNjU1Y2Q0NTExNWM5IiwidGFnIjoiIn0%3D
other.landerhd.com/ Name: novidash_session
Value: eyJpdiI6IjdhOU55c3ZwRzBta1g3Y3MyOTFNVlE9PSIsInZhbHVlIjoiMFBReUdWdFBhMHluVjd2b3VBeDZXdnV1aXV0RTBZMHBJQW4rRnhhd0pjQm9aSnJybEQ1b2ZJVndIalhXcmpzQ1JCbkRSQ2hZTlFDZjIxaEoxMURrUm5KK08wbXl4OVJQeHd6SFF2Ym1SVW8vN2FvWmZvT3lHMVZIcXViRll4b20iLCJtYWMiOiI2NzBlMzg0ODIwY2Q3NTQ5ZjBjMDg0YTJkZmE2MGNkMzUzZWVhNTM2OTJjNzI1ZTRlODg3N2NjODJkZTFmNGU3IiwidGFnIjoiIn0%3D
.accounts.spotify.com/ Name: __Secure-TPASESSION
Value: AQDGeLRXKdWUMK+68+atQXnMw5LvocYg6LD04h7mpz+TNh5zUAHul64cn2lhF8eGoflfgpOZpzxrel700eraAYwtJnlQ49W57eY=
www.dropbox.com/ Name: gvc
Value: MTUwNDg4ODUwMzQ4OTIxMjk5NzM0MTQ4OTcxNjEzMTM3Mjk3NjI%3D
.dropbox.com/ Name: t
Value: 2GdB1l_z0TxWWaDMYHGaKJj3
www.dropbox.com/ Name: __Host-js_csrf
Value: 2GdB1l_z0TxWWaDMYHGaKJj3
.dropbox.com/ Name: locale
Value: de
other.landerhd.com/ Name: botd-request-id
Value: 01H3YA2WWM0MQAJ477E7ZA8PK4

5 Console Messages

Source Level URL
Text
network error URL: https://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://other.landerhd.com/img/lg0034.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://other.landerhd.com/img/check009.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-368310386%3A1687865619132971&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqtzfk2y0cF3RBjyWGxKzJPcOCgjhluIey-Eg-3LmxH5F3t4mOScvcvHL-k6Cbqr6y9yj&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-83163301%3A1687865619147008&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEd6wSUy7SlUWkwrT1irZYDaH3DyVaLpMOgjx01c6vlTnFLwffFevndnGLEPyBdcJ3WQhff&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
accounts.spotify.com
azkcqs.com
bf233.trknovi.com
botd.fpapi.io
cdn.clickandanalytics.com
cdn.jsdelivr.net
click.clickandanalytics.com
dratingmaject.com
ecrwqu.com
get.clickandanalytics.com
novidash.com
other.landerhd.com
otodiva.com
qzgxqt.com
region1.analytics.google.com
statistic.scriptsplatform.com
stats.g.doubleclick.net
themedemos.net
www.dropbox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.spotify.com
get.clickandanalytics.com
themedemos.net
18.195.149.11
185.56.234.205
188.240.52.20
194.135.30.210
2001:4860:4802:32::36
2600:1901:1:c36::
2606:4700:3034::6815:1bab
2620:100:6022:18::a27d:4212
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200d
2a00:1450:4001:813::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::9a
2a02:b4a:1:7::9166:1
2a02:b4a:1:7::9273:1
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::485
34.205.67.164
91.238.104.193
0c6ca10ddb773f73aeb2c8025606da76b461da9955a01027b682ff86ac3638bd
0e378d479ee15f96c3c707798d8adea9971cd74e655282b154fb7d17aa5b62a2
1185e062ddacafd04d35e20d7f4492457b9acd9bd381e1d76d632b22398e70d7
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
27e22e2443f8c12eea2affd7706ac9b248169c2e57cef374f2bffae93425bf09
2a81e5847a503338595d25715de80a0687767083701f797483edabd834b09b8c
2e9f6c65bc1411adba62bd631bbe6f7f1b4d9c1c93c374efafef01fab3bd7008
2feb4868c08bb3b1799ceb7128da7093570e639bbe188d4bd220abd6f73e528c
34df67ff52e988aa49ee28baf9a087f404427c1395f8bc85447b6d1d60e6f922
39e2417c72caf36dafcec1ed424e193196499b7631d115c8d9be8413012122b0
425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c
47ba1df252a79655749198b324b69789ce3fff7ab942675876e81436d6fedfdc
4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c
52e6c3e0c3c2d518f8bf787de1e40e557c21e3b072f29c854f6321053e2fbbf3
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
70a6610b1ace14a1a128da9f7dd1d77bbfaaace7e99fa98e42a26a618d0106ce
743c6c8f358ac6c4030b6bcbbd780524d49fdc959aab0e71e724f3de54cbc941
7ba4e253c0fae286682825abf3745e13fe7db1904e2bbb6fc04bc8f4d42ccc80
83580cc1b596024d18a17560d063b51c9def4ea867b76d116e97318d8999d166
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
97cb949f76141490a12cd87226db38a62f9b8713980ffec83676f171d5be439b
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9b3af398b381f6d8468dd65166755d065b136fe48d13d9020488a5d5323e1ff2
9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
bb06b695309d85b738ba623fd53a7ddb21ba298ea8e85115cddfb20d8acc1c21
bf682317a419b3aad4d721dc064969fc60e1bc0457cc78ba146a0566797f17d3
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c863cdd62f08d0ce87a9b38e66a98ad4335b7f980b3f61e22b9e1958285a5431
d1b1cee2bc9793fc49a002937e292f05ef6b961bd801154371178865a971adeb
d971ad919ca1b24b8d3d4a06eca8ffb097381f37e675d38d8c6e102f3d2c8418
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd8ec6f5faec93f7b783317bf2adb5c56e2c0d00ca7003dd07edcaf86f719602
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa5b25dce66e81fa4ea2a4e0c24f730ed6aa49848e1502f2591fa83accc42a8
e1c1197542245cad6f55ce91299dd16ebe69920245fa15dffff57591301c482f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7467ed74200638b2f3a06325b10ad6e8036ce69f0befaf41a553b28233070f0
ed56f55a3172715bbbf8763b0750fd37b8de0596526a1fc347c540d99f8835ef
ee9f3fc5bbca9a24aaab5614f2fce4ac8baaa336c23876078ec7563d207c91e0
fc75754fe863efff7aeb1da0f1aa6475303a98a2d99c10a18808875bf23286a3