www.1clic1don.fr Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://youtube.andm.tv/9eyujM2Z
Effective URL:
https://www.1clic1don.fr/tagysh.php
Submission: On June 25 via manual (June 25th 2022, 12:50:17 pm UTC) from FR — Scanned from FR

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 23 domains to perform 83 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.1clic1don.fr. The Cisco Umbrella rank of the primary domain is 234919.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 23rd 2022. Valid for: a year.

This is the only time www.1clic1don.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:d71f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.0.217.76 162.0.217.76	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	67.212.173.77 67.212.173.77	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.82.147 51.68.82.147	16276 (OVH) (OVH)
1 1	34.141.137.168 34.141.137.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.161.115.163 51.161.115.163	16276 (OVH) (OVH)
1 1	23.235.251.114 23.235.251.114	19437 (SS-ASH) (SS-ASH)
1 1	142.93.240.225 142.93.240.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.103.94 13.224.103.94	16509 (AMAZON-02) (AMAZON-02)
2 37	5.9.20.91 5.9.20.91	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:303... 2606:4700:3033::6815:834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.91.236.255 51.91.236.255	16276 (OVH) (OVH)
15	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
1	162.19.154.224 162.19.154.224	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.223.141.84 18.223.141.84	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
83	17

1 2606:4700:3034::ac43:d71f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

youtube.andm.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.217.76 (Amsterdam, Netherlands) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business156-5.web-hosting.com

1ie.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

polo.thegadgetguru.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.212.173.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

www2.redirectmaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.82.147 (France) 2 redirects

ASN16276 (OVH, FR)

www.wewillserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.141.137.168 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.161.115.163 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net

t3.goldensevenseas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.235.251.114 (Ashburn, United States) 1 redirects

ASN19437 (SS-ASH, US)

48.us.tealwinds.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.240.225 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

redir.goldwinds.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.1clic1don.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-94.zrh50.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 5.9.20.91 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: h109.hubuhost.com

g.cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.blyatflix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ref.cdnplus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thisis.aninter.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6815:834 (United States)

ASN13335 (CLOUDFLARENET, US)

cpm.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

admediatex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.91.236.255 (France)

ASN16276 (OVH, FR)
PTR: cluster029.hosting.ovh.net

www.fortuna-island.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.154.224 (France)

ASN16276 (OVH, FR)
PTR: h114.hubuhost.com

de-c114.cdnplus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com

warden.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	cash-ads.com 1 redirects g.cash-ads.com — Cisco Umbrella Rank: 364547 cash-ads.com — Cisco Umbrella Rank: 362876	440 KB
18	arc.io arc.io — Cisco Umbrella Rank: 35150 static.arc.io — Cisco Umbrella Rank: 57380 core.arc.io — Cisco Umbrella Rank: 68766 tracker.arc.io Failed warden.arc.io — Cisco Umbrella Rank: 58385	289 KB
7	1clic1don.fr www.1clic1don.fr — Cisco Umbrella Rank: 234919	84 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	cpm.media cpm.media — Cisco Umbrella Rank: 353722	4 KB
3	cdnplus.de ref.cdnplus.de — Cisco Umbrella Rank: 368022 de-c114.cdnplus.de — Cisco Umbrella Rank: 471653	39 KB
3	wewillserv.com 2 redirects www.wewillserv.com — Cisco Umbrella Rank: 681185	6 KB
3	redirectmaster.com www2.redirectmaster.com	7 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	62 KB
2	blyatflix.de c.blyatflix.de — Cisco Umbrella Rank: 316422	847 B
2	admediatex.net admediatex.net	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	aninter.net 1 redirects thisis.aninter.net — Cisco Umbrella Rank: 453632	163 B
1	fortuna-island.com www.fortuna-island.com — Cisco Umbrella Rank: 407595
1	goldwinds.xyz 1 redirects redir.goldwinds.xyz — Cisco Umbrella Rank: 60612	380 B
1	tealwinds.xyz 1 redirects 48.us.tealwinds.xyz — Cisco Umbrella Rank: 123194	929 B
1	goldensevenseas.net 1 redirects t3.goldensevenseas.net — Cisco Umbrella Rank: 123833	296 B
1	go2affise.com 1 redirects admoustache.go2affise.com — Cisco Umbrella Rank: 72558	239 B
1	thegadgetguru.club 1 redirects polo.thegadgetguru.club — Cisco Umbrella Rank: 710920	404 B
1	1ie.ca 1 redirects 1ie.ca	688 B
1	andm.tv 1 redirects youtube.andm.tv	586 B
83	23

	Domain	Requested by
29	cash-ads.com	cdn.jsdelivr.net cash-ads.com
14	static.arc.io	arc.io core.arc.io static.arc.io
7	www.1clic1don.fr	www.wewillserv.com www.1clic1don.fr
4	fonts.gstatic.com	fonts.googleapis.com
4	cpm.media	www.1clic1don.fr www2.redirectmaster.com
3	g.cash-ads.com	1 redirects www.1clic1don.fr g.cash-ads.com
3	www.wewillserv.com	2 redirects www2.redirectmaster.com
3	www2.redirectmaster.com	www2.redirectmaster.com
2	warden.arc.io	static.arc.io
2	cdnjs.cloudflare.com	static.arc.io
2	cdn.jsdelivr.net	cpm.media admediatex.net
2	ref.cdnplus.de	c.blyatflix.de ref.cdnplus.de
2	c.blyatflix.de	g.cash-ads.com c.blyatflix.de
2	admediatex.net	www.1clic1don.fr
1	www.google-analytics.com	static.arc.io
1	fonts.googleapis.com	cash-ads.com
1	de-c114.cdnplus.de	www.1clic1don.fr
1	thisis.aninter.net	1 redirects
1	core.arc.io	arc.io
1	www.fortuna-island.com	www.1clic1don.fr
1	arc.io	www.1clic1don.fr
1	redir.goldwinds.xyz	1 redirects
1	48.us.tealwinds.xyz	1 redirects
1	t3.goldensevenseas.net	1 redirects
1	admoustache.go2affise.com	1 redirects
1	polo.thegadgetguru.club	1 redirects
1	1ie.ca	1 redirects
1	youtube.andm.tv	1 redirects
0	tracker.arc.io Failed	static.arc.io
83	29

This site contains links to these domains. Also see Links.

Domain
www.fortuna-island.com

Subject Issuer	Validity	Valid
www2.redirectmaster.com R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
www.wewillserv.com R3	`2022-06-11` - `2022-09-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-23`	a year	crt.sh
arc.io Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
g.cash-ads.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
www.island-quest.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
c.blyatflix.de R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
static.arc.io R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
core.arc.io R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
ref.cdnplus.de R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
cash-ads.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.1clic1don.fr/tagysh.php
Frame ID: 84AC512D2CFD838AA3231D465020C475
Requests: 35 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?94c5673
Frame ID: 4A83EAFC625A27553666798106FBEDE6
Requests: 7 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: 92E0CD675179EB2343FD74E1243BFD61
Requests: 2 HTTP requests in this frame

Frame: https://c.blyatflix.de/nora/?t=1656161411
Frame ID: 39D2704FD9C801A1FFF38116049A8CB7
Requests: 1 HTTP requests in this frame

Frame: https://cash-ads.com/?su=1
Frame ID: 958B533CC8D744F7A34E900F450A0905
Requests: 34 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?94c5673
Frame ID: ED05CBC3837DC578F2908C6F832A443F
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?94c5673
Frame ID: 85DA5AD36D33E6CF9DD304CFD4AE3611
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://youtube.andm.tv/9eyujM2Z HTTP 302
https://1ie.ca/6ba4f22800d8fd77f294 HTTP 302
https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream... Page URL
https://www2.redirectmaster.com/?utm_term=7113159084274090076&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://www2.redirectmaster.com/proc.php?4afa6fe82dc98ebd789859f4603a563b4d2e49b0 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website... Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website... HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300089288c6fb0570d948df6890bc1e... HTTP 302
https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62b7048145d... HTTP 302
https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62b70481af7470120506a5e7 HTTP 301
https://redir.goldwinds.xyz/feed/click/?t1=128&tid=48&uid=36&subid=48.503&id=d3a62b903a7da71dd6219f247e6... HTTP 302
https://www.1clic1don.fr/tagysh.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

83
Requests

98 %
HTTPS

39 %
IPv6

23
Domains

29
Subdomains

17
IPs

5
Countries

998 kB
Transfer

2700 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fortuna-island.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://youtube.andm.tv/9eyujM2Z HTTP 302
https://1ie.ca/6ba4f22800d8fd77f294 HTTP 302
https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f Page URL
https://www2.redirectmaster.com/?utm_term=7113159084274090076&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
https://www2.redirectmaster.com/proc.php?4afa6fe82dc98ebd789859f4603a563b4d2e49b0 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=55c97a36b894a653935907b022403620&eyer=0.42299442083157435&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www2.redirectmaster.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=3&eyer=0.42299442083157435&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www2.redirectmaster.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300089288c6fb0570d948df6890bc1e8da260625-202206-flb*5467509-4538f*M7113159084274090076*sl_5467509-4538f*e01cc6bdced662fb058b4532164d54ce1fe17efc*4400-34849da0*4400 HTTP 302
https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62b7048145d2470001877679 HTTP 302
https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62b70481af7470120506a5e7 HTTP 301
https://redir.goldwinds.xyz/feed/click/?t1=128&tid=48&uid=36&subid=48.503&id=d3a62b903a7da71dd6219f247e6fc7c7:634e05c7d55b78b9526d28dbd77651b7a90bb02312bb15e4239bf3181eb7878ede5d0d51c8daa6474979d1bd88fe078a95cd88cc91cf3d84a687bd1d01e723576fcf6c712542be5e40e2edb346f776dd23cb2b34613c7a35c85c565927e8a04c7c5ed82ff1e2e1946e610e180c3e2815821d87625fc2fbbcf7c497884ad66d3e16d855cb1947821499441a251ff0fe49c197d266224b7f5580a373b8f18cebc71d7cbe07a6f0d66880349b62e3027ff9c17946efa6462d243bf11801360172a0ed3ed2d9bbabfe78bd2244dd788eccda46963d961945db01462b3fdd2b287f457f95ed4c9f19b77d15f9ff5ce752af4e5cc5a9e7282f9d21111c8d8c1d297d595c3292fc074beb7243bcff320694c74a91b1b7b8a43040700448da01fa9d28af9cb1fe51ba0d26c48d4748b9a8162bbb&s1=62b70481af7470120506a5e7 HTTP 302
https://www.1clic1don.fr/tagysh.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://youtube.andm.tv/9eyujM2Z HTTP 302
https://1ie.ca/6ba4f22800d8fd77f294 HTTP 302
https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f

Request Chain 19

https://thisis.aninter.net/ HTTP 302
https://de-c114.cdnplus.de/none.mp3

Request Chain 36

https://g.cash-ads.com/?nc=5EIvAPWyUyIXvJqijU2A7VU8SpV6RjK%2F2Zi6AzvZj74%3D HTTP 302
https://cash-ads.com/?su=1

83 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www2.redirectmaster.com/
Redirect Chain

https://youtube.andm.tv/9eyujM2Z
https://1ie.ca/6ba4f22800d8fd77f294
https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860...

3 KB
2 KB

559ms
117ms

Document
text/html

67.212.173.77
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.212.173.77 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www2.redirectmaster.com/?utm_term=7113159084274090076&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 25 Jun 2022 12:50:07 GMT
Location: https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f
Server: nginx/1.16.1 (Ubuntu)

GET
H2 200 / Show response
www2.redirectmaster.com/ 8 KB
3 KB 120ms
120ms Document
text/html 67.212.173.77
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.redirectmaster.com/?utm_term=7113159084274090076&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90

Requested by

Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.212.173.77 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

75f10e19abe3a8a3cb43be13ceff36fa1b6f3b5b5905b09f5d94998e36d33850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 25 Jun 2022 12:50:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

GET
H2 200 proc.php
www2.redirectmaster.com/ 4 KB
2 KB 118ms
118ms Document
text/html 67.212.173.77
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.redirectmaster.com/proc.php?4afa6fe82dc98ebd789859f4603a563b4d2e49b0

Requested by

Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/?utm_term=7113159084274090076&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.212.173.77 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.0.11

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://www2.redirectmaster.com/?utm_term=7113159084274090076&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.0.11

GET
H/1.1 200
OK /
www.wewillserv.com/ 5 KB
5 KB 129ms
32ms Document
text/html 51.68.82.147
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by: Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/proc.php?4afa6fe82dc98ebd789859f4603a563b4d2e49b0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www2.redirectmaster.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Sat, 25 Jun 2022 12:50:09 GMT
Transfer-Encoding: chunked

GET
H2

200

Primary Request tagysh.php Show response
www.1clic1don.fr/
Redirect Chain

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd8385...
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd8385...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300089288c6fb0570d948df6890bc1e8da260625-202206-flb*5467509-4538f*M7113159084274090076*sl_5467509-4538f*e01cc6bdced662...
https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62b7048145d2470001877679
https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62b70481af7470120506a5e7
https://redir.goldwinds.xyz/feed/click/?t1=128&tid=48&uid=36&subid=48.503&id=d3a62b903a7da71dd6219f247e6fc7c7:634e05c7d55b78b9526d28dbd77651b7a90bb02312bb15e4239bf3181eb7878ede5d0d51c8daa6474979d1b...
https://www.1clic1don.fr/tagysh.php

3 KB
2 KB

129ms
79ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/tagysh.php

Requested by

Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e364d46c857fc194a0d1201655c761c25df1df0f26b5eda31a9ab0c727bcc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7113159084274090076&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 720dd3d69c8d3a93-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcwDIwU0rQo7D1WS94c8O5hPjS9DR4mNuoYQMQPQEjIXLTFFGfu2nbhNHPbv6L9lH%2FDFYxuKSHdvFBgZyNfpiO3ZVmAj5Xq5k2v%2FhBpWdQkMeV5exPmqrBZ26DBOutYwphdvDJA3yP1PHxm1kn4W"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 114
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Jun 2022 12:50:11 GMT
Expires: 0
Keep-Alive: timeout=5
Location: https://www.1clic1don.fr/tagysh.php
Pragma: no-cache
Surrogate-Control: no-store
Vary: Accept
X-Powered-By: Express

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
4 KB 122ms
36ms Script
application/javascript 13.224.103.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-94.zrh50.r.cloudfront.net

Software

Resource Hash

aa28ed620285f770a7537eeb6aa1473bb5d80d5bfda55475d2efefe8e1606365

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 21:17:43 GMT
age: 3418
etag: "62b23577-d06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
date: Sat, 25 Jun 2022 11:53:21 GMT
x-amz-cf-pop: ZRH50-C1
content-length: 3334
via: 1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
x-amz-cf-id: Om6c9Z-ir4VpYHQ6O87P9h2a4oouF0YHHUEibzOXY7s0wtFCmCJgaw==

GET
H2 200 style.css
www.1clic1don.fr/style/ 163 KB
26 KB 38ms
37ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/style/style.css

Requested by

Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cbc3a472cb47beaa472ef9445e776bb6f053b311318948d7ebbffda0e02bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/tagysh.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 12 Jul 2019 15:22:30 GMT
server: cloudflare
etag: W/"28b20-58d7d7a8c8304"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLsBX0nzBaJaAK8p9%2Bgt4lkaPBLcAFB7e9zMo%2BfYAN7VpR9ormx%2BHS8XCFFvPIdxCFC8gE4a%2BpquViqN3R9KiNCcUSTfKrJ9HpjvHufi4kn%2FEOnVpE9DcpctejR%2BwF8fWdNNmoqMsXnVwiCvvmQ1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 720dd3d72d723a93-CDG

GET
H2 200 bootstrap.min.js Show response
www.1clic1don.fr/js/ 36 KB
10 KB 52ms
51ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/js/bootstrap.min.js

Requested by

Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/tagysh.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jun 2019 23:32:57 GMT
server: cloudflare
etag: W/"9004-58ab0224731cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7vi7yo1U3OjY2peXwgAs20I2vKvT%2FBL7cFvIJvJdOkJ%2FwAkzskg16GTLGUmEBVAz%2FjrvADt9sWhKhpRt8%2FYM6jHOR44bLGo%2FX4RBRFdG%2F0Tzhf%2BfCFIx6duGw5x%2F0kxuMW4jmybcb7UEQAu%2FaBV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 720dd3d72d763a93-CDG

GET
H3 200 invisible.js Show response
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/ 41 KB
15 KB 40ms
40ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1656158400
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd989ee5bc29083f3fcd28068121d19244269f4b8a735f970ca08462a897ab17

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/tagysh.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkUcvbk9dgeAZVqd6oVnxV7De2Lt3cWb9LKDlJvha5J5YeqAuYwooKgAvFTQT37jtQRLf2VKAxxEEu2acGI3N6I9BI7AA27xb7mmwTQ8MCvSdk7gfVkR2IhmCl2mI7O8dQve7R99YNwXZxuyFpQ6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 720dd3d77f1eee75-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
g.cash-ads.com/banner/ 6 KB
2 KB 94ms
28ms Script
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner/?code=F2krjq8k7qh5lRutMuJyaQ%3D%3D

Requested by

Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

755704919e14643c66ef365fe41d0e797ab434cb6ec5e3a1edd5882e40e64f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 ads.js Show response
cpm.media/serve/ 3 KB
1 KB 82ms
29ms Script
application/javascript 2606:4700:3033::6815:834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.media/serve/ads.js
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab7bb9c0e4bb66a7ca8b9ee21ff0d2c21347c5d12b108ce4ce3dcb3d8922771

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29762345
cf-polished: origSize=3040
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Feb 2021 04:02:14 GMT
server: cloudflare
etag: W/"601a2046-be0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cjh7QjBjmZU7U80yfSZt3xi7QPw4NKUN4Sgm7FtSPtglbavysa5JjGliIM0GjOYGDYrV1evVKZXlAhwGmwTUr%2FGM7zJobwpNdMqhtfmaWV4N%2FTPT3rHuBiB5uESUrXKHQH%2Bb3W1UAQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 720dd3d77bc7085b-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads.js Show response
admediatex.net/serve/ 1 KB
1 KB 239ms
36ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admediatex.net/serve/ads.js
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21048096
cf-polished: origSize=1098
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Oct 2021 19:57:36 GMT
server: cloudflare
etag: W/"616345b0-44a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM4NM1RDdX%2B%2FE12RzwPmskZpA1%2F74yW8qKto%2BdjDf55x3epS1anRaCPPpgKVkFWtPzhDzv525CG7QBMcb1SgG7BDLWjNTmER3%2B7AfF4orxxCEo7mkyplc2gBoHdRxw2IUd%2BLs0hA2n%2Fp0SQP5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 720dd3d86b32088f-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 logo.png
www.fortuna-island.com/img/ 0
0 281ms
92ms Image
text/html 51.91.236.255
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fortuna-island.com/img/logo.png
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.236.255 , France, ASN16276 (OVH, FR),
Reverse DNS: cluster029.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.1clic1don.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 charlevoixpro-bold-webfont.woff2
www.1clic1don.fr/fonts/ 22 KB
23 KB 56ms
56ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1clic1don.fr/fonts/charlevoixpro-bold-webfont.woff2

Requested by

Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/style/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96bf06d27816ef7237fe7998dab7276e073559337e0f3e8a55514f7f1046307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.1clic1don.fr/style/style.css
Origin: https://www.1clic1don.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22524
last-modified: Thu, 06 Jun 2019 23:14:59 GMT
server: cloudflare
etag: "57fc-58aafe2079f9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBZAWRQdU0qV2DOTPddkzbiTqN215uMkzKUKKCQr28noOV6J1kKzNmK0REck2ZJ9yPd0kv8MY5vZ1KKPXSd%2FAdWX251RsA0HnMk6p9YLCyCddESviQ0HmQeLIdPq7bWCU1ZotnvMyJW0x4sGKjvX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 720dd3d78f25ee75-CDG

GET
H2 200 base.js Show response
g.cash-ads.com/js/ 91 KB
37 KB 54ms
53ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://g.cash-ads.com/js/base.js
Requested by: Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=F2krjq8k7qh5lRutMuJyaQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81

Request headers

Referer: https://www.1clic1don.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: public
date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 15:27:16 GMT
server: nginx
etag: W/"612e4a54-16b34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Sat, 02 Jul 2022 12:50:11 GMT

GET
H2 200 jw.js Show response
c.blyatflix.de/ 2 KB
657 B 105ms
28ms Script
text/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=F2krjq8k7qh5lRutMuJyaQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

afcf6d6f4633177f7c25cc67071d767b4f0b83bc2d3439a86c757fb3504143f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.1clic1don.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/javascript;charset=utf-8

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 310 KB
104 KB 91ms
24ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?94c5673
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 6b1c5edf7ba782b249b9021b95d6aa7204018a6023fde2c8bb03374c632c007e

Request headers

Referer
Origin: https://www.1clic1don.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: XNNDJEV9GF9XSA7S
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 06/21/2022 21:22:36
cdn-pullzone: 786569
x-amz-id-2: Ndz1e79JR/gfp2SeMDfBfOvSewwFer8MyReN1Lyb0kjHsS/k+OX2POv2qKut61Cbt2gFnA9bEaM=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Tue, 21 Jun 2022 21:18:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"4355d0f633392adc4c7baf5c35035f5d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: c180d937077738b93f30095287ed44d2
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.html Show response
core.arc.io/ Frame 4A83 2 KB
1 KB 121ms
29ms Document
text/html 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?94c5673

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-138-199-37-226.datapacket.com

Software

BunnyCDN-DE-832 /

Resource Hash

0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.1clic1don.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 06/21/2022 21:20:18
cdn-edgestorageid: 832
cdn-proxyver: 1.02
cdn-pullzone: 786568
cdn-requestcountrycode: FR
cdn-requestid: ca2849370c03aad9e10dbc9a49aad6af
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding: br
content-type: text/html
date: Sat, 25 Jun 2022 12:50:11 GMT
etag: W/"61e89f9d-612"
expires: Thu, 21 Jul 2022 21:20:18 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
server: BunnyCDN-DE-832
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 / Show response
ref.cdnplus.de/ Frame 92E0 806 B
754 B 119ms
39ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/

Requested by

Host: c.blyatflix.de
URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

4f91d3ae8ee8601ccc4be12c4039e3536bf0188b82742c48eed6b05fa2134e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:12 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
c.blyatflix.de/nora/ Frame 39D2 0
190 B 28ms
27ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/nora/?t=1656161411

Requested by

Host: c.blyatflix.de
URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:11 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.0

200
OK

none.mp3
de-c114.cdnplus.de/
Redirect Chain

https://thisis.aninter.net/
https://de-c114.cdnplus.de/none.mp3

133 KB
0

540ms
267ms

Media
audio/mpeg

162.19.154.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://de-c114.cdnplus.de/none.mp3
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: HTTP/1.0
Server: 162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS: h114.hubuhost.com
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

icy-name: Hubu.FM | Radio Hunteburg
X-Clacks-Overhead: GNU Terry Pratchett
icy-br: 128
icy-notice2: Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url: https://hubu.fm
Access-Control-Allow-Origin: *
icy-genre: Misc, News
icy-sr: 44100
icy-pub: 1
Connection: close
Accept-Ranges: none
content-type: audio/mpeg
icy-notice1: <BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control: no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location: https://de-c114.cdnplus.de/none.mp3
date: Sat, 25 Jun 2022 12:50:12 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/jquery/3.0.0-rc1/ 84 KB
31 KB 74ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js

Requested by

Host: cpm.media
URL: https://cpm.media/serve/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8306899
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19146-FRA, cache-cdg20777-CDG
timing-allow-origin: *
server: cloudflare
etag: W/"1511e-iX3qQTkE9uH1SwOLGxDGVnnk1pk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR64taWeloyYLlCbjYNjBIcF3KWlD5u4xF518M25ay0YPs8r03O%2FLdyz%2FHl7uNm5eb%2BPE3nSlaTEkUgJs87tRt7PWk%2Fz8bXJ78z387yThewaBz7gsrRmUSo6P%2FkmZxItp5rOXgYf4ZipqrKj47I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 720dd3d8be9a3bb0-CDG

GET
H2 200 broker.b281d075.js Show response
static.arc.io/broker/js/ Frame 4A83 24 KB
10 KB 25ms
24ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.b281d075.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GYAYQM8V3GSY76E
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: d6k/7FH6v6jNbhSpJllTbst7nxAHq6rHwwiUNDZr3YXs+D7quKzRyySPG5KZsoPz9XDS4MsVjHU=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: c6f304627bf454effffc9cb07806a8a7
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 4A83 49 KB
20 KB 27ms
27ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:11 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY0AQCKANCHFQ5H
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: EIcjsqnTnP9jU4Wl6zfSTJ1NjBNlvquobQ7wy/iG/qNW7DR7NE1Bhq8y7L8i0FfhEiByDyNZvvg=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 0197c3f3e628470851f4af42db5750b3
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 4A83 0
5 KB 117ms
67ms Other
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GYEMKQPGE5ZWWQX
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: X25XNylBVcqLvXXmT7Zo+EC4edW0UfpEAFmDf3ZZG1AseatZE29txJKwJ+Vb2Y6nPs9132SOWA8=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 0116f1bfc615799a2a7e3fde0670819f
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 4A83 0
16 KB 117ms
67ms Other
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY7JH4K1MGVS138
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: 90h1aW/GSZT/wRAu769jfrRyldDTmyY6FRcAwiHnFC35A29iunct99jxluZnRCJ+ieBa5vq7IA0=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: fcfecaccbfecebd6150e9f28b27f9859
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 94 KB
34 KB 52ms
47ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY6S001T357QB3G
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: iP/RSL85XHclcpcrRrLq8hDCh9Xkr+hKxAg2ey8jC22KyRaF7rG4Duvz6BVtYr3GR5GbAfYsqjY=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Mon, 16 May 2022 23:42:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5f5181a44cab6b9ccdc03f0d9f46e177"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 8741edb68c0bb861f702875d241103e6
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget.css
static.arc.io/widget/css/ 85 KB
9 KB 31ms
26ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?94c5673
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CV6WB975TW9A7WNM
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 06/21/2022 21:24:24
cdn-pullzone: 786569
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vqYsTSvP5ttKVJAOBKDrDXvQVII6ltCqSREIFhN3yypK/bqSPGFqW5knogB1X+hrlTwJHVWngqw=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Tue, 21 Jun 2022 21:18:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: e369995a13422b0d4bd8f9eef0849aea
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 59 KB
26 KB 193ms
188ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?5de44f9a
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: c26919015cf95d5a04c427c50c712e1d3332bb7ddc49a317e5c7132f81f8dd1a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CV6S4ASMMRH30RVS
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 06/21/2022 21:24:24
cdn-pullzone: 786569
x-amz-id-2: uex4QNBi15hGS/IwzFi85SOSFw4if9Ojz3uHTO+zvyEcS9hW8kvN4le6VDtChfhejzrJD+TDHBk=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Tue, 21 Jun 2022 21:18:09 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7ea615cd7dc759a12c390c914ddc5aa6"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 5243572b91f083c55dc3bd6afc06ceac
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 ads.php Show response
cpm.media/serve/ 0
547 B 151ms
127ms Script
text/html 2606:4700:3033::6815:834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.media/serve/ads.php?a=1053&b=300x250&random=8932780&referr=
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdB0jpVrtcvrxbdeCUpO9AmjYOijl5AHujlSaL6FT4r520EdebKxGDzSEr7SsHVbF1AEXq6a0HwBM5QF6ar95J%2FVQleC%2B2%2Bq%2Fh7kpsxlvUbElT3h8QX1O4Z6m%2Fd5D9oXnXPIbEuEASo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 720dd3d94f67cda7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 4A83 45 KB
16 KB 50ms
49ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY7JH4K1MGVS138
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: 90h1aW/GSZT/wRAu769jfrRyldDTmyY6FRcAwiHnFC35A29iunct99jxluZnRCJ+ieBa5vq7IA0=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 8257eeed72dbd2f16f2e145b28dec8fe
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ref.cdnplus.de/ Frame 92E0 94 KB
38 KB 54ms
54ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/jquery.min.js

Requested by

Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ref.cdnplus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 14:16:34 GMT
server: nginx
etag: W/"628f8bc2-1762a"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H3 200 ads.js Show response
cpm.media/serve/ 3 KB
1 KB 28ms
27ms Script
application/javascript 2606:4700:3033::6815:834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.media/serve/ads.js
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab7bb9c0e4bb66a7ca8b9ee21ff0d2c21347c5d12b108ce4ce3dcb3d8922771

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29762346
cf-polished: origSize=3040
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Feb 2021 04:02:14 GMT
server: cloudflare
etag: W/"601a2046-be0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfG9HjOXLcbhic%2BNoJa%2Bw63hFBIQI6v7oA1Fw2Xk6Gbbd%2BJPgYwQ6Jc0bk5qf3HLdX8xAAoQTLrhuqBb1n0EnjkZtVx6U%2BaB8Pyv70fEQkwdFnF1wjFkKVdx0d%2BGdywuV5fNDoPMmL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 720dd3da1829cda7-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ads.php Show response
cpm.media/serve/ 0
505 B 141ms
140ms Script
text/html 2606:4700:3033::6815:834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.media/serve/ads.php?a=1053&b=728x90&random=44960755&referr=
Requested by: Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=9685473860625e76e332de4459ddf50f&data4=37.59.164.96&1=1658&clickid=9685473860625e76e332de4459ddf50f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sobbsEGVxYwsyjunGd6Qjrh4pgSDss0bcFJwGwmBm0k74rhIjj5Qs62hBPZO1oVyaAlHPFkCfypgaegYtf3UxTK23rNv1QF7y6QQxoM27pir3qXqP2coWIvhzdu1Mj7H4%2BVbp9p%2B0bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 720dd3da5888cda7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
cdn.jsdelivr.net/jquery/3.0.0-rc1/ 84 KB
31 KB 62ms
37ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js

Requested by

Host: admediatex.net
URL: https://admediatex.net/serve/ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8306900
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19146-FRA, cache-cdg20777-CDG
timing-allow-origin: *
server: cloudflare
etag: W/"1511e-iX3qQTkE9uH1SwOLGxDGVnnk1pk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OhJAsxd2DbseYx6LmAQaYgMZk6fTReDkzKB7zKjUhKSzvDtHixrpSuzuct5HkB0qhkmapIxv%2FMgVYxGK%2BNG8glDRKmrNTDPD%2Bpqi94nAdIUvz%2FGnQF8R1Wb6%2BKpwnJNo5Rdl8N1vc7SjU4zuf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 720dd3db681699df-CDG

GET
H3 200 ads.php Show response
admediatex.net/serve/ 0
556 B 150ms
125ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admediatex.net/serve/ads.php?a=3612&b=300x250&random=34343498&referr=
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1umfQ13m9aEBjqOxQRcLoaho7qrqCMPf%2FxfQeQ6U%2FOcqrlaCezj9TpYd5eIU%2Fs9wGFr%2BM1W998xjKm1AX0g9CRFXLJ9guGu2THToL%2F3TTYYklw87eVUAUU1Zqoy5DBqPK4ywHCwc8HsPBNLkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 720dd3dbfd8132ad-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/ 20 KB
7 KB 34ms
34ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/tagysh.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701097612ed983380580b363ba25cbdfa83ed153bca36b709b7429853150efa1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHn9eMsCOJ%2FxRix1X33M%2BDo5BLDFEZ101aLT110mIPRhjfCOFAhQoXx8cNql0LM1tuKeUvocfJsh%2FcwgyzhI7rOLUi0wBGblHcDqGHCROQSGPzOnjR9eeudVYnVLVj4M%2B4Ac7Rq8Al9l8v6BQqKB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 720dd3dcec66ee75-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
cash-ads.com/ Frame 958B
Redirect Chain

https://g.cash-ads.com/?nc=5EIvAPWyUyIXvJqijU2A7VU8SpV6RjK%2F2Zi6AzvZj74%3D
https://cash-ads.com/?su=1

12 KB
4 KB

100ms
27ms

Document
text/html

5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/?su=1

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

2759e53d2cf137f2138bbb2981cfeebe1e2a2599977a99cf2818eed8434a7e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 12:50:12 GMT
location: https://cash-ads.com/?su=1
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame ED05 85 KB
9 KB 25ms
24ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?94c5673
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?5de44f9a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CV6WB975TW9A7WNM
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 06/21/2022 21:24:24
cdn-pullzone: 786569
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vqYsTSvP5ttKVJAOBKDrDXvQVII6ltCqSREIFhN3yypK/bqSPGFqW5knogB1X+hrlTwJHVWngqw=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Tue, 21 Jun 2022 21:18:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 425d9cf85a1f006081e7e3d68011e080
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame ED05 2 KB
1 KB 75ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?5de44f9a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1335911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b4v7wBUSkf%2BMb4siHXY%2BmQkSgNJZRpyxE5JYwpQeXOoNiNft0GImdLsr3z5jLh8%2By8DmiKDYZwfKt%2BzkaI83hpRCTNiTrH2l1jXFd2hL4ER26UWdtY5vYzcgpvjFu7OdpJRjSsif%2BtOjzHHjP5NsfaE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 720dd3dd6a0d99ce-CDG
expires: Thu, 15 Jun 2023 12:50:12 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 85DA 85 KB
9 KB 25ms
24ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?94c5673
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?5de44f9a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CV6WB975TW9A7WNM
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 06/21/2022 21:24:24
cdn-pullzone: 786569
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: vqYsTSvP5ttKVJAOBKDrDXvQVII6ltCqSREIFhN3yypK/bqSPGFqW5knogB1X+hrlTwJHVWngqw=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Tue, 21 Jun 2022 21:18:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 74efd1a19064e31b1b17f6b009f05bb2
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 85DA 2 KB
927 B 73ms
32ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?5de44f9a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1335911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoSwk%2F2FKWwTdp%2Bwtg3WzvBOgaIzUiRmnMhEwOl2C6%2BoZCHgoHsQSGMuXGNc%2BG5G0c2bFDxMnkTvWxZBaHC2spi3xEqUo98pwcrA2SNBBJXjM2oJu1pV6mAexzz2CjWOVNRWOP1VjnRO53TzgMcz8eOC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 720dd3dd7a0f99ce-CDG
expires: Thu, 15 Jun 2023 12:50:12 GMT

GET
DATA 200
OK truncated
/ Frame ED05 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 85DA 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 85DA 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 85DA 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 85DA 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 85DA 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 85DA 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 85DA 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
tracker.arc.io/ 0
0

POST
H3 200 720dd3d69c8d3a93 Show response
www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
720 B 49ms
48ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/cv/result/720dd3d69c8d3a93
Requested by: Host: www.1clic1don.fr
URL: https://www.1clic1don.fr/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1656158400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13U07Lb7ZapSefnbvBQwlmzEC0mTupzS5lm1Ud6MGjz0SQUvdBzNutHyPyBHYUB3LwPuzG3PFKxQlRaZEBGycfQCM6HpxbxSa%2FIVOWVXEUjYvzV4o3PzwwmCIZq0kPPjy%2FhfbzZNPPzqDg830Mpy"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 720dd3dece46ee75-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.css
cash-ads.com/css/ Frame 958B 179 KB
32 KB 28ms
26ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/css/bootstrap.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

6b654abc4b8086719a33aeb67b126014c934563d6917234a68c56d39eb990fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:10 GMT
server: nginx
etag: W/"5f1f73ae-2cbe1"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 style.css
cash-ads.com/vendors/linericon/ Frame 958B 8 KB
2 KB 28ms
27ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/linericon/style.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f5c203b6416a054de195921e85165e4d66fd303ea8d20982a190fede7b673576

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:12 GMT
server: nginx
etag: W/"5f1f73b0-2098"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
cash-ads.com/css/ Frame 958B 27 KB
7 KB 28ms
27ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/css/font-awesome.min.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:10 GMT
server: nginx
etag: W/"5f1f73ae-6b4a"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 owl.carousel.min.css
cash-ads.com/vendors/owl-carousel/ Frame 958B 3 KB
1 KB 29ms
28ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/owl-carousel/owl.carousel.min.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:13 GMT
server: nginx
etag: W/"5f1f73b1-b78"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 magnific-popup.css
cash-ads.com/css/ Frame 958B 7 KB
2 KB 29ms
28ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/css/magnific-popup.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:10 GMT
server: nginx
etag: W/"5f1f73ae-1b27"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 animate.css
cash-ads.com/vendors/animate-css/ Frame 958B 71 KB
6 KB 29ms
28ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/animate-css/animate.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:12 GMT
server: nginx
etag: W/"5f1f73b0-11a43"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 flaticon.css
cash-ads.com/vendors/flaticon/ Frame 958B 918 B
597 B 31ms
30ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/flaticon/flaticon.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

7263081ff610cdc7c51a3e3e0c8b3b051addf546f2f22b6d18c87bde264fa191

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:11 GMT
server: nginx
etag: W/"5f1f73af-396"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 style.css
cash-ads.com/css/ Frame 958B 73 KB
15 KB 31ms
30ms Stylesheet
text/css 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/css/style.css

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

be736095364682a6fbdbc6d67810ddf153839e6f5452b18cc030f2bc4adb4f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Fri, 04 Jun 2021 01:21:31 GMT
server: nginx
etag: W/"60b9801b-12524"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
cash-ads.com/img/ Frame 958B 5 KB
5 KB 84ms
82ms Image
image/png 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/logo.png

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

816f1b7cf77ac5ef80edc471e0bd022b54b3a1761a78db1d36183265727f5484

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
last-modified: Tue, 28 Jul 2020 00:39:09 GMT
server: nginx
etag: "5f1f73ad-14bc"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 5308
x-xss-protection: 1; mode=block

GET
H2 200 home-left.png
cash-ads.com/img/banner/ Frame 958B 43 KB
43 KB 84ms
83ms Image
image/png 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/banner/home-left.png

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f66496f94413bc28139d25add9dde664debc876c3a7d41cad539bc5f16f78039

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
last-modified: Tue, 28 Jul 2020 00:39:15 GMT
server: nginx
etag: "5f1f73b3-ab1e"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 43806
x-xss-protection: 1; mode=block

GET
H2 200 about_img.png
cash-ads.com/img/ Frame 958B 56 KB
57 KB 84ms
83ms Image
image/png 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/about_img.png

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

5c2cb8af90ce1d231850a27d808f783d88402cb2f8dcede4f82dd84d290e3022

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
last-modified: Tue, 28 Jul 2020 00:39:09 GMT
server: nginx
etag: "5f1f73ad-e12e"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 57646
x-xss-protection: 1; mode=block

GET
H2 200 bl.jpg
cash-ads.com/img/ Frame 958B 23 KB
23 KB 84ms
83ms Image
image/jpeg 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/bl.jpg

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

7bd9a8f3775ca1df3425e0004c68eef405d2c3d75cf2d518c0aba52fa925e3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
last-modified: Tue, 18 Aug 2020 22:07:08 GMT
server: nginx
etag: "5f3c510c-5b10"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 23312
x-xss-protection: 1; mode=block

GET
H2 200 bl2.jpg
cash-ads.com/img/ Frame 958B 21 KB
21 KB 85ms
84ms Image
image/jpeg 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/bl2.jpg

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

5db948f3fe7f47d55dec88104fbf589ee981b06ac1c8ca10240cb72b64c75ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
last-modified: Tue, 18 Aug 2020 22:06:58 GMT
server: nginx
etag: "5f3c5102-52f8"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 21240
x-xss-protection: 1; mode=block

GET
H2 200 exotic.jpg
cash-ads.com/img/ Frame 958B 22 KB
22 KB 85ms
84ms Image
image/jpeg 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/exotic.jpg

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

76b0d43943e2b255591fe9056463b1b042dd48f19fe5f175832ea8ab25a16b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
last-modified: Tue, 28 Jul 2020 00:39:08 GMT
server: nginx
etag: "5f1f73ac-568b"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 22155
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.5.1.min.js Show response
cash-ads.com/js/ Frame 958B 87 KB
35 KB 79ms
77ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/js/jquery-3.5.1.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 21:18:11 GMT
server: nginx
etag: W/"5f3c4593-15d84"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.js Show response
cash-ads.com/js/ Frame 958B 50 KB
17 KB 80ms
77ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/js/bootstrap.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f203aa11401db444669a0a833bc0da0324f6c6b59bb8291a0e50af290ae7ff42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:08 GMT
server: nginx
etag: W/"5f1f73ac-c761"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 stellar.js Show response
cash-ads.com/js/ Frame 958B 15 KB
5 KB 80ms
77ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/js/stellar.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f10d81cf033f1307687e7f0baff7924c4cdf81d8a5b2f4498e6b161c81fbcd11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:07 GMT
server: nginx
etag: W/"5f1f73ab-3a89"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 jquery.magnific-popup.min.js Show response
cash-ads.com/js/ Frame 958B 20 KB
8 KB 80ms
78ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/js/jquery.magnific-popup.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:07 GMT
server: nginx
etag: W/"5f1f73ab-4ef8"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 jquery.nice-select.min.js Show response
cash-ads.com/vendors/nice-select/js/ Frame 958B 3 KB
1 KB 80ms
78ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/nice-select/js/jquery.nice-select.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:24 GMT
server: nginx
etag: W/"5f1f73bc-b7e"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 imagesloaded.pkgd.min.js Show response
cash-ads.com/vendors/isotope/ Frame 958B 5 KB
2 KB 80ms
78ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/isotope/imagesloaded.pkgd.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

23bd7e5fac741d9a4b7cd4572ab0df7556b4dd610c67e3dfaa852d28812b4250

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:11 GMT
server: nginx
etag: W/"5f1f73af-151f"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 isotope-min.js Show response
cash-ads.com/vendors/isotope/ Frame 958B 34 KB
12 KB 81ms
79ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/isotope/isotope-min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

f1a854a222373f7e3caafa9b35e578c8a93d0e9deaacde15a46b683cb96e6de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:11 GMT
server: nginx
etag: W/"5f1f73af-8792"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 owl.carousel.min.js Show response
cash-ads.com/vendors/owl-carousel/ Frame 958B 42 KB
13 KB 81ms
79ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/owl-carousel/owl.carousel.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:13 GMT
server: nginx
etag: W/"5f1f73b1-a70e"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 jquery.ajaxchimp.min.js Show response
cash-ads.com/js/ Frame 958B 5 KB
1 KB 81ms
79ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/js/jquery.ajaxchimp.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:07 GMT
server: nginx
etag: W/"5f1f73ab-12d4"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 jquery.waypoints.min.js Show response
cash-ads.com/vendors/counter-up/ Frame 958B 9 KB
3 KB 83ms
81ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/counter-up/jquery.waypoints.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:11 GMT
server: nginx
etag: W/"5f1f73af-2344"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 jquery.counterup.min.js Show response
cash-ads.com/vendors/counter-up/ Frame 958B 2 KB
1 KB 83ms
82ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/vendors/counter-up/jquery.counterup.min.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

b8985337c167aa4e6e5296ffa6fd288e65bcd4e0da8f82439726f961f6f733da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:11 GMT
server: nginx
etag: W/"5f1f73af-886"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 theme.js Show response
cash-ads.com/js/ Frame 958B 14 KB
2 KB 84ms
82ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cash-ads.com/js/theme.js

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/?su=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

94257b41d24957c38a13ce97fcbd372865187cb45ae0ac1efa6d036b3089b8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/?su=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 00:39:07 GMT
server: nginx
etag: W/"5f1f73ab-3681"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 lazy-iwc.9b430e25.js Show response
static.arc.io/broker/js/ Frame 4A83 14 KB
5 KB 24ms
24ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GYEMKQPGE5ZWWQX
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: X25XNylBVcqLvXXmT7Zo+EC4edW0UfpEAFmDf3ZZG1AseatZE29txJKwJ+Vb2Y6nPs9132SOWA8=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 3836d8af8fa78e4e293c75a4e449359e
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 NyxkotqFWPYFmvFsfHmtgt
warden.arc.io/mailbox/nodes/ 0
0 354ms
115ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/NyxkotqFWPYFmvFsfHmtgt

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Jun 2022 12:50:13 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 vendors~widget-sc-client.js Show response
static.arc.io/widget/js/ 60 KB
17 KB 25ms
25ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: A1V3QKG77GTGE1AM
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:54:07
cdn-pullzone: 786569
x-amz-id-2: OiQW1fjmil+aJ0ruW07OcLhJN0AF/5EdBYCFb1UkLn6IJNGuhlZ7mBA6INXu7SPJmT9gBJzJSpk=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Mon, 16 May 2022 23:42:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fa12476f8ee3c92b8369e0c9d3b915f9"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: d8c33a6f62c14b541d1cea8fa9b545d7
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-sc-client.js Show response
static.arc.io/widget/js/ 3 KB
2 KB 28ms
27ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:12 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: A1V2ERF9GTN7DEET
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:54:07
cdn-pullzone: 786569
x-amz-id-2: EOr+o0Uq21d1Jpg+wQNz4OtoMJIL74XfWTkNEiZPgh5BW1iaIVt8tidY4tpZHAe2zH3QGgbhfOQ=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Mon, 16 May 2022 23:42:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"14884d9e881791d580471ec30f89f22a"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: dd7d7d3ca1201cf3412dfa864b99010f
cdn-requestcountrycode: FR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 958B 8 KB
1 KB 100ms
35ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rajdhani:600,700|Roboto:400,500,500i

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b523e9d74c4b8928dfaef98b677136e6f90c80618305048b65a731fbc51e71ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 12:50:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 12:50:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 12:50:13 GMT

GET
H2 200 home-banner.jpg
cash-ads.com/img/banner/ Frame 958B 30 KB
30 KB 26ms
26ms Image
image/jpeg 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/banner/home-banner.jpg

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

4cddf4a42500498e57184b9c8a22dd82c68278d31a3cce64803e8a66d625a80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:13 GMT
last-modified: Tue, 28 Jul 2020 00:39:15 GMT
server: nginx
etag: "5f1f73b3-779d"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 30621
x-xss-protection: 1; mode=block

GET
H2 200 recent_up_bg.jpg
cash-ads.com/img/ Frame 958B 28 KB
28 KB 27ms
27ms Image
image/jpeg 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cash-ads.com/img/recent_up_bg.jpg

Requested by

Host: cash-ads.com
URL: https://cash-ads.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

91b85b501f9dc0577e5ee3921e006c640bdc6877c2d80abd6a7d1bfcca9837e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cash-ads.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 12:50:13 GMT
last-modified: Tue, 28 Jul 2020 00:39:08 GMT
server: nginx
etag: "5f1f73ac-6e49"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 28233
x-xss-protection: 1; mode=block

GET
H2 200 LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ Frame 958B 15 KB
16 KB 88ms
28ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pa8FvOreec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:600,700|Roboto:400,500,500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cash-ads.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:35:53 GMT
x-content-type-options: nosniff
age: 234860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:41:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:35:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 958B 16 KB
16 KB 112ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:600,700|Roboto:400,500,500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cash-ads.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 431648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:56:05 GMT

GET
H2 200 LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ Frame 958B 15 KB
15 KB 121ms
62ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:600,700|Roboto:400,500,500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cash-ads.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:17:21 GMT
x-content-type-options: nosniff
age: 232372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:17:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 958B 15 KB
15 KB 94ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:600,700|Roboto:400,500,500i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cash-ads.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 409338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 19:07:55 GMT

POST
H2 200 batch
www.google-analytics.com/ 35 B
0 90ms
32ms Fetch
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/batch

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?94c5673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 12:50:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.1clic1don.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 statusReport
warden.arc.io/mailbox/ 0
0 113ms
112ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/statusReport

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Jun 2022 12:50:17 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tracker.arc.io
URL: https://tracker.arc.io/

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www2.redirectmaster.com/	1970-01-20 12:48:17	Name: u Value: a9b23b3e1ff866dd371b44a312c344c4
admoustache.go2affise.com/	1970-01-20 12:48:17	Name: afclick Value: 62b7048145d2470001877679
core.arc.io/	1970-01-20 12:48:17	Name: _immortal\|Arc_nodeId Value: NyxkotqFWPYFmvFsfHmtgt
.arc.io/	1970-01-25 02:32:38	Name: widgetOptState Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-06-25T12:50:12.005Z%22%2C%22dismissedAt%22:null}
.1clic1don.fr/	1970-01-20 04:02:43	Name: __cf_bm Value: 0FV4Bg2iFmLcQL6_taPgyy6FnpkIn4ZWt5mwrCuM5SA-1656161412-0-ASuaKn1TfpG3vC5ZxpoDL0q4cZxRa30ptGbsLdMQ8ix1OtmY4edBq0SBHiCkoZWeC7OHVTVtbLwq2T3FHkdKSyrcJDBtgTFfiOcAdMbY2rYwgFJ+j2bCjXxIRCWrOwUGlA==

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://g.cash-ads.com/banner/?code=F2krjq8k7qh5lRutMuJyaQ%3D%3D Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://g.cash-ads.com/banner/?code=F2krjq8k7qh5lRutMuJyaQ%3D%3D Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://g.cash-ads.com/banner/?code=F2krjq8k7qh5lRutMuJyaQ%3D%3D Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cpm.media/serve/ads.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cpm.media/serve/ads.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.1clic1don.fr/tagysh.php(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cpm.media/serve/ads.php?a=1053&b=300x250&random=8932780&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.1clic1don.fr/tagysh.php(Line 18) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cpm.media/serve/ads.php?a=1053&b=300x250&random=8932780&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.fortuna-island.com/img/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cpm.media/serve/ads.php?a=1053&b=728x90&random=44960755&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cpm.media/serve/ads.php?a=1053&b=728x90&random=44960755&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://admediatex.net/serve/ads.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://admediatex.net/serve/ads.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.1clic1don.fr/tagysh.php(Line 23) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://admediatex.net/serve/ads.php?a=3612&b=300x250&random=34343498&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.1clic1don.fr/tagysh.php(Line 23) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://admediatex.net/serve/ads.php?a=3612&b=300x250&random=34343498&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ie.ca
48.us.tealwinds.xyz
admediatex.net
admoustache.go2affise.com
arc.io
c.blyatflix.de
cash-ads.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
core.arc.io
cpm.media
de-c114.cdnplus.de
fonts.googleapis.com
fonts.gstatic.com
g.cash-ads.com
polo.thegadgetguru.club
redir.goldwinds.xyz
ref.cdnplus.de
static.arc.io
t3.goldensevenseas.net
thisis.aninter.net
tracker.arc.io
warden.arc.io
www.1clic1don.fr
www.fortuna-island.com
www.google-analytics.com
www.wewillserv.com
www2.redirectmaster.com
youtube.andm.tv
tracker.arc.io
13.224.103.94
138.199.37.226
142.93.240.225
162.0.217.76
162.19.154.224
18.223.141.84
23.235.251.114
2606:4700:3033::6815:834
2606:4700:3034::ac43:d71f
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:803::2003
2a00:1450:4001:809::200e
2a00:1450:4001:812::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
34.141.137.168
5.9.20.91
51.161.115.163
51.68.82.147
51.91.236.255
64.227.23.114
67.212.173.77
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
23bd7e5fac741d9a4b7cd4572ab0df7556b4dd610c67e3dfaa852d28812b4250
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2759e53d2cf137f2138bbb2981cfeebe1e2a2599977a99cf2818eed8434a7e92
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014
2ab7bb9c0e4bb66a7ca8b9ee21ff0d2c21347c5d12b108ce4ce3dcb3d8922771
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4cddf4a42500498e57184b9c8a22dd82c68278d31a3cce64803e8a66d625a80a
4e364d46c857fc194a0d1201655c761c25df1df0f26b5eda31a9ab0c727bcc51
4f91d3ae8ee8601ccc4be12c4039e3536bf0188b82742c48eed6b05fa2134e6c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5c2cb8af90ce1d231850a27d808f783d88402cb2f8dcede4f82dd84d290e3022
5db948f3fe7f47d55dec88104fbf589ee981b06ac1c8ca10240cb72b64c75ffe
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
6b1c5edf7ba782b249b9021b95d6aa7204018a6023fde2c8bb03374c632c007e
6b654abc4b8086719a33aeb67b126014c934563d6917234a68c56d39eb990fcc
701097612ed983380580b363ba25cbdfa83ed153bca36b709b7429853150efa1
7263081ff610cdc7c51a3e3e0c8b3b051addf546f2f22b6d18c87bde264fa191
755704919e14643c66ef365fe41d0e797ab434cb6ec5e3a1edd5882e40e64f48
75f10e19abe3a8a3cb43be13ceff36fa1b6f3b5b5905b09f5d94998e36d33850
76b0d43943e2b255591fe9056463b1b042dd48f19fe5f175832ea8ab25a16b60
7bd9a8f3775ca1df3425e0004c68eef405d2c3d75cf2d518c0aba52fa925e3bb
816f1b7cf77ac5ef80edc471e0bd022b54b3a1761a78db1d36183265727f5484
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
91b85b501f9dc0577e5ee3921e006c640bdc6877c2d80abd6a7d1bfcca9837e1
94257b41d24957c38a13ce97fcbd372865187cb45ae0ac1efa6d036b3089b8f2
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
aa28ed620285f770a7537eeb6aa1473bb5d80d5bfda55475d2efefe8e1606365
afcf6d6f4633177f7c25cc67071d767b4f0b83bc2d3439a86c757fb3504143f9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2cbc3a472cb47beaa472ef9445e776bb6f053b311318948d7ebbffda0e02bfc
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b523e9d74c4b8928dfaef98b677136e6f90c80618305048b65a731fbc51e71ff
b8985337c167aa4e6e5296ffa6fd288e65bcd4e0da8f82439726f961f6f733da
be736095364682a6fbdbc6d67810ddf153839e6f5452b18cc030f2bc4adb4f97
c26919015cf95d5a04c427c50c712e1d3332bb7ddc49a317e5c7132f81f8dd1a
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
dd989ee5bc29083f3fcd28068121d19244269f4b8a735f970ca08462a897ab17
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f10d81cf033f1307687e7f0baff7924c4cdf81d8a5b2f4498e6b161c81fbcd11
f1a854a222373f7e3caafa9b35e578c8a93d0e9deaacde15a46b683cb96e6de4
f203aa11401db444669a0a833bc0da0324f6c6b59bb8291a0e50af290ae7ff42
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b
f5c203b6416a054de195921e85165e4d66fd303ea8d20982a190fede7b673576
f66496f94413bc28139d25add9dde664debc876c3a7d41cad539bc5f16f78039
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f96bf06d27816ef7237fe7998dab7276e073559337e0f3e8a55514f7f1046307
f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

www.1clic1don.fr Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

39 %IPv6

23 Domains

29 Subdomains

17 IPs

5 Countries

998 kBTransfer

2700 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.1clic1don.fr Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

39 %
IPv6

23
Domains

29
Subdomains

17
IPs

5
Countries

998 kB
Transfer

2700 kB
Size

5
Cookies

83 HTTP transactions
8 data transactions