urlscan.io logo urlscan.io
SecurityTrails logo

promo.pixelsee.app Open in urlscan Pro
2606:4700:3034::6815:7a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vpnlist.site/aff_c?offer_id=644&aff_id=447&redirect=SurfsharkVPN
Effective URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da9...
Submission: On October 20 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 19 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3034::6815:7a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.pixelsee.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 15th 2023. Valid for: 3 months.
This is the only time promo.pixelsee.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 139.45.197.244 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
1 139.45.195.253 9002 (RETN-AS)
15 172.64.192.12 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
68 21
1    2606:4700:3034::ac43:9a4b (United States)

ASN13335 (CLOUDFLARENET, US)
vpnlist.site
1    2606:4700:3035::6815:26d0 (United States)

ASN13335 (CLOUDFLARENET, US)
vpop2.com
2    2606:4700:3031::ac43:8dd4 (United States)

ASN13335 (CLOUDFLARENET, US)
a.we-are-anon.com
2    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
peethach.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
15    172.64.192.12 (United States)

ASN13335 (CLOUDFLARENET, US)
wholewownews.com
15    2606:4700:3034::6815:7a1 (United States)

ASN13335 (CLOUDFLARENET, US)
promo.pixelsee.app
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 pixelsee.app
promo.pixelsee.app
66 KB
15 wholewownews.com
wholewownews.com
60 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
223 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
5 KB
4 gstatic.com
fonts.gstatic.com
59 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9763
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
160 KB
2 peethach.com
peethach.com
14 KB
2 we-are-anon.com
a.we-are-anon.com
7 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
602 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
999 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 28928
465 B
1 vpop2.com
vpop2.com
584 B
1 vpnlist.site
vpnlist.site
585 B
68 19
Domain Requested by
15 promo.pixelsee.app wholewownews.com
promo.pixelsee.app
15 wholewownews.com wholewownews.com
7 pagead2.googlesyndication.com promo.pixelsee.app
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 my.rtmark.net peethach.com
wholewownews.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net promo.pixelsee.app
connect.facebook.net
2 www.googletagmanager.com promo.pixelsee.app
www.googletagmanager.com
2 peethach.com 1 redirects a.we-are-anon.com
2 a.we-are-anon.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com promo.pixelsee.app
1 www.google.de promo.pixelsee.app
1 region1.analytics.google.com www.googletagmanager.com
1 fonts.googleapis.com promo.pixelsee.app
1 datatechone.com peethach.com
1 vpop2.com 1 redirects
1 vpnlist.site 1 redirects
68 22

This site contains links to these domains. Also see Links.

Domain
pixelsee.app
brightdata.com
Subject Issuer Validity Valid
we-are-anon.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
peethach.com
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
wholewownews.com
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
pixelsee.app
Cloudflare Inc ECC CA-3		 2023-09-15 -
2023-12-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-29 -
2023-10-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Frame ID: 1C959E462888F3BC99D143DDF5A97D2C
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 977AB109346EF76C13DCBCDCFD42CFA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=1178619241&lmt=1696319236&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ALL_09_10_2023%26sub2%3Dpropeller%26sub6%3D739255349403726064%26oaid%3D7da90a3a957c46a3ba105de49c7faaa7&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697815730439&bpp=3&bdt=480&idt=298&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1509152082899&frm=20&pv=2&ga_vid=966751722.1697815730&ga_sid=1697815731&ga_hid=59344881&ga_fc=1&u_tz=120&u_his=27&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802211%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44803793%2C44806140&oid=2&pvsid=1620741288389881&tmod=1132094363&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320
Frame ID: 67DCAE3EFBC1E72CE4AA87B2EB9029CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 713DF7A4452C0CAD6C589E18D5586DFF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E051DBB38E1C8709D3A33BEA002BE5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PIXELSEE | Your file ready to download

Page URL History Show full URLs

  1. https://vpnlist.site/aff_c?offer_id=644&aff_id=447&redirect=SurfsharkVPN HTTP 302
    https://vpop2.com/ HTTP 302
    https://a.we-are-anon.com/h/ Page URL
  2. https://a.we-are-anon.com/ HTTP 302
    https://peethach.com/4/6456002 Page URL
  3. https://peethach.com/?z=6456002&syncedCookie=true&rhd=false HTTP 302
    https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z... Page URL
  4. https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z... Page URL
  5. https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=73925534... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

68
Requests

99 %
HTTPS

82 %
IPv6

19
Domains

22
Subdomains

21
IPs

4
Countries

707 kB
Transfer

1913 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vpnlist.site/aff_c?offer_id=644&aff_id=447&redirect=SurfsharkVPN HTTP 302
    https://vpop2.com/ HTTP 302
    https://a.we-are-anon.com/h/ Page URL
  2. https://a.we-are-anon.com/ HTTP 302
    https://peethach.com/4/6456002 Page URL
  3. https://peethach.com/?z=6456002&syncedCookie=true&rhd=false HTTP 302
    https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
  4. https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL
  5. https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vpnlist.site/aff_c?offer_id=644&aff_id=447&redirect=SurfsharkVPN HTTP 302
  • https://vpop2.com/ HTTP 302
  • https://a.we-are-anon.com/h/
Request Chain 1
  • https://a.we-are-anon.com/ HTTP 302
  • https://peethach.com/4/6456002
Request Chain 4
  • https://peethach.com/?z=6456002&syncedCookie=true&rhd=false HTTP 302
  • https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
a.we-are-anon.com/h/
Redirect Chain
  • https://vpnlist.site/aff_c?offer_id=644&aff_id=447&redirect=SurfsharkVPN
  • https://vpop2.com/
  • https://a.we-are-anon.com/h/
11 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.we-are-anon.com/h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8dd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81924aec3f9865b7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 15:28:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4UagFFUdrp4jTsyYaITxxSYF48bGQX09skwPYJrH%2FWzmiSVVPnYxNGpqwQV48MHaQ4KgjrrfyojA7HNfZrBRtvH1O8CeBCFlIUdik%2FTd0hAiOt5WeLX2BPfGgd7a9%2Bf6wDsE3asHiEKvdW%2FXhRT%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81924ae99abbbb7a-FRA
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 15:28:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://a.we-are-anon.com/h/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJfw1ZWjHDcLtFJ6vskBgOWsuCsfck6fYm9nf4YdWHC1Ew8cGGH3d5Br84hoB5nx7M4inYPyiBzVTDTI%2F0Sxo3w5zrYUNxAZaIXAJd0p11cwWkpSCW2iAeQVKBjxZ4fzWcRug%2Bc%2B3KA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
6456002
peethach.com/4/
Redirect Chain
  • https://a.we-are-anon.com/
  • https://peethach.com/4/6456002
27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peethach.com/4/6456002
Requested by
Host: a.we-are-anon.com
URL: https://a.we-are-anon.com/h/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
67f460df8fdc06535fd7d8fb6fdcd0e2d7ddc37231e1f89366c0b3c6e4408518

Request headers

Referer
https://a.we-are-anon.com/h/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Fri, 20 Oct 2023 15:28:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
6cbcc60f419d83ce22072aa6b492384d

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81924aece86665b7-FRA
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 15:28:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://peethach.com/4/6456002
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuoWmkxPWheQtGFkJ7PDljZphRIMQmreB0vhmX7jPCM7EDZ%2B%2F3TWvT8%2F%2Fdk6LCo9xIGdVGPfFiYGrO8gU%2FSVjjevh5XqoOX7fLuQzV%2F8smUw2eYQfkyr138tBpsngkHpxQrLLWGOIo8dCMQ5kP5O5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=7da90a3a957c46a3ba105de49c7faaa7
Requested by
Host: peethach.com
URL: https://peethach.com/4/6456002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://peethach.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: peethach.com
URL: https://peethach.com/4/6456002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://peethach.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 20 Oct 2023 15:28:48 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://peethach.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
/
wholewownews.com/
Redirect Chain
  • https://peethach.com/?z=6456002&syncedCookie=true&rhd=false
  • https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
3feba242e14c98e53e9255d984369a053ebc5ccba27396f88666bdffcc395dd4

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://peethach.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81924af07943912a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 15:28:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Tz4FE9yjo1TRG%2BARQxd7R03wGxixmPpx47NLbgvyP5T44WvDiAdknwJyX5FrsJsCBJWevmAH9F41%2FtHSUODBHgF%2Fqhnt1T53iC%2B%2FhgjtCAH2slbi1Qs1yGh1JhCxzavdLxd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://peethach.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Fri, 20 Oct 2023 15:28:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://wholewownews.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
06e50fb999f4e9909b1633d0eb7dd774
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=108b6559410fbd73c95c7095c12143df
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89b651b2ecf2d370e9415dfd6c237180a805df1a46641d9dc1fbf4e311879cfc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wholewownews.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
wholewownews.com/pfe/current/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93080fe12a0fb8427615d7ccd30fd1938376f7ad2d093d74c741e1cc3b8be1e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 13:06:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"653129ed-68ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSt4iC0JeLv5LezVo3bDgPX03Z3ML7hnW2sk8SVeKMzt8dlDsiDWGSjjrJyeZ4Tj%2BVAjRiLHUcbBNJS7neK5bxcsB5nCfMhwa9AVIH6m2zxCjoUiP7aVEAvAz%2BjmITx0PF6r"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
81924af119ff912a-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

Content-Type
image/svg+xml
/
wholewownews.com/19/4662728/ 		0
0
/
wholewownews.com/ 		2 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VO9hMg4mcA6neIjQexoZt3WcLLjW%2FbSuyXyZOeVM2Iczv8vl6%2BCjhbMuTPILNvb5fnK1GPsu%2FZXtUQzlrnEp3vvSuYKjinPkiuq71HqbSdGz%2F37fylBnmjiJtQS36zSYeviU"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
81924af12a0e912a-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
wholewownews.com/sw-check-permissions/ 		0
950 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/sw-check-permissions/4662709?var=6456002&ymid=739255347667280014&uhd=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opcQTEqNHUQyHojaYYD51Lidif0jGJOfI468qtcMWpuJJLW9tRiuiC6b%2B%2Fi%2FoVjp0qGopvWfbKu0W5A%2B5nzz0rT5ZEnXPzZs6X1%2By7rVV4HkJg%2F%2Fl5tpY2x2%2BgIyR2VdDOpy"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
81924af17e1030f6-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
wholewownews.com/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholewownews.com&var=6456002&ymid=739255347667280014&var_3=&var_4=&dsig=&tg=1&action=prerequest
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

x-trace-id
be538ef0c660de36eaf01cb62ae79ea3
date
Fri, 20 Oct 2023 15:28:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2ld6n6gATVRKxhnLOp890wayrMr0y3hpgF3EJwX6BFHl5w9jAwNZ0pUhxNEIDGUqMZwJfgTeWE9R9RuSs1xkj%2F0QqiGKFUeoOKke9sPMkLTaY8H%2FATeboBglFNOjCJd8XI5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://wholewownews.com
access-control-allow-credentials
true
cf-ray
81924af17e1230f6-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=739255347667280014&var=6456002
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89b651b2ecf2d370e9415dfd6c237180a805df1a46641d9dc1fbf4e311879cfc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wholewownews.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
wholewownews.com/ 		798 B
979 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholewownews.com&var=6456002&ymid=739255347667280014&var_3=&var_4=&dsig=&tg=1&action=settings
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
20b4936706564b25efc302da70652747
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urZAmgqfPJhdPMUXo0CZk9xv0dcv0ybpzkbqiJnSaTFdknuC440OMqH9b%2BpuGJ5cwxSEA3VYEbyR8lsWekizZam8%2BdWnYvm5G9CoJWev6FFXLXI6pnsxQe7pI%2Fajjiuyvpyd"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
81924af18e2230f6-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
wholewownews.com/ 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
9b676481ac5ebf104ce2123fbcc131cbe5f825f693117c34436adc3e07814ebe

Request headers

Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81924af1ee9330f6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 15:28:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4x43ptjnIsyc9ZfKtUp8BODTdbMl%2F28wRpfxAFa%2FwbA9Bg4fd1Y19rAwg%2FnpftQaZ%2BM36bLr2EUb%2FS20ITfAdFB3eZ1aQ%2BR1z8KWkPy8N002hKrUE%2F2NkmPxZdYqE04jdH00"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
micro.tag.min.js
wholewownews.com/pfe/current/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93080fe12a0fb8427615d7ccd30fd1938376f7ad2d093d74c741e1cc3b8be1e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 13:06:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"653129ee-68ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Kbnal7GCGvwwxhPoHXGrMgw3ZHqoZnP11PP12WXJfahjxaJBQfyhlde4cVXcoUKvlAFC8EAHqfeoXz4M%2FGkC84aGt0UKFtZWcLbH9p8N%2FEyJkV6Vu6q2G9Io36bqMIo4URO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
81924af27f3a30f6-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

Content-Type
image/svg+xml
/
wholewownews.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/19/4662728/?abt_opts=1&var=6456002&var3=739255347667280014&ymid=&rhd=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9225bcd4df92734f5c712eb9bc239e0f178468f6d4b2be8220552feed6e7c5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
fd29c33cc3c48c5b52149ac86dc8c483
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh%2BdmVioWPxq8C2A0hQHMzIJt9HF00kodgMtbi9OaqhK8dfzF51swcFMHlQM2FEkq5iz1oY6zwA4Bk2drnY0bAEZcIuF%2B3UYvlIsHD6bb73Cci3SQ9BwI197MnAJcrIO%2BbdQ"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81924af27f3d30f6-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
wholewownews.com/ 		2 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYzQ8gvpGd0regCJl1mt%2FQMyRPEM7qoyuxmU9FL4dFefsQrQz7ZRKhO75A5bReqsk5D%2FHPa%2BMqKv4VKs037TCTU4RCIrsjwGi3iVfdGeo4jUsTXy8cNA5l4nSdozpFDOFN4x"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
81924af28f5530f6-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
wholewownews.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/rhd?rb=6eQ7jkleI-MxFSb-Z70jVN5TiB0BAN1dVIoLOivK172dJLaJZ6Uu9dbC98_NmFI80B5eQpmruk4Rnmy31GDZHWwCt6uWcdCj3YBxNdFR8EiAzEYaV6NqrsaXwgcZgXyJNYWQpWZ2ZhX1xWA5s2Ud6zT1JfAns3-POEj_fv9ePMFdczncElBRo85PYilUehGWfG9OUdRMHeqUfdrvoQuc_1OBUp8RAmrFBRltEk_t9ecG7s0NBqKpCxssF_1A2xcXhAItJhHCsyIgNSr8Myxjv6bWSuGAf-2QsHFy0LTZsbrBAV9SxL3RzkOn2rhV1bRr45aoK_jbe7VuprvxMLlfpvFRq1KbkC31Kb6ea4oGQsiLxukqIcpqLklpz8Rnc3TSu5QBdAjzyIkj_skTeOstSTm5Q2I4ztQSziKqqMznqHrTpSIYW6eUEexuVSOddTfHMGGlRvaRhfPrgWshyGEaBN7wTzXZdhz8yCLtUJIcrDFMfHorK-F8rtScqc2y3eRxtt7d8BtLHms%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fwholewownews.com%2F%3Fs%3D739255347667280014%26ssk%3D95a5bd20ddf18860f2d75efa0f0c4c2c%26svar%3D1697815728%26z%3D6456002%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Fwholewownews.com%2F%3Fs%3D739255347667280014%26ssk%3D95a5bd20ddf18860f2d75efa0f0c4c2c%26svar%3D1697815728%26z%3D6456002%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6456002&var3=739255347667280014&ymid=&rhd=1&m=link
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1f58f980f83001c0d43f5e73746fe177783b2657c329ed2232657da0f5593b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
761cbb4d165e2e21a61b79b99f229aaf
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8edBfz%2B6MnnPy%2BHUXZXEdGcsJAVB%2BvG%2FNXB0dikFmojxbgoh4rcmhW6l%2BZTGIhRwF9BAPgDMpcV0mlIZBK9TCfH2jSyAqEO62vTe7%2BPUa0hItCmJLWm7PPigK38LP0dvyOV"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81924af2cf9830f6-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
4662709
wholewownews.com/sw-check-permissions/ 		0
943 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/sw-check-permissions/4662709?var=6456002&ymid=739255347667280014&uhd=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpst31qOAHUY7%2FJ70jQV0F02cVUXpcFb5RoFAqzFIE2PbqGTbe5xMlWTZwdpoVmL0fg3Ka2UJxybzEvbm5QRFPBAWgiLeuQN92m0vYopNZ8YCaYGUwrmj7dy%2FmWeVmJlLUn7"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
81924af2dfb130f6-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
wholewownews.com/ 		0
487 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholewownews.com&var=6456002&ymid=739255347667280014&var_3=&var_4=&dsig=&tg=1&action=prerequest
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

x-trace-id
839f6a0cf3c70e2eb1cec0cdb87a2b69
date
Fri, 20 Oct 2023 15:28:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDa8ToSmwhuH9BAH9pisYXeyE6HcBrznnSNAOQXyxSWqXv3mJlmAAIwttp80TV1OsI3HU2MOSskGSACArCRSUXW2ISUxsB878HZvNafU1rXWgaWAIj4KvxJdlc%2B%2F8RkaM5Q7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://wholewownews.com
access-control-allow-credentials
true
cf-ray
81924af2dfb330f6-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=739255347667280014&var=6456002
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89b651b2ecf2d370e9415dfd6c237180a805df1a46641d9dc1fbf4e311879cfc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wholewownews.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
wholewownews.com/ 		798 B
978 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=wholewownews.com&var=6456002&ymid=739255347667280014&var_3=&var_4=&dsig=&tg=1&action=settings
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/pfe/current/micro.tag.min.js?z=4662709&ymid=739255347667280014&var=6456002&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c2c05d81956475bc175cc0a672fd4a11fd7d71d2dbba279243768751afad46b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
f7d5fcdebf42a0afe41eacf8de58a372
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG2Ucop8f1jCeRHCJaO6aP9qFIrCvw02Uv%2FnWT1SkiUd4GqV00Ytmf3bRy5MT5qdTo1TyUMTu2b9CASW5iAquxzc%2B7NoySdAMXA6go9lP7BMCGhbIkybx9WXLySzNTdXX0wO"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
81924af2dfc330f6-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
Primary Request /
promo.pixelsee.app/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697ea051a0fb7a3b2aa574c262e8e1bd35e79713c90934f9fbc3e37a82a99295

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81924af76b599060-FRA
content-encoding
br
content-type
text/html
date
Fri, 20 Oct 2023 15:28:49 GMT
last-modified
Tue, 03 Oct 2023 09:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxKb9kwPmu2v9z4sQKdrCXuW3Bls%2B8NiZRRrVQdXsCKP7hV30YWju%2FvZxnlX2zh%2BEY3PpikTpEoT8HWtip69SfdXl2%2Bo4DyOkpVJABCUo5fCMkAa382r8MZ6gxnwEN5J6mXpBXuA0AN23kL9YraHa9E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
tx44f62b713eb54fee847b5-0065329cb1
x-amz-request-id
tx44f62b713eb54fee847b5-0065329cb1
x-amz-version-id
1696326436522816
cat.php
wholewownews.com/ 		0
752 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://wholewownews.com/cat.php?userId=7da90a3a957c46a3ba105de49c7faaa7&zoneid=4662728&rb=6eQ7jkleI-MxFSb-Z70jVN5TiB0BAN1dVIoLOivK172dJLaJZ6Uu9dbC98_NmFI80B5eQpmruk4Rnmy31GDZHWwCt6uWcdCj3YBxNdFR8EiAzEYaV6NqrsaXwgcZgXyJNYWQpWZ2ZhX1xWA5s2Ud6zT1JfAns3-POEj_fv9ePMFdczncElBRo85PYilUehGWfG9OUdRMHeqUfdrvoQuc_1OBUp8RAmrFBRltEk_t9ecG7s0NBqKpCxssF_1A2xcXhAItJhHCsyIgNSr8Myxjv6bWSuGAf-2QsHFy0LTZsbrBAV9SxL3RzkOn2rhV1bRr45aoK_jbe7VuprvxMLlfpvFRq1KbkC31Kb6ea4oGQsiLxukqIcpqLklpz8Rnc3TSu5QBdAjzyIkj_skTeOstSTm5Q2I4ztQSziKqqMznqHrTpSIYW6eUEexuVSOddTfHMGGlRvaRhfPrgWshyGEaBN7wTzXZdhz8yCLtUJIcrDFMfHorK-F8rtScqc2y3eRxtt7d8BtLHms=&var=6456002&var3=739255347667280014&ymid=&rhd=1
Requested by
Host: wholewownews.com
URL: https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://wholewownews.com/?s=739255347667280014&ssk=95a5bd20ddf18860f2d75efa0f0c4c2c&svar=1697815728&z=6456002&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
ff16556e5772e4de9c5f44691ec69e32
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPVSxaPOJaq3tT3ZsqZnvFAxafYWIPKO9IddaRcz0XktmnL5Nd5FB4alJt%2Bw3m4U4X7FD5aD69YCphUQ8p2TtKSiErSwPfxl2xe46xG7q2A4ydy%2FfNSB7R6Xb2jCiybF8d05"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://wholewownews.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
81924af64bd030f6-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ 		7 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e3fb85f1280844ef0b5634e65b02c6b18d13d0abb54a201131d73e9635185b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Oct 2023 15:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 20 Oct 2023 15:28:50 GMT
style.min.css
promo.pixelsee.app/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.pixelsee.app/css/style.min.css?ver=1
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
x-amz-version-id
1696246148315616
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx55a3ffab215649c8afe9f-00651aab65
age
978
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tx55a3ffab215649c8afe9f-00651aab65
last-modified
Mon, 02 Oct 2023 11:29:08 GMT
server
cloudflare
etag
W/"583046cc62873e13de5979a19472fefb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e6QWI4uZFZiLoJc%2FuEZ3y0tapX2iwM58JFgKTk98HD2vew3RcOY5%2FBdPNW7fTBYJc6jPC1xOrgaRpoZ7Jj4U%2F7uoSR31uknxqdKJ7L6ms5d%2BlJTaafMSwRkauPtpkiCizKPj03wsOeVF3e79YOk3us%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81924af84c749060-FRA
baloon.min.css
promo.pixelsee.app/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.pixelsee.app/css/baloon.min.css?ver=1
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
x-amz-version-id
1696326435847788
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx03c3b8290255483e9faab-00651dfd29
age
2783
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tx03c3b8290255483e9faab-00651dfd29
last-modified
Tue, 03 Oct 2023 09:47:15 GMT
server
cloudflare
etag
W/"e38b048988db68478be49dda0683fa7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dQ%2FCboq4FbuXlQ6sejs%2B6LQKgHK5rAa8kG%2FesKn2DufxXNunVQVPUwF0za2keRo6qsERuEm1cInKzIeJXKs8LQNbhjP0xbd3IToBNmhsajqIPOZIXd8JfhLtEaIZiAWu7XlLuhbIQZN0HTkk5mjfGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81924af84c759060-FRA
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0e840284a6a9830ce5c43f03f0429f0e1b39d47b1e8c0b04d36f026e8812b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93701
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 20 Oct 2023 15:28:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17b34e331458389c6c626f11348592703dedbb898de44c08e4767f23c321a7a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.pixelsee.app/
Origin
https://promo.pixelsee.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51110
x-xss-protection
0
server
cafe
etag
14048883341175964939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=7200
timing-allow-origin
*
expires
Fri, 20 Oct 2023 15:28:50 GMT
logo.svg
promo.pixelsee.app/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/logo.svg
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1696326436465230
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txa7b4f3d1c74a42d385f6f-00651df0c4
age
776
alt-svc
h3=":443"; ma=86400
x-amz-id-2
txa7b4f3d1c74a42d385f6f-00651df0c4
last-modified
Tue, 03 Oct 2023 09:47:16 GMT
server
cloudflare
etag
W/"9bb77a42ae4c13b0a557d3496c62af46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9O6ctEICueA2cGd2dTEuMqgE1cAqiMKlWHKrNkpbx2LF5BfhSUeWrRBWnT1Pv4ZB9vALi3j6yvzmaBy7qhfTkfkhEjRiyFkwodRwrOIKab4ikBSE149D8Fl37lIQYzhV5kCgMgm3jHpEjyx%2BD%2BDXzck%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
81924afa2ef7372c-FRA
email-decode.min.js
promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652d1f47-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyXAD7pcjKTY0RA8PpHN3EkHZfzoVPi23yq%2BnQKuqljrmgNE0%2B6ER2Ap8Up0Zvk3umBgUC2KhTh3Lx388TbTPxS%2FL%2Bu5AXMg8NikeLCeluR1cFF3FODE9khN5gQK2hyVS49CSduJ21GH2Cr4GBqeCcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
81924af84c769060-FRA
expires
Sun, 22 Oct 2023 15:28:49 GMT
application.js
promo.pixelsee.app/js/ 		126 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.pixelsee.app/js/application.js?ver=3
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d51be1cf0594ab18897f60df474ad577451c87928a68e15392c105cec218b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:49 GMT
x-amz-version-id
1696247318581198
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txe6c44ddf0225483983841-00651aae3d
age
957
alt-svc
h3=":443"; ma=86400
x-amz-id-2
txe6c44ddf0225483983841-00651aae3d
last-modified
Mon, 02 Oct 2023 11:48:38 GMT
server
cloudflare
etag
W/"5a7b051a55bdca147ddc04e8ae0070f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDbF3KUY2i3ewoeQuSTPtEZ5pBDWcfkFNwklQilmAYbJ457uQHolDwlAL3st9Kzp1RRbCg5aReziGAW%2BqTiIZcuBiA%2Bo1hK90%2FN3LDPubK4FP3IIWLWPlGSZvzIPA8F0nwA61j8sJtKjcLJNmWNt%2BP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81924af84c779060-FRA
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Oct 2023 15:28:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
BLBHcxhZPpw+ILhH10UaMAEQgOPoNXxXwK1YcVyDwDieIAdt2oeP5T3C51izO2ZG4lRN3m53suxiWG7604g1/A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sprite.svg
promo.pixelsee.app/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://promo.pixelsee.app/images/sprite.svg
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1694514662702053
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx6c45e410b1e8422b843fc-00651151ca
age
2769
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tx6c45e410b1e8422b843fc-00651151ca
last-modified
Tue, 12 Sep 2023 10:31:02 GMT
server
cloudflare
etag
W/"4e5148bc1a0851551c8ada00c5701ed8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxNJIw%2FQdzMmg77GqeoVWAHIr%2BSYVFy0cyJL7uyDlu74Ri8TLRcSXFr0rsnxKQzPUuHMHlM5anaX5tQhbiLC9AFs5%2BfykTNzo0VmhJUu7xktO1Hmfc%2F9meGrXnyPFasFOHczne0G1ORWXNWJ7XHUGGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
81924afa2ef9372c-FRA
truncated
/ 		288 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

Content-Type
image/svg+xml
icon-play.svg
promo.pixelsee.app/images/icons/ 		231 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/icons/icon-play.svg
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1694514662396627
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx1c7d510aac5246818f1b8-006518d672
age
992
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tx1c7d510aac5246818f1b8-006518d672
last-modified
Tue, 12 Sep 2023 10:31:02 GMT
server
cloudflare
etag
W/"9fa059b1263d655c92304062c10cc3ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrSIiJdm8rZZ0U4aMhIYvxCNyLSxoea15d%2FAiuuqgbQE%2BHelzxoRoTlPz01jPTukSKtsu75Kw%2FN39zZe7HSxDiyyVEJeGaPVtuIElPVo0EshS7RA34Hwbel5jvug3u3KlT%2FrupNyEgxQpXTd%2FoQdmec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
81924afa4f17372c-FRA
tv.png
promo.pixelsee.app/images/load/ 		476 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/load/tv.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1696326436420456
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx3f410161f3694e4a8071e-00651e0809
age
1008
alt-svc
h3=":443"; ma=86400
content-length
476
x-amz-id-2
tx3f410161f3694e4a8071e-00651e0809
last-modified
Tue, 03 Oct 2023 09:47:16 GMT
server
cloudflare
etag
"03be608276b4b9c8d314812f18a9feed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=675dDVEV0E57t2U8CS8k9hlhHFAUJ77w%2FrcdgJIpMZxI0QDPqWqj6zmzfv%2FKtlS24dq14X2GpSY65aJckQ98vYvz8GWTC8UcBtm4wBSVLLCEFYdN1Ipkf9V%2B85eU1XudOajKEgmI6cWshE3yWwL2gIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f1b372c-FRA
playlist.png
promo.pixelsee.app/images/load/ 		215 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/load/playlist.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1694514662208915
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx848a1ed6539c424398a59-0065129280
age
357
alt-svc
h3=":443"; ma=86400
content-length
215
x-amz-id-2
tx848a1ed6539c424398a59-0065129280
last-modified
Tue, 12 Sep 2023 10:31:02 GMT
server
cloudflare
etag
"38868742975def4cf1abe3c2034c968e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMzfQwePT0Ta%2BYcF%2FNZtXsBwfTaZYILTlV5HRD3Usm6XwPUepCHCVQTTOfpZ7EwU3F84fDbdGY2BeOMrAzLZHp5L5%2F5CXDDy3%2FGKGJlGpsgDRp0Q1otrslz%2BHtC5tFz6hh%2B6MBPJ17TnL7%2Bmdyjxbmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f1d372c-FRA
pause.png
promo.pixelsee.app/images/load/ 		552 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/load/pause.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1694514661973689
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txfa675513bbdf427a825bc-0065164131
age
992
alt-svc
h3=":443"; ma=86400
content-length
552
x-amz-id-2
txfa675513bbdf427a825bc-0065164131
last-modified
Tue, 12 Sep 2023 10:31:01 GMT
server
cloudflare
etag
"7f147decd06cd1ab5a8f539d55ceffe6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2D6oGv1SUw88RBa%2Bori733Wo3ecUDCNvX7QkBw3lTua56%2FigGBDjOu0TSQWIb43kTz%2Fuszh%2Bx6PQyXyF9kqJRuqeRl59Iy%2BPqFW0ivrU5bY10QojgJDpCI90Qw31YAP0Rwtt4kEL%2BMX2IsgsraUfWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f1e372c-FRA
subtitles.png
promo.pixelsee.app/images/load/ 		193 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/load/subtitles.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1694514662596062
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx90328feca8754696a4489-0065129280
age
357
alt-svc
h3=":443"; ma=86400
content-length
193
x-amz-id-2
tx90328feca8754696a4489-0065129280
last-modified
Tue, 12 Sep 2023 10:31:02 GMT
server
cloudflare
etag
"a47325f449f3eb00d2f47d61f39eb065"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAvZb0sov1nzhZInrcJIKMC0lwyZ5zt0NtbP8Jof4S4OaRoJDFEDyPdvd8Dgh1grXPr3A3p2C5y%2B3Vjl5nxb57NqDXHCp380PRPnAfXh4kxdTaECmgMgT%2BOA4%2BMhsRm4pwo7YbhlufxsgEoy9ht0O3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f20372c-FRA
windows.png
promo.pixelsee.app/images/load/ 		214 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/load/windows.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1696326436444756
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx88cb59cd72bd4c2b85731-00651cef91
age
992
alt-svc
h3=":443"; ma=86400
content-length
214
x-amz-id-2
tx88cb59cd72bd4c2b85731-00651cef91
last-modified
Tue, 03 Oct 2023 09:47:16 GMT
server
cloudflare
etag
"1982b726d7da6c46b504c6d859edb218"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDgVbIGL1XSIFYq8g2iDfodG61euysQuj9gPMWz%2B%2BLe2RDY0jXCdiduyUvUVUgv55C5jL2Uu88afMN5ZGI9VFs4xvvOlAc%2FbBD7wJ9i%2BsFtB4UfjI9o9a55fEdbJHRxSHgOFEsLgN8tBR2vYE0gzYrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f21372c-FRA
play.png
promo.pixelsee.app/images/load/ 		411 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/load/play.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1696326436197112
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txfc8e2bea2a09410b819da-00651f62bb
age
1033
alt-svc
h3=":443"; ma=86400
content-length
411
x-amz-id-2
txfc8e2bea2a09410b819da-00651f62bb
last-modified
Tue, 03 Oct 2023 09:47:16 GMT
server
cloudflare
etag
"152bad15fdcef8e2dc4248fd58794e7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8ffFw2lcFWv5LVDxg9%2BscT4JCTbA%2FRZRrVzIuBCYy%2B%2BkSsdL4bxCOfZB%2F%2FDZEJ%2FEK6MnJ0UDcTm51YVdhbq2bk6qsmDhIsE0sOQUxiMcJDbTytZs%2FT9qnl6LdZeOBiYUKeiSQQWHvTi7dFKODmTnSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f22372c-FRA
footer-decor.png
promo.pixelsee.app/images/footer/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.pixelsee.app/images/footer/footer-decor.png
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
x-amz-version-id
1696326435880693
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txe19959f346b54eb48277f-00651e2d1e
age
357
alt-svc
h3=":443"; ma=86400
content-length
3474
x-amz-id-2
txe19959f346b54eb48277f-00651e2d1e
last-modified
Tue, 03 Oct 2023 09:47:15 GMT
server
cloudflare
etag
"af15b8bc22a4d8aa6166d1f8e1ff4c67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKI2wpFDu1bGmk08BH3KA%2Fd5lF4c9x0fMYW9v12%2BmErJ7xZRCFD4q%2BKvFiRS%2F5UdNYQmFA5E61U0SZxzw2lDdTOUFnDyq7%2Fh9jcuAPiqb5rjb4HE4JDN1axwpU9Xrfv4yv5I3xDrh%2BLj4LB9tDja6zA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81924afa4f23372c-FRA
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.pixelsee.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Thu, 19 Oct 2023 18:20:40 GMT
x-content-type-options
nosniff
age
76090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:20:40 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.pixelsee.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Thu, 19 Oct 2023 18:21:13 GMT
x-content-type-options
nosniff
age
76057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15240
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:45:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:21:13 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52de70853ed4bac82f0c4cc5d6c7da8d588de61d97e8c30b99e40eefcde5a44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.pixelsee.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Thu, 19 Oct 2023 18:56:50 GMT
x-content-type-options
nosniff
age
73920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15100
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:45:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:56:50 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvC73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvC73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d39f49d4cdbed981f59d7c21ce058f68777b7b25f6d60e2f07a0ad1d8b68ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.pixelsee.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Thu, 19 Oct 2023 19:12:53 GMT
x-content-type-options
nosniff
age
72957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14504
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 19:12:53 GMT
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TKL2XXV026&gtm=45je3ai0&_p=59344881&_gaz=1&cid=966751722.1697815730&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697815730&sct=1&seg=0&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ALL_09_10_2023%26sub2%3Dpropeller%26sub6%3D739255349403726064%26oaid%3D7da90a3a957c46a3ba105de49c7faaa7&dt=PIXELSEE%20%7C%20Your%20file%20ready%20to%20download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.pixelsee.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TKL2XXV026&cid=966751722.1697815730&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.pixelsee.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efee2089d73d9701aed751a92626a48c538930fd4707a70dcf1d423d2323fa3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69346
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 20 Oct 2023 15:28:50 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TKL2XXV026&cid=966751722.1697815730&gtm=45je3ai0&aip=1&z=1219267557
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
787001845751676
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/787001845751676?v=2.9.135&r=stable&domain=promo.pixelsee.app
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9acb807e26fe6cdfc2bd347d67d732d73079cf1779041b3de8bfab96e8f347
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Oct 2023 15:28:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35474
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
pZOz4hoXWEr3hrljBZzY+m4wyH+UeUs+FnIvsQWsiZWV5ui0Kq4Pidi78TAUOUuHEBk4EnQQr9igGMErFE8UGQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb9c466ee7da0ea80c7ab6dd259537a262979d8f80c02005717742fe1d5d991f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137107
x-xss-protection
0
server
cafe
etag
4046686857136659510
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 15:28:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 977A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.pixelsee.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

age
9155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Fri, 03 Nov 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Oct 2023 13:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5837
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 20 Oct 2023 15:51:33 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=787001845751676&ev=PageView&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ALL_09_10_2023%26sub2%3Dpropeller%26sub6%3D739255349403726064%26oaid%3D7da90a3a957c46a3ba105de49c7faaa7&rl=&if=false&ts=1697815730485&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1697815730484.1479925748&ler=empty&it=1697815730400&coo=false&rqm=GET
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Oct 2023 15:28:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=59344881&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ALL_09_10_2023%26sub2%3Dpropeller%26sub6%3D739255349403726064%26oaid%3D7da90a3a957c46a3ba105de49c7faaa7&ul=en-us&de=UTF-8&dt=PIXELSEE%20%7C%20Your%20file%20ready%20to%20download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=123884863&gjid=1118283786&cid=966751722.1697815730&tid=UA-229973687-1&_gid=1321005575.1697815731&_r=1&gtm=457e3ai0&jsscut=1&z=902974365
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.pixelsee.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.pixelsee.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-229973687-1&cid=966751722.1697815730&jid=123884863&gjid=1118283786&_gid=1321005575.1697815731&_u=YADAAUAAAAAAACAAI~&z=1760306010
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.pixelsee.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 20 Oct 2023 15:28:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.pixelsee.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=promo.pixelsee.app&callback=_gfp_s_&client=ca-pub-5826337412698082
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b843128812f69c382936d99ee7bdcbea1e4f323b280453f1e45a5434d0774dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 67DC 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=1178619241&lmt=1696319236&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ALL_09_10_2023%26sub2%3Dpropeller%26sub6%3D739255349403726064%26oaid%3D7da90a3a957c46a3ba105de49c7faaa7&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697815730439&bpp=3&bdt=480&idt=298&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1509152082899&frm=20&pv=2&ga_vid=966751722.1697815730&ga_sid=1697815731&ga_hid=59344881&ga_fc=1&u_tz=120&u_his=27&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802211%2C44805112%2C44805533%2C44805680%2C44805918%2C44805934%2C31078301%2C44803793%2C44806140&oid=2&pvsid=1620741288389881&tmod=1132094363&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.pixelsee.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 15:28:51 GMT
expires
Fri, 20 Oct 2023 15:28:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_09_10_2023&sub2=propeller&sub6=739255349403726064&oaid=7da90a3a957c46a3ba105de49c7faaa7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 15:28:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aa379216b77390a29dedbb12f5174b0c3ed211c132230dcd2bd1ae922fda44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12568
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Oct 2023 15:28:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 713D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.pixelsee.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 14:34:45 GMT
expires
Sat, 19 Oct 2024 14:34:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9E05 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
302b975786cc903e18f7d4685472566a1c54e0c93321feed0a277f4acb87ace9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LUukflktaYBC8sk9IncRNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.pixelsee.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LUukflktaYBC8sk9IncRNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 15:28:51 GMT
expires
Fri, 20 Oct 2023 15:28:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 713D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Thu, 19 Oct 2023 22:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
62831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 22:01:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1620741288389881&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers
generate_204
tpc.googlesyndication.com/ Frame 713D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?08Jxsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

date
Fri, 20 Oct 2023 15:28:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1620741288389881&bg=!JySlJGvNAAbFpEfJ5aQ7ADQBe5WfOAKhTfefZZyL8aHSB6C6hXeEfmMosxeK_BQFQZFsqeggXwPDVtjjXs09ZSze2RvuAgAAADtSAAAAC2gBB5kCv5uSuSXp-hfzAu8Kf_VANFxCrw-5k6NgOkWlpU31C2aoI7G2xTnSPitTlenUB84hWuYLiPFxTNVYLMSrfHCsrGLo87-QvlA6jhzgIYEusY_5VEizHR7GqwbTRWWblpf2bjg1txPOGrZ1lQ3CooXISUFBoUzkedVoS-zz5ucNHdY4kp1ScarltD9zRTSkm9UO1ITLcuLhSH-tj8VRkVMMxWwdZdR8ZLMqTRSz3UzbN6yhx33RO-crHbE6SQvC9BlL_SL_0cFt0ARcYUVrRmxHkdgB_gBVo8uAPVdu_3_hpkSB__n5DxKRPMG_oOXWx4lXWwXIbQtMOjihN7U47zFuv0oob--1th1E3k0xcn9wvEv8cFH3033Sy2a7u0nsSU3HUNTCaXmvi3zz7H2gwjIyNVsOa7jWM3r2jfquf2wQR3uKTWFr1sNQxACcI-IQnt6-jMNCnOSEVBQLTckA9xro-IxKGQv_ZdMAlphfL_5c2nSV8eOULCIlhcQrjgGZZoQ0o4G3GDxhdoRlSzXhsxNbvIhLiFyaZVv8snZWBHkrl53Y3HLrXj05PwKWfSaYs5fy2DzLBwrhEjI35BZ4GUDty_Qgd7mH5vK5adlfFAxFVbPkTYzcRu-Gtbvk0L82l7IV6XwfHij6HFDFtxLyj7c9oYTTaA4vm64C5l4f60T8UVY4bQcqWqHrHlTzygka0M1m4WwWDuQolIXSUF79EDIMHU3h1l-uKCkajkPAvndxvnSqQUdzX73dYIfjzTlMl0S4c4kwI9Cf329hWgUpCv8XGZC_daB3APOzTLOyptAvz83B7h1MdiZPxL6Klwqr9xavnViaLaXqHaUJc4MAXQiFHvpp7g3i3imlbWxctVjMJHvItzUekO-5lEeh8OP0e2G5Z_UgWzvCX8vKkQA5SGm-3q829CC6168Fj2TwPsUwBC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.pixelsee.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36 OPR/77.0.4054.277

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wholewownews.com
URL
https://wholewownews.com/19/4662728/?abt_opts=1&var=6456002&var3=739255347667280014&ymid=&rhd=1

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| fbq function| _fbq object| lndng function| Detector function| indexOf function| Bubble function| Overlay function| Landing function| GetLanding function| boundMethodCheck function| GetLanding1 function| $ function| jQuery object| jQuery1124008461676378205296 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

23 Cookies

Domain/Path Name / Value
vpnlist.site/ Name: view
Value: 1
vpnlist.site/ Name: PHPSESSID
Value: c62k089cfvhcu0fefs7flmdi5o
vpop2.com/ Name: view
Value: 1
vpop2.com/ Name: PHPSESSID
Value: f8tv2de66or856nakuhd0vlkrs
a.we-are-anon.com/ Name: PHPSESSID
Value: ln4jb213ndconmhpsihru6mq31
a.we-are-anon.com/ Name: view
Value: 1
peethach.com/ Name: OAID
Value: 7da90a3a957c46a3ba105de49c7faaa7
peethach.com/ Name: oaidts
Value: 1697815728
my.rtmark.net/ Name: ID
Value: 7da90a3a957c46a3ba105de49c7faaa7
peethach.com/ Name: syncedCookie
Value: true
wholewownews.com/ Name: oaidts
Value: 1697815728
wholewownews.com/ Name: OAID
Value: 7da90a3a957c46a3ba105de49c7faaa7
wholewownews.com/ Name: syncedCookie
Value: true
wholewownews.com/ Name: reverse
Value: NOhsAxBCKEqzl39sndAgOAszsWfI-Ox_4uXQVaRrXIQ
wholewownews.com/ Name: prefetchAd_4662728
Value: true
.pixelsee.app/ Name: _ga_TKL2XXV026
Value: GS1.1.1697815730.1.0.1697815730.60.0.0
.pixelsee.app/ Name: _fbp
Value: fb.1.1697815730484.1479925748
.pixelsee.app/ Name: _ga
Value: GA1.2.966751722.1697815730
.pixelsee.app/ Name: _gid
Value: GA1.2.1321005575.1697815731
.pixelsee.app/ Name: _gat_gtag_UA_229973687_1
Value: 1
.pixelsee.app/ Name: __gads
Value: ID=0a882331b90f8d00-22369586fce2009c:T=1697815730:RT=1697815730:S=ALNI_Mb2n9Fq-bOAG_8Gq4PEn47T3vBLcw
.pixelsee.app/ Name: __gpi
Value: UID=00000d9b39757154:T=1697815730:RT=1697815730:S=ALNI_MYCgBe3IjsuJr6eCCf-62rbWRnCAw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.we-are-anon.com
connect.facebook.net
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
peethach.com
promo.pixelsee.app
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vpnlist.site
vpop2.com
wholewownews.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
wholewownews.com
139.45.195.253
139.45.195.8
139.45.197.244
172.64.192.12
2001:4860:4802:32::36
2606:4700:3031::ac43:8dd4
2606:4700:3034::6815:7a1
2606:4700:3034::ac43:9a4b
2606:4700:3035::6815:26d0
2a00:1450:4001:806::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
09d39f49d4cdbed981f59d7c21ce058f68777b7b25f6d60e2f07a0ad1d8b68ac
0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
17b34e331458389c6c626f11348592703dedbb898de44c08e4767f23c321a7a4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897
2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c
302b975786cc903e18f7d4685472566a1c54e0c93321feed0a277f4acb87ace9
3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558
3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7
3feba242e14c98e53e9255d984369a053ebc5ccba27396f88666bdffcc395dd4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169
49aa379216b77390a29dedbb12f5174b0c3ed211c132230dcd2bd1ae922fda44
4a9acb807e26fe6cdfc2bd347d67d732d73079cf1779041b3de8bfab96e8f347
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5a9225bcd4df92734f5c712eb9bc239e0f178468f6d4b2be8220552feed6e7c5
5c1f58f980f83001c0d43f5e73746fe177783b2657c329ed2232657da0f5593b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67f460df8fdc06535fd7d8fb6fdcd0e2d7ddc37231e1f89366c0b3c6e4408518
697ea051a0fb7a3b2aa574c262e8e1bd35e79713c90934f9fbc3e37a82a99295
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e3fb85f1280844ef0b5634e65b02c6b18d13d0abb54a201131d73e9635185b5
8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9
89b651b2ecf2d370e9415dfd6c237180a805df1a46641d9dc1fbf4e311879cfc
8b843128812f69c382936d99ee7bdcbea1e4f323b280453f1e45a5434d0774dc
93080fe12a0fb8427615d7ccd30fd1938376f7ad2d093d74c741e1cc3b8be1e8
9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b
9b676481ac5ebf104ce2123fbcc131cbe5f825f693117c34436adc3e07814ebe
9c2c05d81956475bc175cc0a672fd4a11fd7d71d2dbba279243768751afad46b
9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
b52de70853ed4bac82f0c4cc5d6c7da8d588de61d97e8c30b99e40eefcde5a44
b9d51be1cf0594ab18897f60df474ad577451c87928a68e15392c105cec218b3
c0e840284a6a9830ce5c43f03f0429f0e1b39d47b1e8c0b04d36f026e8812b40
cb9c466ee7da0ea80c7ab6dd259537a262979d8f80c02005717742fe1d5d991f
cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f
d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b
d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efee2089d73d9701aed751a92626a48c538930fd4707a70dcf1d423d2323fa3d