crypto-fire.website Open in urlscan Pro
2a00:f940:2:4:2::2a6b  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://crypto-fire.website/?r=mars2000 HTTP 302
   https://crypto-fire.website/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://traffic-buchen.de/view.php HTTP 302
• https://www.jefffm.de/

Request Chain 41

• https://listen.openstream.co/6623/audio HTTP 302
• https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D

Request Chain 55

• https://traffic-buchen.de/view.php HTTP 302
• https://www.jefffm.de/

Request Chain 56

• https://listen.openstream.co/5228/audio HTTP 302
• https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Electronic%22%2C%22Schlager%22%2C%22Explicit%22%5D

Request Chain 69

• https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
• https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=3936de46-35a3-4987-ae21-40a8ea02d5bb HTTP 302
• https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=reklamstore&expires=10&bsw_param=3936de46-35a3-4987-ae21-40a8ea02d5bb HTTP 302
• https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1

Request Chain 85

• https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c HTTP 301
• https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/

Request Chain 99

• https://adx.adform.net/adx/?rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__FybfcIDGrQkWQ7u1GBqz HTTP 302
• https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__FybfcIDGrQkWQ7u1GBqz

Request Chain 103

• https://adx.adform.net/adx/?rp=4&bWlkPTExNDMxMTk%3D&callback=adf__1rQR7DOPGLAwKpRNKZsv HTTP 302
• https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTExNDMxMTk%3D&callback=adf__1rQR7DOPGLAwKpRNKZsv

Request Chain 115

• https://traffic-buchen.de/view.php HTTP 302
• https://jefffm.de/

Request Chain 116

• https://listen.openstream.co/6623/audio HTTP 302
• https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D

Request Chain 124

• https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
• https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=3936de46-35a3-4987-ae21-40a8ea02d5bb HTTP 302
• https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=3936de46-35a3-4987-ae21-40a8ea02d5bb HTTP 302
• https://x.bidswitch.net/sync?dsp_id=4&user_id=70f8a110-99fc-4ac3-82ef-9cb935ce3c9a&ssp=reklamstore&expires=30&user_group=5&bsw_param=3936de46-35a3-4987-ae21-40a8ea02d5bb HTTP 302
• https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1

Request Chain 128

• https://www.werbeflut.net/kamp/ziel.php?uid=1403&bid=4773243&sid=1521 HTTP 302
• https://www.ab-webservice.de/ads/index.php

Request Chain 184

• https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
• https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=44bM08SXVgRobMzbXnzwYKHb&ssp=reklamstore HTTP 302
• https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1

Request Chain 191

• https://listen.openstream.co/6172/audio HTTP 302
• https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D

Request Chain 208

• https://listen.openstream.co/6623/audio HTTP 302
• https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D

Request Chain 219

• https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=0&topUrl=crypto-fire.website&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=KURGh3xwUlJwcmtDM2dZNU5PS0Ywcng5bTV2cFpqQ3c4NlJYdmtHMVJMTmR0MlB6ZG5GbFRhcFQxMGZuWEFjYzFOMytlMVptZHdUVDc0ckVlRzZpMDhSdXlpVGRNMUpRRXhzVm9tZnVFKzYvUWdxR0dLOENIWEkzZjh5YW1uNkxUcEUxSHZSZG1QRkdzRnQ1VkhuZ21kaFFFRzdIVTFKdnFxNGNHM0VWeDZmS0JxWG5ZY0l2RFljNmdSU0U4RlgwaWNDZFhWUWVCS04yMDZlWk4xbWI2QW5rY0hoZVFET0pUQmpLYnB5ZzZET0ZRN2JPeDdQYVVSZ3A3N1BjUFJWTllKWGQ0YlYvcUhwdGFJWlFaTWVnN05uVk5CN2ZZSmhCeTVYWDB5T2hrMjJoY1VIWDI3ZGxrMmVnOFg5eG9IRnd0a3lsS3w&cppv=2

Request Chain 221

• https://listen.openstream.co/6172/audio HTTP 302
• https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D

Request Chain 231

• https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=2&topUrl=crypto-fire.website&bundle=npgSFV9oWHlDMTlhZ2p3Q051QTcwUkpPMWFJUDJJVHpLQmw5WnNBempDVnZnTmNQYmF1VzRQdFNDMG5tNHlLTjVvUHRhcDR5NlJGSnVObXZQU0c4QWhiNG9OVEZ3OG0xU3E1eHdNajI5dXlWUUhGeklFJTJCVmg2ZGVFMzdCVWZuTjdjbjN6M3hIciUyRjhBMEhxM2g5QmxDS3BLbzZ3N1kwREhOc2xBalNLNnZsUXpxbTA4JTNE&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=f-cWgHx4T0YrUHNubzI1cTJob25IbkJZL01wSjlGWjdFRUJZWnQwekxVdzJrQTQzUHc5ZnpIajNieURTdXpoU0htRnR2UHNxb1ZzZkRYRWRER1NQazN6eEZmZ2Zya1IvZ3IycWNqN2NoeWx0SjNuN2JJNEhYeWZRaFk0dVdDY0NUZUpSeVNpR2RzaHM4R0lMYTBWejJHOXBUWUxIdXo3SUhaaDkyaUF2RzFHS0ZnNVBVb25ZV043NGlpU0VnT0xtOTl4N2hmL3M1UExiNlpGS1VYSEVpYVUwMmN6bmNRRXBYeGExQ2k3cG5EdGRPSE51SUU4Skd3Nng3a1pHNlhtOWYyTk9XbXA3V0VPSkVoNW9EaUpwU21wNGxzbEJjOEZMOHlRL1J2ZU0zR1d1OFNTYkh6Tyt1S3YycUttQlc5bmRzUGdvcXw&cppv=2

Request Chain 234

• https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=2&topUrl=crypto-fire.website&bundle=FoEL_19oWHlDMTlhZ2p3Q051QTcwUkpPMWFCVXRHVnBRNmVwREolMkZrQ3pzbVZIRk95ZmROR1ZCRDJoYWlCbEIxWGVEY0VwTzhhYzlxUUtnbjQwSmtSdElYN3FvS1NMUHElMkJ3NXAxTVp6T2ZBNiUyRklEWm1wNUVQVjFrejA4RTlxU3BEJTJCWFNkWTN5bzY2SVJibkpoeVltaDRhZ3U1c2NUNENNWW4zVzc0bERKN1RzMkg3ayUzRA&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=kl3ZgHxXUkI1b1hVcGVjOUQwSlBmZDlydER3di91eG5tOCttK1RtN1VaTWRLUng5SWxSU3lHK2FRdk1sOFI2MVRWRFJRUFVvZ2NjWnY2M3UwdHMzZVptdm9KY3piYTI5WW1RRU9sbXJqS1BIM0V1bFpvZG9xbUhwRUJLeHp2R1o2MDNVcDl6dTVKQlJPS0JJMWR2bnk5aEs5b1BrUFI0Sk5sVy8wWjdQQys0MXZNamdUN3h6QktUR2J2R0RxaFNzdzd2cURFZThwL2l4WmJ4ZjNJQ0xDbzNncysvYTkzdHRYV3JVVW5nQ05oUlpIS2Z2L2R5eTNSbzFLNWt0VlUycEI4SndMZXRLZXNGRGJmRVVLMmNHUVE3S2U0TkR1T25uQlNHbHM1Y21NdWtNcXNITG5QNDdyeUJRVUpiT1pLMW16VVhWU3w&cppv=2

Request Chain 259

• https://traffic-buchen.de/view.php HTTP 302
• https://www.jefffm.de/

Request Chain 260

• https://listen.openstream.co/6623/audio HTTP 302
• https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277510%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D

Request Chain 287

• https://listen.openstream.co/6623/audio HTTP 302
• https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D

Request Chain 301

• https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=429&user_id=21a1fabc-483c-530f-b05b-51e6d1b87b61&ssp=reklamstore&expires=30&user_group=1 HTTP 302
• https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1

Request Chain 332

• https://listen.openstream.co/6172/audio HTTP 302
• https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response crypto-fire.website/ Redirect Chain https://crypto-fire.website/?r=mars2000 https://crypto-fire.website/	11 KB 4 KB	59ms 59ms	Document text/html	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash d4a5de32f0bff9d674c7383e363f14f9b8789be5770d649cfc8436a30568175e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.18.0 (Ubuntu) Date Sat, 15 Jan 2022 20:11:45 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Redirect headers Server nginx/1.18.0 (Ubuntu) Date Sat, 15 Jan 2022 20:11:45 GMT Content-Type text/html; charset=UTF-8 Content-Length 0 Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Location /
GET H/1.1	200 OK	font-awesome.min.css crypto-fire.website/fonts/font-awesome/css/	23 KB 23 KB	104ms 103ms	Stylesheet text/css	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 08 Oct 2021 16:00:50 GMT Server nginx/1.18.0 (Ubuntu) ETag "61606b32-5cbe" Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 23742 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	style.css crypto-fire.website/css/	7 KB 8 KB	155ms 52ms	Stylesheet text/css	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/css/style.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash d6aca5e7020ec8030e3af389f2efca2bf54cf14531175ccc9ead8fe14a7710ed Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 05 Nov 2021 15:07:05 GMT Server nginx/1.18.0 (Ubuntu) ETag "61854899-1d79" Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 7545 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H2	200	jquery-3.2.1.js Show response code.jquery.com/	262 KB 78 KB	60ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding gzip last-modified Mon, 20 Mar 2017 19:01:15 GMT server nginx etag W/"58d026fb-41707" vary Accept-Encoding x-hw 1642277505.dop143.fr8.t,1642277505.cds231.fr8.hn,1642277505.cds221.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 79082
GET H/1.1	200 OK	noty.css crypto-fire.website/css/	18 KB 19 KB	205ms 102ms	Stylesheet text/css	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/css/noty.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash a7e3e1289103a8df5fe67d381fec0db46a27576a535c6981e19afb3d9de527fc Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 16:59:09 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172eddd-495e" Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 18782 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	animate.min.css crypto-fire.website/css/	52 KB 52 KB	158ms 54ms	Stylesheet text/css	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/css/animate.min.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 17:22:41 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172f361-ce35" Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 52789 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	noty.min.js Show response crypto-fire.website/js/	30 KB 31 KB	211ms 105ms	Script application/javascript	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/js/noty.min.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash ab3c4246aa42f5d76d523162099fd39b28a648c50a865c3d71a68ea315df3616 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 17:24:22 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172f3c6-7909" Content-Type application/javascript Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 30985 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	165 KB 62 KB	75ms 31ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DK2BL5MDMQ Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1df5f5000c5b8b16f45feafb4a3f97242983a91fb4593402bdbb5d125c76942d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62540 x-xss-protection 0 expires Sat, 15 Jan 2022 20:11:45 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	146 KB 51 KB	93ms 49ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2242642741687493 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2ef87b0935edf98efdfde903877202e690db3db09e77f9e1b7686ef80783ca54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://crypto-fire.website/ Origin https://crypto-fire.website Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51981 x-xss-protection 0 server cafe etag 1246568047094668053 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	logo.png crypto-fire.website/img/	62 KB 63 KB	57ms 57ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/logo.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 87d1b840ecfcb4410e64b8b12fc64ad943b7ce0ffb8e651764c91e1844b6bab6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 12:27:30 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172ae32-f9af" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 63919 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	st1.png crypto-fire.website/img/	4 KB 4 KB	62ms 61ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/st1.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 5ec986873120c2a9b681c1c8d94d0ec03cbb49f11a70e6e1835572ed8959392f Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 12:55:44 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172b4d0-f50" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 3920 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	st2.png crypto-fire.website/img/	17 KB 17 KB	54ms 53ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/st2.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash add2b51573f21ced2f52bc8c0fdcfabc12b1dc44dfe3af0337d6f21b6ef90b45 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 12:55:44 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172b4d0-4424" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 17444 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	st3.png crypto-fire.website/img/	14 KB 15 KB	56ms 55ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/st3.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash c2e4ec5af902fd16d7f68ce095f53bcf489ee83ea9569f9fb3ab905afdb500f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 12:55:44 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172b4d0-38ce" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 14542 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	btc.png crypto-fire.website/img/	26 KB 26 KB	117ms 116ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/btc.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash f4cb710135307100f2c6fb1314fbf33d24ed6076fc39c8009ed70b3e561bab38 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 13:53:20 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172c250-66a6" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 26278 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	eth.png crypto-fire.website/img/	25 KB 25 KB	205ms 104ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/eth.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 9bcb18dc726fae16367b930f8754fce02b2545e68fb8f956bedff90acc23cc69 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 13:53:20 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172c250-621c" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 25116 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H/1.1	200 OK	doge.png crypto-fire.website/img/	25 KB 25 KB	104ms 59ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/doge.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 4fdf6d2b825d6869430ec46c51bad520f1770f6e57fa1e39a69356bbfeaa4ad4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 13:53:20 GMT Server nginx/1.18.0 (Ubuntu) ETag "6172c250-6397" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 25495 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET H2	200	/ Show response g.cash-ads.com/banner/	6 KB 2 KB	71ms 24ms	Script text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://g.cash-ads.com/banner/?code=aKBg3ntB8Zry0yjjqpNJP00vscIPx9RS05DHcX9TRzE%3D Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 3101a2bc1a5023730a2deabb8eeee96ac3e9105a543e61c9e11349d9742380af Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding gzip server nginx x-frame-options deny vary Accept-Encoding content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	200 OK	1829503 Show response ad.a-ads.com/ Frame 36FC	6 KB 2 KB	89ms 33ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1829503?size=728x90 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash bace3b736501161381f306398248cfe94519aff44f02ba6eff10b2f578d880be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:45 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://crypto-fire.website/ Content-Encoding gzip
GET H/1.1	200 OK	1829511 Show response ad.a-ads.com/ Frame 9A74	6 KB 2 KB	93ms 32ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1829511?size=160x600 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash ca315bbcc5d99af0cf6ea10272caa367d459c0a6f10461a293cd2b8f48b8cdfe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:45 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://crypto-fire.website/ Content-Encoding gzip
GET H2	200	61a100fbec2b68001371373a.js Show response cdn.bmcdn2.com/js/	50 KB 17 KB	115ms 59ms	Script application/javascript	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn2.com/js/61a100fbec2b68001371373a.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfacb63997432d0ed380df643a1a5cc6f8c8f98970e7806f7179d4de6500f4ea Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1166 cf-polished origSize=62071 access-control-allow-methods * last-modified Sat, 15 Jan 2022 19:52:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHV3MGIZ5%2F4yuN4JXnmtOcfOoCFOA12vUwYAUPPcIzqfCMSI0nVRLHUA0nwAIRR0YRpSiwJvmiKgsTU6Xhc9DhjpsVBEssGd2vbhklOmyJy9Y1lt6Zg6onhAXwAwajt3wruuHEt9Ujii82eW"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * expires Sat, 15 Jan 2022 20:22:19 GMT cache-control public, max-age=1800 cf-ray 6ce1c1498cbe4dca-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization cf-bgj minify
GET H/1.1	200 OK	fon.png crypto-fire.website/img/	719 KB 719 KB	93ms 55ms	Image image/png	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/fon.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 5bc529fcb19b19a70d19cb4f3180ca15f96c05c099fee22ea4ce15b886c8078a Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 22 Oct 2021 11:25:12 GMT Server nginx/1.18.0 (Ubuntu) ETag "61729f98-b3c51" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 736337 Expires Sat, 22 Jan 2022 20:11:45 GMT
GET DATA	200 OK	truncated /	326 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13ebc66288e512400e2af0b76f9d4540e429d4d94f2c5f1219276d9a5e8e1bae Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	fontawesome-webfont.woff2 crypto-fire.website/fonts/font-awesome/fonts/	55 KB 56 KB	102ms 55ms	Font font/woff2	2a00:f940:2:4:2::2a6b AS-REG
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:f940:2:4:2::2a6b , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c Request headers Referer https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css Origin https://crypto-fire.website Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 08 Oct 2021 16:00:50 GMT Server nginx/1.18.0 (Ubuntu) ETag "ddcc-5cdd97babb080" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 56780
GET H2	400	61a10110a912fa0027dc0c16.js cdn.bmcdn2.com/js/	0 0	76ms 41ms	Script text/html	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn2.com/js/61a10110a912fa0027dc0c16.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1114 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods * content-type text/html access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpJICZKffUJG2Gci57Z5wA6Y%2FxpPWq0nI%2BAuH4okAgVV5c20fDVgud6wY9K592t5I%2FFRMCukUd8Y%2F0tr70K%2B0RyxtQB1t92fTbn8q4gLgWqoR1uEukiirpHfmAgHi0xIIlo0NCGyhpK6y0sm"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1800 cf-ray 6ce1c1498ce24dca-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization
GET H/1.1	200 OK	1829509 Show response ad.a-ads.com/ Frame 391A	6 KB 2 KB	75ms 29ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1829509?size=468x60 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash f37ff987bb8520680df45521d382f1df88363239ba462feb059514f0528f6c7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:45 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://crypto-fire.website/ Content-Encoding gzip
GET H2	200	base.js Show response g.cash-ads.com/js/	91 KB 37 KB	46ms 45ms	Script application/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://g.cash-ads.com/js/base.js Requested by Host: g.cash-ads.com URL: https://g.cash-ads.com/banner/?code=aKBg3ntB8Zry0yjjqpNJP00vscIPx9RS05DHcX9TRzE%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Referer https://crypto-fire.website/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding gzip last-modified Tue, 31 Aug 2021 15:27:16 GMT server nginx etag W/"612e4a54-16b34" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H2	200	jw.js Show response c.blyatflix.de/	2 KB 746 B	357ms 50ms	Script text/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Requested by Host: g.cash-ads.com URL: https://g.cash-ads.com/banner/?code=aKBg3ntB8Zry0yjjqpNJP00vscIPx9RS05DHcX9TRzE%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash cd849d3bc4887050022d0a1de2da04125caf32ea35f08ef0ba45fed317ae3530 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Referer https://crypto-fire.website/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding gzip vary Accept-Encoding server nginx x-xss-protection 1; mode=block strict-transport-security max-age=15768000; includeSubDomains content-type text/javascript; charset=utf-8
POST H2	204	collect www.google-analytics.com/g/	0 349 B	77ms 23ms	Ping text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DK2BL5MDMQ&gtm=2oe1c0&_p=185697042&sr=1600x1200&ul=en-us&cid=1935308599.1642277506&_s=1&dl=https%3A%2F%2Fcrypto-fire.website%2F&dt=MINING%20CRYPTO%20FIRE&sid=1642277505&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DK2BL5MDMQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://crypto-fire.website/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://crypto-fire.website cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/	284 KB 102 KB	90ms 52ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2242642741687493 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 94264e80d02aee478cab597737b2e4defdb90659167ceb87e82543494b98d9f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:45 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104505 x-xss-protection 0 server cafe etag 8896997718913292229 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:45 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 2905	11 KB 5 KB	72ms 23ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2242642741687493 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4885 x-xss-protection 0 date Sat, 15 Jan 2022 01:57:44 GMT expires Sat, 29 Jan 2022 01:57:44 GMT cache-control public, max-age=1209600 age 65641 etag 13671712056976469594 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	728x90 static.a-ads.com/a-ads-banners/118231/ Frame 36FC	683 KB 684 KB	120ms 44ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1829503?size=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Sun, 26 Apr 2020 07:21:07 GMT Server nginx x-amz-request-id 8AK1RZ4T75RT3T8R ETag "241238ff9e1a7f85dbec8aa10f72f723" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 699692 Connection keep-alive Accept-Ranges bytes x-amz-version-id t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h x-amz-id-2 t031adV9xtnz2oxSr3C6K6eA5CBbna7uK1Rz2Bu8i87kUQuVuL28g61xbjiVWbawlLSDzYQceA0= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	160x600 static.a-ads.com/a-ads-banners/103761/ Frame 9A74	636 KB 637 KB	122ms 46ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/103761/160x600?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1829511?size=160x600 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 190383f2c3198bf47a72cc4552a3eeac0ee19bc0808464950f57246f3bdb602d Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Fri, 27 Dec 2019 12:20:25 GMT Server nginx x-amz-request-id RXHVCEVF72XJ9KAN ETag "1fbc71d76caa94b1d341c41284a764cd" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 651421 Connection keep-alive Accept-Ranges bytes x-amz-version-id EqRrL8xQhzzwik8.Ev6xvoqpsur2TqNY x-amz-id-2 kfxKLOaN/u50EeJpMQnZ8oaNoNDEqP/mEVf279djn50JQpFmKYX8FIIQzQ3VEvtNK3cEp/iPFic= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	468x60 static.a-ads.com/a-ads-banners/104029/ Frame 391A	615 KB 615 KB	93ms 50ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/104029/468x60?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1829509?size=468x60 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 607afef00fd5897e2ecbda82aa560057f1b9c6e5f97f613468b048903079890f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:45 GMT Last-Modified Sun, 29 Dec 2019 17:09:04 GMT Server nginx x-amz-request-id WX9XGPEE4997E96Q ETag "365a46b73920464356581df598644a81" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 629554 Connection keep-alive Accept-Ranges bytes x-amz-version-id n7DE0Ih2SX67KfJXQVo9P6D5u9ksDvm. x-amz-id-2 GD4dwt+BPtHoe5nQ2YRBEwmw5uW66ftiync7/TvgssFV3BQE2tErlGkAvUjOhve3oEsMISrQ2Os= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated / Frame 36FC	305 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 9A74	305 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 391A	305 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ cdn.bmcdn2.com/pv/60b8b8569ade5e0025261c24/	35 B 349 B	132ms 132ms	Image image/gif	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bmcdn2.com/pv/60b8b8569ade5e0025261c24/?source=https%3A%2F%2Fcrypto-fire.website%2F&ref=&ent=&we=0&fid=96ee72b272892abe60dfa493a462b4e0&fidnoua=1bc8004d6d8b22a7a8959aa959f5dc7a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=2acc403e883fde61ac9c05644df6a17d Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLT7EF2Irbc%2FCvbVrB30r2EoEG%2FvzCE5iA3iDsI9U945Yp5ApPD7YunYdmlTZDv4G8cwvsW2icTB8Kq16lc5cN2S9%2FBJdWtubmvga2TgQ68JWr%2B19hbRvSFl0BUiGi9aTiMYzsETXddvTdO1"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cf-ray 6ce1c14c1a744dca-FRA content-length 35
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	223 B 653 B	96ms 24ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=crypto-fire.website&callback=_gfp_s_&client=ca-pub-2242642741687493 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 106aed8d68349243419e20b842dd69ff147128872575a73128ceace3ada1d789 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 209 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	99ms 30ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=crypto-fire.website Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	96ms 26ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=crypto-fire.website Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DC77	603 B 68 B	81ms 38ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2242642741687493&output=html&adk=1812271804&adf=3025194257&lmt=1642277505&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcrypto-fire.website%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642277505708&bpp=6&bdt=488&idt=230&shv=r20220112&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4595238730575&frm=20&pv=2&ga_vid=1935308599.1642277506&ga_sid=1642277506&ga_hid=185697042&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064071%2C31064115&oid=2&pvsid=2997807048826276&pem=662&tmod=510&uas=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sat, 15 Jan 2022 20:11:46 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 15 Jan 2022 20:11:46 GMT cache-control private
GET H2	200	/ Show response www.jefffm.de/ Frame 7E97 Redirect Chain https://traffic-buchen.de/view.php https://www.jefffm.de/	2 KB 1 KB	279ms 173ms	Document text/html	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/ Requested by Host: c.blyatflix.de URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 2aa636abf797b6881d39c397c17556adec4f3c0ee95196e8be530ed26b47a870 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers server nginx date Sat, 15 Jan 2022 20:11:46 GMT content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip Redirect headers server nginx date Sat, 15 Jan 2022 20:11:46 GMT content-type text/html; charset=UTF-8 location https://www.jefffm.de strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	401 Authorization required	1470 str4.openstream.co/ Redirect Chain https://listen.openstream.co/6623/audio https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en...	0 116 B	1623ms 801ms	Media text/plain	51.38.51.167 OVH
General Check archive.org Show headers Download Go to Full URL https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Server 51.38.51.167 , France, ASN16276 (OVH, FR), Reverse DNS vps-ab28582c.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Server Icecast 2.3.3 kh11 8.6.5 Redirect headers date Sat, 15 Jan 2022 20:11:46 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET		/ thisis.aninter.net/	0 0
GET H2	200	/ Show response cdn.bmcdn2.com/p/61a100fbec2b68001371373a/ Frame AE7E	1 KB 845 B	415ms 415ms	Document text/html	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn2.com/p/61a100fbec2b68001371373a/?source=https%3A%2F%2Fcrypto-fire.website%2F&ref=&ent=&we=0&fid=96ee72b272892abe60dfa493a462b4e0&fidnoua=1bc8004d6d8b22a7a8959aa959f5dc7a&impid=2acc403e883fde61ac9c05644df6a17d&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&sig=0x00000&blocksubid=0 Requested by Host: cdn.bmcdn2.com URL: https://cdn.bmcdn2.com/js/61a100fbec2b68001371373a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12925195e87704776dba965296b12c53fc002f34c7e6cb5e395acb56c00605e5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-type text/html vary Accept-Encoding access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgCdPeOaTKFeXaZ2pLfLay1MEzXiJZKtxrnUgNzrf5sMHo47fOwNPuF2bGvnfttp1WZyh%2B74M5mh6nMGsTaKuAeLLrsVFe8r5fROCHPQeReiQe3LYJlo3RsMC6UsgIKHKEck0cyZI00%2BOcAF"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ce1c14ec9014dca-FRA content-encoding br
GET H2	200	style.css www.jefffm.de/ Frame 7E97	2 KB 2 KB	25ms 24ms	Stylesheet text/css	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/style.css Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 1ebd484ba31b9baa99927a85e0d885d9969e6a390faff9abd7644b7bfdb90c92 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Tue, 29 Sep 2020 17:48:25 GMT server nginx etag "5f737369-845" strict-transport-security max-age=15768000; includeSubDomains content-type text/css accept-ranges bytes content-length 2117 x-xss-protection 1; mode=block
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 7E97	146 KB 51 KB	95ms 94ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 623d635aba1586a975aec99c3632de15a4e24423ff034fd116ebd4d46b6b9910 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51980 x-xss-protection 0 server cafe etag 3263425959654420589 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:46 GMT
GET H2	200	logo.gif www.jefffm.de/images/ Frame 7E97	2 KB 2 KB	25ms 24ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/logo.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash b58d7f06bae5f9dfccec0c9b53a77640694a38b068bc53687052ddc125b5eb1f Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Tue, 29 Sep 2020 17:45:07 GMT server nginx etag "5f7372a3-63f" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 1599 x-xss-protection 1; mode=block
GET H2	200	welcome.gif www.jefffm.de/images/ Frame 7E97	13 KB 14 KB	25ms 24ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/welcome.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 9b5eb1d12ee14b27244e1846d6539989615a4714b96c9cc663fa05997dc00ba0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Thu, 22 Mar 2007 21:43:48 GMT server nginx etag "4602f894-35ea" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 13802 x-xss-protection 1; mode=block
GET H2	200	/ Show response media.hubuhost.com/ Frame 7E97	8 KB 2 KB	90ms 31ms	Script text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://media.hubuhost.com/?key=15A17 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 111604ee263df0e79e0bd79fa6de93b38f21557cb0a0e1aaa69ff7930d832ea0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip server nginx x-frame-options deny vary Accept-Encoding content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	200 OK	1783915 Show response ad.a-ads.com/ Frame 7B0C	6 KB 2 KB	29ms 29ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1783915?size=728x90 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 3c160174af0c49d3eda68c47293f6ce409bea6ba1ad099999bcb5328e5d2f610 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:46 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://www.jefffm.de/ Content-Encoding gzip
GET H/1.1	200 OK	rota.php Show response www.ads4allweb.de/api/kamp/ Frame 1729	141 B 407 B	121ms 43ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash e6cb54e322d262df8f7a522fea2f743094b4f5a0e8e805518e9861e77767f04d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 146 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	206	audio.mp3 listen.openstream.co/4379/ Frame 7E97	0 0	45ms 45ms	Media text/html	63.34.73.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://listen.openstream.co/4379/audio.mp3 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.73.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-73-39.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Referer https://www.jefffm.de/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers
GET H/1.1	200 OK	728x90 static.a-ads.com/a-ads-banners/134568/ Frame 7B0C	21 KB 21 KB	23ms 23ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/134568/728x90?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1783915?size=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 0abc94bcaf3340d739852eaf411326154dff6eada8e80d0924baf566685c4b04 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Last-Modified Tue, 15 Dec 2020 10:04:53 GMT Server nginx x-amz-request-id 0B2KJEKKY1PCXHB8 ETag "c83fecc143b5af3853edbb2c55a7b657" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 21380 Connection keep-alive Accept-Ranges bytes x-amz-version-id null x-amz-id-2 ZxsgCPjyYPWAB4dn/ulyb1p9pH0YPwsCczsLOOlJ5160JVdBNMeh0XlOw2j0Yw0l3jiDb0+sA7o= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jw.js Show response c.blyatflix.de/ Frame 7E97	2 KB 747 B	24ms 23ms	Script text/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/?key=15A17 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 214aa70bfa7af754c4300013c525d81aac3d4e30e3838033bb842b1db11efe79 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip vary Accept-Encoding server nginx x-xss-protection 1; mode=block strict-transport-security max-age=15768000; includeSubDomains content-type text/javascript; charset=utf-8
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame 7E97	284 KB 102 KB	47ms 47ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064115 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 94264e80d02aee478cab597737b2e4defdb90659167ceb87e82543494b98d9f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104505 x-xss-protection 0 server cafe etag 8896997718913292229 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:46 GMT
GET H2	200	/ Show response www.jefffm.de/ Frame AADD Redirect Chain https://traffic-buchen.de/view.php https://www.jefffm.de/	2 KB 1 KB	143ms 143ms	Document text/html	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/ Requested by Host: c.blyatflix.de URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 2aa636abf797b6881d39c397c17556adec4f3c0ee95196e8be530ed26b47a870 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:46 GMT content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip Redirect headers server nginx date Sat, 15 Jan 2022 20:11:46 GMT content-type text/html; charset=UTF-8 location https://www.jefffm.de strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.0	200 OK	1799 str3.openstream.co/ Frame 7E97 Redirect Chain https://listen.openstream.co/5228/audio https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw...	128 KB 0	1546ms 798ms	Media audio/mpeg	178.33.221.216 OVH
General Check archive.org Show headers Download Go to Full URL https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Electronic%22%2C%22Schlager%22%2C%22Explicit%22%5D Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.0 Server 178.33.221.216 , France, ASN16276 (OVH, FR), Reverse DNS ip216.ip-178-33-221.eu Software Icecast 2.3.3 kh11 8.4.0 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers icy-genre dance, techno, mixes, events Pragma no-cache icy-name FastDance.FM | Electronic Music Radio Server Icecast 2.3.3 kh11 8.4.0 icy-br 128 icy-url https://fastdance.fm Instance-id ec8e23ccd0494af36039142ee5301826 Cache-Control no-cache icy-pub 1 Connection close Content-Type audio/mpeg icy-metaint 0 icy-description 24/7 best mixes, events, dance, techno and more... Expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Sat, 15 Jan 2022 20:11:46 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str3.openstream.co/1799?aw_0_1st.collectionid%3D5228%26stationId%3D5228%26publisherId%3D1823%26k%3D1642277506%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%5D%26aw_0_azn.pgenre%3D%5B%22Electronic%22%2C%22Schlager%22%2C%22Explicit%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET		/ thisis.aninter.net/ Frame 7E97	0 0
GET H/1.1	200 OK	count.php Show response www.ads4allweb.de/api/ Frame 1729	4 KB 2 KB	27ms 27ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 15cf0b7ce29b6e086dcce3428db866444a4b0800819e4e7ce01d871fe63069ee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 1402 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame 7E97	107 B 122 B	56ms 29ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064115 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 7E97	107 B 122 B	56ms 29ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064115 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EFFB	603 B 69 B	47ms 47ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7322400680000432&output=html&adk=1812271804&adf=3279755403&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fcrypto-fire.website%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642277506477&bpp=3&bdt=121&idt=90&shv=r20220112&mjsv=m202201120101&ptt=9&saldr=aa&nras=1&correlator=6830892747211&frm=24&ife=1&pv=2&ga_vid=306688060.1642277507&ga_sid=1642277507&ga_hid=1867382060&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2437642916&scr_x=-12245933&scr_y=-12245933&eid=31064081%2C31064115%2C31064125&oid=2&pvsid=1251317072339285&pem=615&tmod=922&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.8c92rp1csdy9&fsb=1&dtd=104 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064115 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sat, 15 Jan 2022 20:11:46 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 15 Jan 2022 20:11:46 GMT cache-control private
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/ Frame 1729	85 KB 30 KB	20ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1538f" vary Accept-Encoding x-hw 1642277506.dop143.fr8.t,1642277506.cds231.fr8.hn,1642277506.cds057.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H/1.1	200 OK	adframe.js Show response www.ads4allweb.de/api/ad/ Frame 1729	18 B 297 B	21ms 20ms	Script application/javascript	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/ad/adframe.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash fb1de05487cbd9748085d35910b6f9877706b2a63c3cd64e2fadb9c318cb0505 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Last-Modified Fri, 16 Aug 2019 11:59:04 GMT Server Apache ETag "12-5903ab775b200" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 18
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/ Frame 1729	96 KB 29 KB	107ms 40ms	Script application/javascript	2600:9000:214f:8000:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8000:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 03:05:40 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 18:35:51 GMT server AmazonS3 age 61575 etag "78cf0f1f296c61b336db981022359dbc" x-cache Hit from cloudfront content-type application/javascript via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 content-length 29778 x-amz-cf-id cyMGFjuN2_4VieCX9MsZzt66JQM6mLtmCpK0_MtDL5LKtQkeEYjCHQ==
GET H2	200	p_script.php Show response www.sponsortown.de/v3/ Frame 1729	452 B 451 B	76ms 27ms	Script text/html	5.35.252.146 GD-EMEA-DC-SXB1
General Check archive.org Show headers Download Go to Full URL https://www.sponsortown.de/v3/p_script.php?pid=6120&intro=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.35.252.146 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE), Reverse DNS rs244210.rs.hosteurope.de Software nginx / PHP/7.2.34, PleskLin Resource Hash c267b63610bd08f96e66630a3c529492fea5e0938862c9ef9a1f0f69fc195b08 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip server nginx x-powered-by PHP/7.2.34, PleskLin content-length 303 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame 1729	122 KB 39 KB	177ms 120ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 833af79fceebd91289eb5aac891019a7e5bd2a99f74fbd8d8430f52d6f908f2d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-1e6ef" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 16 Jan 2022 20:11:46 GMT
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 1729	320 B 621 B	235ms 21ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1090192 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 93c1766e021bb747cb54ebd99734cc9e878c10fe9608122e3d2c8f52465f54e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame 1729	82 KB 33 KB	51ms 26ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1ab60e540a1401fd40b5f266332ba0471ec2210f433899fae96104d5ff847b33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33319 x-xss-protection 0 last-modified Sat, 15 Jan 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jan 2022 20:11:46 GMT
GET H/1.1	200 OK	pix ads.rekmob.com/retarget/ Frame 1729 Redirect Chain https://x.bidswitch.net/sync?ssp=reklamstore https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=3936de46-35a3-4987-ae21-40a8ea02d5bb https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=reklamstore&expires=10&bsw_param=3936de46-35a3-4987-ae21-40a8ea02d5bb https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1	35 B 403 B	92ms 29ms	Image image/gif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Server nginx/1.9.6 Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers Location //ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Date Sat, 15 Jan 2022 20:11:46 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	textlinks.php Show response www.ads4allweb.de/ads/ Frame AE41	319 B 486 B	21ms 21ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/ads/textlinks.php Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 3557761eeead595148091109ff52cf6c83162ddd7135cba55d6a57d7c59f3115 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 251 Keep-Alive timeout=5, max=97 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	/ Show response ebesucher-klicker.de/ Frame 4B40	8 KB 3 KB	108ms 59ms	Document text/html	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://ebesucher-klicker.de/ Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin Resource Hash 2adec4fc39729f74d084a42e96efd44f3760820b12e2de91777f43ab63e7cdce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:46 GMT content-type text/html; charset=UTF-8 content-length 2833 x-powered-by PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding content-encoding gzip
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 1729	322 B 621 B	233ms 23ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1103918 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash b910f4f743abe988a31010affca9069c3a13151c785fdc5189fb78f7f674c00a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H2	200	tb_v.php Show response tl.adcocktail.com/ Frame AE41	2 KB 795 B	178ms 83ms	Script text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tl.adcocktail.com/tb_v.php?uid=1867&wsid=28382&format=468x60&reflink=off Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc51e97fd76b5b0a4563e05cba92ea79164a9423029834826b8d41a9998a8953 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 15 Jan 2022 20:11:46 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 6ce1c151b8505369-FRA content-length 453 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	post_load_info.js Show response static.bmcdn2.com/js/ Frame AE7E	706 B 682 B	129ms 83ms	Script application/javascript	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.bmcdn2.com/js/post_load_info.js?v=v1.25.4 Requested by Host: cdn.bmcdn2.com URL: https://cdn.bmcdn2.com/p/61a100fbec2b68001371373a/?source=https%3A%2F%2Fcrypto-fire.website%2F&ref=&ent=&we=0&fid=96ee72b272892abe60dfa493a462b4e0&fidnoua=1bc8004d6d8b22a7a8959aa959f5dc7a&impid=2acc403e883fde61ac9c05644df6a17d&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b434054a6be065acfc38ab163590b92c370d560540a2a0ab518d10e289cd2dde Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.bmcdn2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6918 cf-polished origSize=932 last-modified Wed, 08 Sep 2021 10:16:41 GMT server cloudflare etag W/"61388d89-3a4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Emch1AkM3jSefP4Pg%2F2Vc%2BaibCf%2BZOj8wH3k5ARPsjto8XsthIu%2BAvrcOiukNat4Y4R6SWBrXa%2BmEe%2Bizs9yCmLeFT2h6Bn3X0GxkiqP%2FgPoGMxK6RXX5eI9uDY7v6sdhiFJUROsNsYwRfiUXV3c"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6ce1c151d8284dca-FRA cf-bgj minify
GET H2	200	basic.css static.bmcdn2.com/css/ Frame AE7E	3 KB 834 B	127ms 82ms	Stylesheet text/css	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.bmcdn2.com/css/basic.css?v=v1.25.4 Requested by Host: cdn.bmcdn2.com URL: https://cdn.bmcdn2.com/p/61a100fbec2b68001371373a/?source=https%3A%2F%2Fcrypto-fire.website%2F&ref=&ent=&we=0&fid=96ee72b272892abe60dfa493a462b4e0&fidnoua=1bc8004d6d8b22a7a8959aa959f5dc7a&impid=2acc403e883fde61ac9c05644df6a17d&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84dfd0883135e8d52e90873b82f56e58b094edeba836252fbead61f4f88c4be8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.bmcdn2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6918 cf-polished status=cannot_optimize last-modified Thu, 30 Sep 2021 08:48:04 GMT server cloudflare etag W/"615579c4-d7d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug129knK1S%2BEUUf%2BnlL7ogVKd4DDN311y8QFLq%2BmmfrdtXT3yN5wr7%2FYhVavFFOMAsAEqtu2Zn2AIwHYVpnJU%2FM3jc70U9KwZ45dg04U%2FhSpY8PIzlc9El14Xa%2Fjqyjcfidx6EOrNxb8bA6sgCrR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6ce1c151d8224dca-FRA cf-bgj minify
GET H2	200	img.css static.bmcdn2.com/css/ Frame AE7E	317 B 507 B	126ms 81ms	Stylesheet text/css	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.bmcdn2.com/css/img.css?v=v1.25.4 Requested by Host: cdn.bmcdn2.com URL: https://cdn.bmcdn2.com/p/61a100fbec2b68001371373a/?source=https%3A%2F%2Fcrypto-fire.website%2F&ref=&ent=&we=0&fid=96ee72b272892abe60dfa493a462b4e0&fidnoua=1bc8004d6d8b22a7a8959aa959f5dc7a&impid=2acc403e883fde61ac9c05644df6a17d&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85d9174b2c70c32d1556f151d409daf5efb467a56abac707403beb8ff1e35a28 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.bmcdn2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6917 cf-polished origSize=401 last-modified Tue, 03 Nov 2020 15:55:58 GMT server cloudflare etag W/"5fa17d8e-191" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlGZ2OA%2FVDqLg6zVAX0Q%2BJrNRcqG9cLuqQTjp%2BY0n0rXQE2OFkQKf4shK3dbDczLpweVLXc5dkfKFCWyUxjGjB%2B195%2B0pRPB1c2rZf30EipzmGY6bKMJVgBaRUhfsBykvWvG0vxuhCbL0yDrl07K"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6ce1c151d8264dca-FRA cf-bgj minify
GET H2	200	zone Show response adpro.netzwerk-ad.de/codes/ Frame 4B40	434 B 602 B	721ms 613ms	Script application/javascript	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://adpro.netzwerk-ad.de/codes/zone?rcd=Mzk= Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/7.1.33, PleskLin Resource Hash 6474fd253eef05a21056df760c2d087cb436bace10ec68cab9ae2a784da7ac05 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx x-powered-by PHP/7.1.33, PleskLin x-cache-status BYPASS vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate content-length 316 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	main.css ebesucher-klicker.de/css/ Frame 4B40	4 KB 4 KB	86ms 85ms	Stylesheet text/css	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://ebesucher-klicker.de/css/main.css Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash 6cae17abdeea20d73682245c12c36900184c8afea05408ac70835a6431cfbddf Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Mon, 04 Jan 2021 16:09:29 GMT server nginx x-powered-by PleskLin etag "5ff33db9-e0b" content-type text/css accept-ranges bytes content-length 3595
GET H2	200	jquery-1.10.2.js Show response code.jquery.com/ Frame 4B40	267 KB 79 KB	42ms 41ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.10.2.js Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:07 GMT server nginx etag W/"54499a47-42b2f" vary Accept-Encoding x-hw 1642277506.dop143.fr8.t,1642277506.cds231.fr8.hn,1642277506.cds041.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80743
GET H2	200	logo.png ebesucher-klicker.de/images/ Frame 4B40	32 KB 32 KB	59ms 59ms	Image image/png	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://ebesucher-klicker.de/images/logo.png Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash 3acc0c14d8b48cbf12ea40cb135eb7007c85ea3d8e6b042fb3c912757efc2b00 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Sat, 23 Jan 2021 20:21:24 GMT server nginx x-powered-by PleskLin etag "600c8544-809f" content-type image/png accept-ranges bytes content-length 32927
GET H/1.1	200 OK	script-v2.js Show response s3.amazonaws.com/valao-cloud/cookie-hinweis/ Frame 4B40	4 KB 5 KB	453ms 117ms	Script application/javascript	52.217.83.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script-v2.js Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.83.182 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b9ba2c9588f6fe8aa9a056868f9d4f806cc27297dae91ec3192c0de7cf2f334e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:48 GMT Last-Modified Thu, 31 Jan 2019 08:10:46 GMT Server AmazonS3 x-amz-request-id BVHX9V5FTHC6BVXD ETag "415fbfba67f3f5cb671dce2781f21ed1" Content-Type application/javascript Accept-Ranges bytes Content-Length 4265 x-amz-id-2 N6+PkAwf4tyUZtctPx2uK8GqQ5Zj5BoEn485YC1mJ7HB4o1Hm3MOUW4620p4OVa9qW9264odl2w=
GET H/1.1	200 OK	1717829 Show response ad.a-ads.com/ Frame F366	6 KB 2 KB	62ms 62ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1717829?size=468x60 Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 4adb83d57ed755850a235e0cd727e146309852c935468f508d20bc817df7819a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:46 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://ebesucher-klicker.de/ Content-Encoding gzip
GET H2	200	banner Show response adpro.netzwerk-ad.de/codes/ Frame D151	450 B 610 B	495ms 390ms	Document text/html	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/7.1.33 PleskLin Resource Hash 7a2ffda8add383e665ea9e2292531a29587bd1acd4f77849a9cd0e268c26ff28 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html; charset=UTF-8 content-length 321 x-powered-by PHP/7.1.33 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding content-encoding gzip x-cache-status BYPASS
GET H/1.1	200 OK	468x60 static.a-ads.com/a-ads-banners/117620/ Frame F366	156 KB 157 KB	40ms 40ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1717829?size=468x60 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Last-Modified Sun, 19 Apr 2020 16:08:09 GMT Server nginx x-amz-request-id 7EZ376GTFZAZQ10H ETag "d89cd17d5e22adfb5532615d116d84b8" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 160195 Connection keep-alive Accept-Ranges bytes x-amz-version-id LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4 x-amz-id-2 QbrBXmBv2znSSc/73Ug1P+4Z2dSLwtFbuOH+PCfTNfuhuskGmX4B3w64873wntyJrodXD9vHuRs= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ Show response media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/ Frame 4ACA Redirect Chain https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/	725 B 666 B	139ms 137ms	Document text/html	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/ Requested by Host: cdn.bmcdn2.com URL: https://cdn.bmcdn2.com/p/61a100fbec2b68001371373a/?source=https%3A%2F%2Fcrypto-fire.website%2F&ref=&ent=&we=0&fid=96ee72b272892abe60dfa493a462b4e0&fidnoua=1bc8004d6d8b22a7a8959aa959f5dc7a&impid=2acc403e883fde61ac9c05644df6a17d&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73af1638a1b1233c5e3649406b3490dd4c3841987efe30447fb742967d1835fd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://cdn.bmcdn2.com/ Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html last-modified Sun, 24 Jan 2021 19:06:46 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2geLYlSzcM3%2BqXmVkAiIQKjqWJqJp%2BAHbaU2mmukJFyhaCrJHHm3QI0G8UvS%2BteSu1HxU7e8Llp2gk3oJSzDcCz6G6Ylu1%2BoPTGI%2Bl%2F4cL%2BgfYv8qwQAjzOXAKzRVHs6TgY33bAJSVxkniilBY%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ce1c1535bc14dca-FRA content-encoding br Redirect headers date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html location https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/ cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F%2FIDT3%2Bfxz6m7ey3C542PPsVBs8UqlWbuXhbg8%2FinrHpldUwsUZn%2FHemuWh8ML0QJlC1S7MUvfvkgv95P7wIhaQjGG9Ypt4PPPNWl%2BVYPn5xeK4NYLUbm%2BD806u2%2FrkNU%2FwMHD4ASXOsRBTmEo%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6ce1c152596b4dca-FRA
GET H2	200	new_bm_logo_v2.svg static.bmcdn2.com/img/ Frame AE7E	675 B 869 B	29ms 28ms	Image image/svg+xml	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bmcdn2.com/img/new_bm_logo_v2.svg Requested by Host: static.bmcdn2.com URL: https://static.bmcdn2.com/css/basic.css?v=v1.25.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://static.bmcdn2.com/css/basic.css?v=v1.25.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 Jan 2019 10:06:54 GMT server cloudflare age 6917 etag W/"5c4053be-2a3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq4qjofDaBxx6W2udBtkpDzl6615J4c2LD8TREIPNS1nyo%2Fn2hjOwV58kMZ7hPKUCu8s1nQQ5eJIokoonXt64qRboUJZTXBZ%2BLEMJ8rbCZfdRYeczZVOc6QqShqomg7AA9SVPjhVZziTaoE8ru20"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ce1c15249394dca-FRA
GET H2	200	by_bm_v2.svg static.bmcdn2.com/img/ Frame AE7E	4 KB 2 KB	36ms 36ms	Image image/svg+xml	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bmcdn2.com/img/by_bm_v2.svg Requested by Host: static.bmcdn2.com URL: https://static.bmcdn2.com/css/basic.css?v=v1.25.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b Request headers Accept-Language de-DE,de;q=0.9 Referer https://static.bmcdn2.com/css/basic.css?v=v1.25.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Oct 2020 11:45:28 GMT server cloudflare age 6916 etag W/"5f883658-e03" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbxhoDuB5uqIr4H9gbw9EMGnZKa1ytemcNQcwOsVjmJvo4DfmMoAa1ApCUUkxr9BpbpNHINTYyda%2FPEJFIrOqvq1LDWWg%2B2sPrjixH9NKoD64zIoueB4bGoVZ5PKBleBjtKoYxy6m4vCrFMQTmN2"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ce1c152493c4dca-FRA
GET H2	200	choice_v2.svg static.bmcdn2.com/img/ Frame AE7E	351 B 544 B	37ms 36ms	Image image/svg+xml	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bmcdn2.com/img/choice_v2.svg Requested by Host: static.bmcdn2.com URL: https://static.bmcdn2.com/css/basic.css?v=v1.25.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199 Request headers Accept-Language de-DE,de;q=0.9 Referer https://static.bmcdn2.com/css/basic.css?v=v1.25.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Oct 2020 11:44:30 GMT server cloudflare age 6917 etag W/"5f88361e-15f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rd%2BPl5%2FN3bittL8W3rSgQgSKdHqxTY5xBuyIs56o%2FrPLfpxiNNnXmUY61UMNoWnrvUghtA%2BQzgqK3xGwhSApIhhT5LMQVM0JHE5qaWv0K4KC7uxUNlvhctRWD%2FBLsMK8QKp008V5yu9BoyRLJHIk"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ce1c152493d4dca-FRA
GET H2	200	choices_v2.svg static.bmcdn2.com/img/ Frame AE7E	2 KB 1 KB	33ms 32ms	Image image/svg+xml	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.bmcdn2.com/img/choices_v2.svg Requested by Host: static.bmcdn2.com URL: https://static.bmcdn2.com/css/basic.css?v=v1.25.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48 Request headers Accept-Language de-DE,de;q=0.9 Referer https://static.bmcdn2.com/css/basic.css?v=v1.25.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Oct 2020 11:45:54 GMT server cloudflare age 6917 etag W/"5f883672-892" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZ4nA4AO0qs3zeglZXoF9ctsXhi4G2CB2dTSLvCzGDvr5QTaIcVehwOv0HUd8uWxqM3K8Bvu3NVlALDCig7UYW1n34db%2BkEwOksoJ3B7K%2B%2FxACvXr4qt26BKnxt1ClVKM91Pga86xtwL%2FSwQYiqF"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ce1c15249404dca-FRA
GET H2	200	style.css www.jefffm.de/ Frame AADD	2 KB 2 KB	92ms 91ms	Stylesheet text/css	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/style.css Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 1ebd484ba31b9baa99927a85e0d885d9969e6a390faff9abd7644b7bfdb90c92 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Tue, 29 Sep 2020 17:48:25 GMT server nginx etag "5f737369-845" strict-transport-security max-age=15768000; includeSubDomains content-type text/css accept-ranges bytes content-length 2117 x-xss-protection 1; mode=block
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame AADD	146 KB 51 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db896ad9fadf7ae78705f8a43ddbf58e5bc8200d365da41a61516cec36968cd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51976 x-xss-protection 0 server cafe etag 11861254294686080833 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:46 GMT
GET H2	200	logo.gif www.jefffm.de/images/ Frame AADD	2 KB 2 KB	90ms 87ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/logo.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash b58d7f06bae5f9dfccec0c9b53a77640694a38b068bc53687052ddc125b5eb1f Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Tue, 29 Sep 2020 17:45:07 GMT server nginx etag "5f7372a3-63f" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 1599 x-xss-protection 1; mode=block
GET H2	200	welcome.gif www.jefffm.de/images/ Frame AADD	13 KB 14 KB	89ms 87ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/welcome.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 9b5eb1d12ee14b27244e1846d6539989615a4714b96c9cc663fa05997dc00ba0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT last-modified Thu, 22 Mar 2007 21:43:48 GMT server nginx etag "4602f894-35ea" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 13802 x-xss-protection 1; mode=block
GET H2	200	/ Show response media.hubuhost.com/ Frame AADD	435 B 401 B	26ms 24ms	Script text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://media.hubuhost.com/?key=15A17 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 65b7dc45dab8b6ef4b8061c392704b0c863b88385c50df0c3ca04ad33280ffdc Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:46 GMT content-encoding gzip server nginx x-frame-options deny vary Accept-Encoding content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	200 OK	1783915 Show response ad.a-ads.com/ Frame 3F4E	6 KB 2 KB	29ms 28ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1783915?size=728x90 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 4d03429b787ec73ba0e014e2813dbd399b0ff6f6517d66e0585df5a5e75ad617 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:46 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://www.jefffm.de/ Content-Encoding gzip
GET H/1.1	200 OK	rota.php Show response www.ads4allweb.de/api/kamp/ Frame CC1B	141 B 406 B	41ms 40ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 084fbd7f41fd35661a387c07d47273d56552e14a5ffd7e51a390028fc08856f7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 146 Keep-Alive timeout=5, max=96 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	206	audio.mp3 listen.openstream.co/4379/ Frame AADD	0 0	44ms 44ms	Media text/html	63.34.73.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://listen.openstream.co/4379/audio.mp3 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.73.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-73-39.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.jefffm.de/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame 1729	152 B 833 B	113ms 59ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 745aefad119c1107240791085ab54a089015c2f955a2e21dc44ef952977ea778 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:47 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d74a344c-6751-403e-b64a-f29a82a442f2 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 152 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame 1729 Redirect Chain https://adx.adform.net/adx/?rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__FybfcIDGrQkWQ7u1GBqz https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__FybfcIDGrQkWQ7u1GBqz	33 B 588 B	75ms 75ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__FybfcIDGrQkWQ7u1GBqz Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 7915cc6cffa75865e040d737b7cd358f0836b6a9264720363b9ca9ed2ed4d83d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT server nginx location https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__FybfcIDGrQkWQ7u1GBqz access-control-max-age 86400 access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 1729	4 KB 2 KB	104ms 40ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=f92a43a687bb491bb9f1e58a8c68f222&ufid=FybfcIDGrQkWQ7u1GBqz&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__FybfcIDGrQkWQ7u1GBqz&ref=www.ads4allweb.de&_=1642277506954&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 8b7583cfd33aec89aed51b3d4f709685e0c01440d38aaf2c1a7030d1e42c85be Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 1729	0 179 B	77ms 23ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:47 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame 1729	157 B 1 KB	82ms 32ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c342b82de6232d03c4afdfc84b9db6031cefe83f04f573e62de5246ae57ec62 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:47 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 4ba2bebc-5f69-49d2-bf67-0c072e6872ea Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 157 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame 1729 Redirect Chain https://adx.adform.net/adx/?rp=4&bWlkPTExNDMxMTk%3D&callback=adf__1rQR7DOPGLAwKpRNKZsv https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTExNDMxMTk%3D&callback=adf__1rQR7DOPGLAwKpRNKZsv	33 B 587 B	61ms 61ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTExNDMxMTk%3D&callback=adf__1rQR7DOPGLAwKpRNKZsv Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash d8c7485cff659fa65298308399b803f0e96d8e2d8112ae228f989840528748e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT server nginx location https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTExNDMxMTk%3D&callback=adf__1rQR7DOPGLAwKpRNKZsv access-control-max-age 86400 access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 1729	4 KB 2 KB	104ms 35ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=7ddf8f8d485040a3a069760a74ccac18&ufid=1rQR7DOPGLAwKpRNKZsv&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__1rQR7DOPGLAwKpRNKZsv&ref=www.ads4allweb.de&_=1642277506961&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 82af071c3f535da34694bd316b3ce9009e3efe37ff2c05a2a9191cc3324c06bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	cdb Show response bidder.criteo.com/ Frame 1729	0 218 B	86ms 25ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=208&cb=71653613719 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 15 Jan 2022 20:11:46 GMT server Finatra vary Origin access-control-allow-origin https://www.ads4allweb.de access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 1729	0 179 B	71ms 24ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:47 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H/1.1	200 OK	728x90 static.a-ads.com/a-ads-banners/118231/ Frame 3F4E	683 KB 684 KB	41ms 40ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1783915?size=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:46 GMT Last-Modified Sun, 26 Apr 2020 07:21:07 GMT Server nginx x-amz-request-id 8AK1RZ4T75RT3T8R ETag "241238ff9e1a7f85dbec8aa10f72f723" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 699692 Connection keep-alive Accept-Ranges bytes x-amz-version-id t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h x-amz-id-2 t031adV9xtnz2oxSr3C6K6eA5CBbna7uK1Rz2Bu8i87kUQuVuL28g61xbjiVWbawlLSDzYQceA0= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/ Frame AADD	279 KB 100 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064017 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6b4714e6a43807d19009cb8ebadbe35e7f00774b93ca288d977ca0957fc5a528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102650 x-xss-protection 0 server cafe etag 8437853065316740132 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:47 GMT
GET H/1.1	200 OK	count.php Show response www.ads4allweb.de/api/ Frame CC1B	4 KB 2 KB	27ms 26ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 00f243469d7caf3ca69f6e88a7a69c2370254f908f640bd88bea0674e98b1143 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 1423 Keep-Alive timeout=5, max=95 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	jw.js Show response c.blyatflix.de/ Frame AADD	2 KB 745 B	22ms 22ms	Script text/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/?key=15A17 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash cd849d3bc4887050022d0a1de2da04125caf32ea35f08ef0ba45fed317ae3530 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip vary Accept-Encoding server nginx x-xss-protection 1; mode=block strict-transport-security max-age=15768000; includeSubDomains content-type text/javascript; charset=utf-8
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/ Frame CC1B	85 KB 30 KB	37ms 37ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1538f" vary Accept-Encoding x-hw 1642277507.dop143.fr8.t,1642277507.cds231.fr8.hn,1642277507.cds057.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H/1.1	200 OK	adframe.js Show response www.ads4allweb.de/api/ad/ Frame CC1B	18 B 297 B	31ms 30ms	Script application/javascript	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/ad/adframe.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash fb1de05487cbd9748085d35910b6f9877706b2a63c3cd64e2fadb9c318cb0505 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Fri, 16 Aug 2019 11:59:04 GMT Server Apache ETag "12-5903ab775b200" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 18
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/ Frame CC1B	96 KB 29 KB	31ms 31ms	Script application/javascript	2600:9000:214f:8000:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8000:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 03:05:40 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 18:35:51 GMT server AmazonS3 age 61576 etag "78cf0f1f296c61b336db981022359dbc" x-cache Hit from cloudfront content-type application/javascript via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 content-length 29778 x-amz-cf-id Lsy_WJPUl6srSu-vA3LwP5jjUJlBE-K0o6GkyCrkLkqUCexauKLvyQ==
GET H2	200	p_script.php Show response www.sponsortown.de/v3/ Frame CC1B	452 B 450 B	35ms 35ms	Script text/html	5.35.252.146 GD-EMEA-DC-SXB1
General Check archive.org Show headers Download Go to Full URL https://www.sponsortown.de/v3/p_script.php?pid=6120&intro=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.35.252.146 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE), Reverse DNS rs244210.rs.hosteurope.de Software nginx / PHP/7.2.34, PleskLin Resource Hash e5d9219f15d1f68c4fd0bd5485bf258934b15e559ea8421e7e82b84f9755db4d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx x-powered-by PHP/7.2.34, PleskLin content-length 303 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	/ Show response jefffm.de/ Frame EE86 Redirect Chain https://traffic-buchen.de/view.php https://jefffm.de/	2 KB 1 KB	157ms 146ms	Document text/html	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://jefffm.de/ Requested by Host: c.blyatflix.de URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 2aa636abf797b6881d39c397c17556adec4f3c0ee95196e8be530ed26b47a870 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip Redirect headers server nginx date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html; charset=UTF-8 location https://jefffm.de strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	401 Authorization required	1470 str4.openstream.co/ Frame AADD Redirect Chain https://listen.openstream.co/6623/audio https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en...	0 116 B	1064ms 805ms	Media text/plain	51.38.51.167 OVH
General Check archive.org Show headers Download Go to Full URL https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Server 51.38.51.167 , France, ASN16276 (OVH, FR), Reverse DNS vps-ab28582c.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Server Icecast 2.3.3 kh11 8.6.5 Redirect headers date Sat, 15 Jan 2022 20:11:47 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET		/ thisis.aninter.net/ Frame AADD	0 0
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 1729	2 KB 1 KB	85ms 34ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 557 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c15398724333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 1729	2 KB 1 KB	86ms 35ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=7ddf8f8d485040a3a069760a74ccac18&nai=&si=35370&pn=&h=50&w=320&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 557 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c15398764333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame AADD	107 B 122 B	30ms 30ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame AADD	107 B 122 B	32ms 32ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 56A5	603 B 65 B	47ms 47ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7322400680000432&output=html&adk=1812271804&adf=3407251146&lmt=1642277507&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jefffm.de%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642277507007&bpp=2&bdt=73&idt=92&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&nras=1&correlator=6830892747211&frm=24&ife=1&pv=1&ga_vid=2077238075.1642277507&ga_sid=1642277507&ga_hid=1022542475&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2437642916&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31064017%2C31064080&oid=2&pvsid=945213137904629&pem=615&tmod=307&top=https%3A%2F%2Fcrypto-fire.website%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ys6suvp6q2yp&fsb=1&dtd=106 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sat, 15 Jan 2022 20:11:47 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame CC1B	122 KB 39 KB	38ms 38ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 833af79fceebd91289eb5aac891019a7e5bd2a99f74fbd8d8430f52d6f908f2d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-1e6ef" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 16 Jan 2022 20:11:47 GMT
GET H/1.1	200 OK	pix ads.rekmob.com/retarget/ Frame CC1B Redirect Chain https://x.bidswitch.net/sync?ssp=reklamstore https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=3936de46-35a3-4987-ae21-40a8ea02d5bb https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=3936de46-35a3-4987-ae21-40a8ea02d5bb https://x.bidswitch.net/sync?dsp_id=4&user_id=70f8a110-99fc-4ac3-82ef-9cb935ce3c9a&ssp=reklamstore&expires=30&user_group=5&bsw_param=3936de46-35a3-4987-ae21-40a8ea02d5bb https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1	35 B 403 B	25ms 24ms	Image image/gif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Server nginx/1.9.6 Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers Location //ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Date Sat, 15 Jan 2022 20:11:47 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame CC1B	320 B 621 B	23ms 22ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1090192 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 93c1766e021bb747cb54ebd99734cc9e878c10fe9608122e3d2c8f52465f54e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame CC1B	82 KB 33 KB	27ms 27ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1ab60e540a1401fd40b5f266332ba0471ec2210f433899fae96104d5ff847b33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33319 x-xss-protection 0 last-modified Sat, 15 Jan 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jan 2022 20:11:47 GMT
GET H/1.1	200 OK	textlinks.php Show response www.ads4allweb.de/ads/ Frame 8475	319 B 486 B	21ms 21ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/ads/textlinks.php Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 3557761eeead595148091109ff52cf6c83162ddd7135cba55d6a57d7c59f3115 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 251 Keep-Alive timeout=5, max=93 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	index.php Show response www.ab-webservice.de/ads/ Frame B582 Redirect Chain https://www.werbeflut.net/kamp/ziel.php?uid=1403&bid=4773243&sid=1521 https://www.ab-webservice.de/ads/index.php	10 KB 4 KB	82ms 27ms	Document text/html	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/index.php Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 4c42e2fe49ff7b9d09955281510963716f5f261391fdfc8ba0bda958ac45e497 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 3382 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Location https://www.ab-webservice.de/ads/index.php Content-Length 226 Connection close Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame CC1B	322 B 621 B	22ms 22ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1103918 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash b910f4f743abe988a31010affca9069c3a13151c785fdc5189fb78f7f674c00a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame CC1B	152 B 988 B	25ms 24ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4f0bd364cadc90692fe0f5970643a616fd0c46833c3109703fdbaeec32931020 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:47 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 8e430ff9-cec1-4b01-ad7f-25c2cd912da2 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 152 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame CC1B	33 B 587 B	65ms 64ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__bk1pzNdwpICnRyzyV4xF Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 774d2d6f9e533bfe27a0aadb27be24f345a5ac765c97a8ffd5c35a0c44ab7ad8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame CC1B	4 KB 2 KB	39ms 38ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=f92a43a687bb491bb9f1e58a8c68f222&ufid=bk1pzNdwpICnRyzyV4xF&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__bk1pzNdwpICnRyzyV4xF&ref=www.ads4allweb.de&_=1642277507174&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 4e1c4a3b676d0c600cd47c27f2536416438ae7f7617cc1530eaa0446cab588c4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CC1B	0 179 B	23ms 23ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:47 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame CC1B	152 B 988 B	145ms 145ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash d064c7d23e509393312527d31a12cb2718f9c768691e251d2bcfcee2d7f26034 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:47 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid bbe98d4a-f7d5-417a-adb1-441f8ef321d0 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 152 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame CC1B	33 B 588 B	59ms 58ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTExNDMxMTk%3D&callback=adf__MsmWZ7TngeReNks1rvB6 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 61e88ad0a31c404d1bbf05cba80cb20e08516ab176b80054fc338a16881d56c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame CC1B	4 KB 2 KB	45ms 45ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=7ddf8f8d485040a3a069760a74ccac18&ufid=MsmWZ7TngeReNks1rvB6&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__MsmWZ7TngeReNks1rvB6&ref=www.ads4allweb.de&_=1642277507178&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 3ad4a2642f5714bd0256c19ce63693a47ca9815c22946c7757f2c72d0db6a4c7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:21 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	cdb Show response bidder.criteo.com/ Frame CC1B	0 218 B	25ms 25ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=208&cb=88660503346 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 15 Jan 2022 20:11:46 GMT server Finatra vary Origin access-control-allow-origin https://www.ads4allweb.de access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CC1B	0 179 B	26ms 25ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:47 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H2	200	tb_v.php Show response tl.adcocktail.com/ Frame 8475	2 KB 563 B	76ms 76ms	Script text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tl.adcocktail.com/tb_v.php?uid=1867&wsid=28382&format=468x60&reflink=off Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16d48dfa7f0b1807615fad674cc23f97276bc0af75f61ccef4f005fca2961a87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 15 Jan 2022 20:11:47 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 6ce1c153ecc55369-FRA content-length 454 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 1729	31 KB 24 KB	30ms 30ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1642277507192&ver1=2.2.3&qid=230383f5530383f5434353&rnd=53n0zu6ee4nr&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 1332 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c15409df4333-FRA content-length 24217 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame CC1B	2 KB 1 KB	62ms 62ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 557 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c1541a474333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame CC1B	2 KB 1 KB	38ms 38ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=7ddf8f8d485040a3a069760a74ccac18&nai=&si=35370&pn=&h=50&w=320&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 557 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c1542a6c4333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 1729	26 B 88 B	147ms 94ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1642277507269&rnd=53n0zu6ee4nr&ifm=1&uai=1&cid=544&s=www.ads4allweb.de&p=43241&x=rekmob&adtg=f92a43a687bb491bb9f1e58a8c68f222&ats=0&atf=&nsi=&si=35370&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 341 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c154e8c84a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 1729	26 B 303 B	139ms 86ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1642277507256494&ver=1.2r81&qid=230383f5530383f5434353&p=43241&s=www.ads4allweb.de&x=rekmob&cid=544&od1=&od2=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nci=&nai=&si=35370&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=53n0zu6ee4nr&impid=&idl=&ttduid=&id5=&emh=&tps=19&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&os=&mm=&di=&ip=84.19.175.165&ci=&pp=&bp=&w=468&h=60&pn=&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=31&icp=https%253A//crypto-fire.website&irfl=114&irf=https%253A//www.ads4allweb.de/api/kamp/rota.php%253Fsidfl_eq54497fl_np544uidfl_eq5441055fl_np544artfl_eq544traffic&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-17-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=22 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 556 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c154e8ca4a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	206	160X600.mp4 media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/ Frame 4ACA	282 KB 283 KB	40ms 40ms	Media video/mp4	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/160X600.mp4?_u=1253412 Requested by Host: media.bmcdn2.com URL: https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 660c2ba448162304662108d912ce77aee6c54fdcf2627e63a4728e17ba40954e Request headers Referer https://media.bmcdn2.com/html5/99c42db0-6507-11ec-bd3d-33633a81dde2af6b1067-f3ac-4923-8833-8f2926ecfb3c5ea2c18e708b382d31eb0c6c/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Mon, 13 Dec 2021 10:41:46 GMT server cloudflare age 3452 etag "61b7236a-467b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzF231aXdKEDYQ4Ad6v13ojo4LtoXUOfhOHp7zLerTMUdpJ6hZYvseh7xtv%2BhbAXQE5JR156BZiEBQlfNAbkskGKne9S3I04%2Bm6NEk3IGRTMbldzI52V4DwY%2BwsB7dNtsuwlYiK1LC50RYTd%2F4M%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-288693/288694 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6ce1c154becd4dca-FRA Content-Length 288694
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame CC1B	31 KB 24 KB	29ms 29ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1642277507301&ver1=2.2.3&qid=230383f5530383f5434353&rnd=8a21462qyeru&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=7ddf8f8d485040a3a069760a74ccac18&nai=&si=35370&pn=&h=50&w=320&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 1332 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c154bbe24333-FRA content-length 24217 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	style.css jefffm.de/ Frame EE86	2 KB 2 KB	229ms 228ms	Stylesheet text/css	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://jefffm.de/style.css Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 1ebd484ba31b9baa99927a85e0d885d9969e6a390faff9abd7644b7bfdb90c92 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Tue, 29 Sep 2020 17:48:25 GMT server nginx etag "5f737369-845" strict-transport-security max-age=15768000; includeSubDomains content-type text/css accept-ranges bytes content-length 2117 x-xss-protection 1; mode=block
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame EE86	146 KB 51 KB	45ms 45ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a1a52f080b2c96fc14ea24d9a186d4317cec318b13975817efa6cb7043446798 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51976 x-xss-protection 0 server cafe etag 12283989819064983479 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:47 GMT
GET H2	200	logo.gif jefffm.de/images/ Frame EE86	2 KB 2 KB	226ms 226ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://jefffm.de/images/logo.gif Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash b58d7f06bae5f9dfccec0c9b53a77640694a38b068bc53687052ddc125b5eb1f Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Tue, 29 Sep 2020 17:45:07 GMT server nginx etag "5f7372a3-63f" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 1599 x-xss-protection 1; mode=block
GET H2	200	welcome.gif jefffm.de/images/ Frame EE86	13 KB 14 KB	226ms 226ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://jefffm.de/images/welcome.gif Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 9b5eb1d12ee14b27244e1846d6539989615a4714b96c9cc663fa05997dc00ba0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Thu, 22 Mar 2007 21:43:48 GMT server nginx etag "4602f894-35ea" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 13802 x-xss-protection 1; mode=block
GET H2	200	/ Show response media.hubuhost.com/ Frame EE86	435 B 401 B	29ms 28ms	Script text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://media.hubuhost.com/?key=15A17 Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 65b7dc45dab8b6ef4b8061c392704b0c863b88385c50df0c3ca04ad33280ffdc Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx x-frame-options deny vary Accept-Encoding content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	200 OK	normalize.css www.ab-webservice.de/ads/templates/Rot-Pro-Slider-Responsive/ Frame B582	8 KB 3 KB	69ms 28ms	Stylesheet text/css	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/templates/Rot-Pro-Slider-Responsive/normalize.css Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 55c1bb92a7115597656f0927f5c2d037ea9fcac4f46d001fb9ce1d33f454bc81 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Fri, 07 Feb 2020 14:50:33 GMT Server Apache ETag "2024-59dfd82f60040-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 2622
GET H/1.1	200 OK	amstyle.css www.ab-webservice.de/ads/templates/Rot-Pro-Slider-Responsive/ Frame B582	16 KB 4 KB	69ms 28ms	Stylesheet text/css	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/templates/Rot-Pro-Slider-Responsive/amstyle.css Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 57352ee247f681194d2fe032b5d335e9d40f77a1d05af507c1e0bdfeed822c73 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Fri, 07 Feb 2020 17:26:49 GMT Server Apache ETag "3f15-59dffb1d06840-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 4101
GET H/1.1	200 OK	wbmtext.css www.ab-webservice.de/ads/show/ Frame B582	1 KB 722 B	71ms 19ms	Stylesheet text/css	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/show/wbmtext.css Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 0a371f72cfe0221e6ec8b6b83ba56e0f4355df70bb554bfb041ee0b3eeb14b3e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Fri, 07 Feb 2020 14:02:18 GMT Server Apache ETag "50b-59dfcd667ce80-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 439
GET H/1.1	200 OK	slimmenu.min.css www.ab-webservice.de/ads/js/slimmenu/ Frame B582	3 KB 1 KB	73ms 21ms	Stylesheet text/css	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/slimmenu/slimmenu.min.css Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 5b3fc862bf9c0e40ea381eab09ad516945373bede74e1a510fb3908ddc6578e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Fri, 07 Feb 2020 17:30:19 GMT Server Apache ETag "cca-59dffbe54c0c0-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1046
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame B582	95 KB 34 KB	70ms 18ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 11 Jan 2022 08:47:47 GMT content-encoding gzip x-content-type-options nosniff age 386640 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jan 2023 08:47:47 GMT
GET H/1.1	200 OK	jquery.bxslider.min.js Show response www.ab-webservice.de/ads/js/bxslider/ Frame B582	19 KB 5 KB	74ms 22ms	Script application/javascript	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/bxslider/jquery.bxslider.min.js Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Thu, 20 Feb 2020 15:37:51 GMT Server Apache ETag "4b9f-59f03b00e51c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 5162
GET H/1.1	200 OK	jquery.bxslider.css www.ab-webservice.de/ads/js/bxslider/ Frame B582	4 KB 2 KB	73ms 21ms	Stylesheet text/css	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/bxslider/jquery.bxslider.css Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash b9b6c7f7f4a3878eb64d5c9896b8141ba35332a91149b2de96dbcbd30440b5e4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Thu, 20 Feb 2020 15:37:51 GMT Server Apache ETag "f16-59f03b00e51c0-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1290
GET H/1.1	200 OK	text.jpg www.ab-webservice.de/ads/js/bxslider/uploads/ Frame B582	42 KB 42 KB	88ms 27ms	Image image/jpeg	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ab-webservice.de/ads/js/bxslider/uploads/text.jpg Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 9d770f2da304d23a2532b5300faeeb235043025d0b2fd48403ce4544be000547 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Mon, 10 Feb 2020 14:07:44 GMT Server Apache ETag "a6ea-59e39435c4c00" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 42730
GET H/1.1	200 OK	text_banner.jpg www.ab-webservice.de/ads/js/bxslider/uploads/ Frame B582	43 KB 43 KB	91ms 28ms	Image image/jpeg	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ab-webservice.de/ads/js/bxslider/uploads/text_banner.jpg Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 5321cde8bfd135c9e75ac94a598a7cc5684ff227e0a6b330f1f8e325edf5bbd1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Mon, 10 Feb 2020 14:07:51 GMT Server Apache ETag "aca6-59e3943c71bc0" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 44198
GET H/1.1	200 OK	banner.jpg www.ab-webservice.de/ads/js/bxslider/uploads/ Frame B582	40 KB 40 KB	77ms 20ms	Image image/jpeg	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ab-webservice.de/ads/js/bxslider/uploads/banner.jpg Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash e21b78a035456229bb94673b437307aa183fb5ce63c9ac827de3b7d61d98b9e9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Mon, 10 Feb 2020 14:07:58 GMT Server Apache ETag "a07a-59e394431eb80" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 41082
GET H/1.1	200 OK	jquery.slimmenu.js Show response www.ab-webservice.de/ads/js/slimmenu/ Frame B582	5 KB 2 KB	72ms 31ms	Script application/javascript	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/slimmenu/jquery.slimmenu.js Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash ba06e356d46090c73208cb1daf5efc118101fffed0427338d47762c8da71eebd Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Thu, 20 Feb 2020 15:34:57 GMT Server Apache ETag "15e7-59f03a5af4a40-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1468
GET H2	200	jquery.easing.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/ Frame B582	2 KB 2 KB	101ms 56ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 743620 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 747 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:45 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec1-9e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpL3lmE48lFkEZa8Tgmv8WxXKb2XPmqZwhBshaO9TmD2AiUdBEOJIbMCkKVv8%2BA4gUDBbK7WSAvbJODUmfO8%2FnZUVjB9HKftYyuD4jl7OOQwZGjPH9JV9fDpZjuqSSzPOED7Ih6wykOJ6bcrNCso84oE"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6ce1c155cbef5b80-FRA expires Thu, 05 Jan 2023 20:11:47 GMT
GET H/1.1	200 OK	insert.js Show response www.ab-webservice.de/ads/js/ Frame B582	7 KB 2 KB	77ms 25ms	Script application/javascript	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/insert.js Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 0ac7b424160cefe03165827ef3060ad210c0f7d3c09251a52754182c92aaf973 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Thu, 20 Feb 2020 15:33:14 GMT Server Apache ETag "1c0f-59f039f8ba280-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1725
GET H/1.1	200 OK	cookieconsent.min.css www.ab-webservice.de/ads/js/cookieconsent/build/ Frame B582	4 KB 1 KB	83ms 25ms	Stylesheet text/css	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/cookieconsent/build/cookieconsent.min.css Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 975765051eef957f012add3201e2c6fc03fbef0676381270ce4fc79721606b17 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Thu, 20 Feb 2020 15:36:34 GMT Server Apache ETag "f8d-59f03ab776480-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1205
GET H/1.1	200 OK	cookieconsent.min.js Show response www.ab-webservice.de/ads/js/cookieconsent/build/ Frame B582	19 KB 7 KB	83ms 25ms	Script application/javascript	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ab-webservice.de/ads/js/cookieconsent/build/cookieconsent.min.js Requested by Host: www.ab-webservice.de URL: https://www.ab-webservice.de/ads/index.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.mega-ad.de Software Apache / Resource Hash 6cf39def463ca2129ab469a32fab6ccddbdea696190ae9ec51f2ceabbbfc241c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ab-webservice.de/ads/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Content-Encoding gzip Last-Modified Thu, 20 Feb 2020 15:36:34 GMT Server Apache ETag "4d7d-59f03ab776480-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 6530
GET H/1.1	200 OK	1783915 Show response ad.a-ads.com/ Frame 72BF	6 KB 2 KB	30ms 30ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1783915?size=728x90 Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 4d03429b787ec73ba0e014e2813dbd399b0ff6f6517d66e0585df5a5e75ad617 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:47 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://jefffm.de/ Content-Encoding gzip
GET H/1.1	200 OK	rota.php Show response www.ads4allweb.de/api/kamp/ Frame 9037	141 B 407 B	32ms 32ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 7fc4ad99a3739b25e4a848550de31ce564269e6c6a7fb503b45ac8a369b42dc8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 147 Keep-Alive timeout=5, max=92 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	206	audio.mp3 listen.openstream.co/4379/ Frame EE86	0 0	45ms 45ms	Media text/html	63.34.73.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://listen.openstream.co/4379/audio.mp3 Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.73.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-73-39.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://jefffm.de/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers
GET H2	200	4126WQs.gif adpro.netzwerk-ad.de/advertiser/uploads/ Frame D151	565 KB 566 KB	31ms 31ms	Image image/gif	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://adpro.netzwerk-ad.de/advertiser/uploads/4126WQs.gif Requested by Host: adpro.netzwerk-ad.de URL: https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Fri, 17 Dec 2021 16:14:10 GMT server nginx x-powered-by PleskLin etag "8d557-5d359d44ba58e" x-cache-status BYPASS content-type image/gif accept-ranges bytes content-length 578903
GET H2	200	vbl.gif pre.glotgrx.com/ Frame CC1B	26 B 84 B	40ms 39ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1642277507400&rnd=8a21462qyeru&ifm=1&uai=1&cid=544&s=www.ads4allweb.de&p=43241&x=rekmob&adtg=f92a43a687bb491bb9f1e58a8c68f222&ats=0&atf=&nsi=&si=35370&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 341 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c15559f84a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame CC1B	26 B 84 B	35ms 34ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1642277507371822&ver=1.2r81&qid=230383f5530383f5434353&p=43241&s=www.ads4allweb.de&x=rekmob&cid=544&od1=&od2=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nci=&nai=&si=35370&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=8a21462qyeru&impid=&idl=&ttduid=&id5=&emh=&tps=19&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&os=&mm=&di=&ip=84.19.175.165&ci=&pp=&bp=&w=468&h=60&pn=&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=3&icpl=31&icp=https%253A//crypto-fire.website&irfl=114&irf=https%253A//www.ads4allweb.de/api/kamp/rota.php%253Fsidfl_eq54497fl_np544uidfl_eq5441055fl_np544artfl_eq544traffic&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-17-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=36 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 556 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c15559fb4a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H/1.1	200 OK	728x90 static.a-ads.com/a-ads-banners/118231/ Frame 72BF	683 KB 684 KB	23ms 22ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1783915?size=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Sun, 26 Apr 2020 07:21:07 GMT Server nginx x-amz-request-id 8AK1RZ4T75RT3T8R ETag "241238ff9e1a7f85dbec8aa10f72f723" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 699692 Connection keep-alive Accept-Ranges bytes x-amz-version-id t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h x-amz-id-2 t031adV9xtnz2oxSr3C6K6eA5CBbna7uK1Rz2Bu8i87kUQuVuL28g61xbjiVWbawlLSDzYQceA0= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/ Frame EE86	279 KB 100 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=jefffm.de&bust=31064017 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6b4714e6a43807d19009cb8ebadbe35e7f00774b93ca288d977ca0957fc5a528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102650 x-xss-protection 0 server cafe etag 8437853065316740132 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:47 GMT
GET H/1.1	200 OK	count.php Show response www.ads4allweb.de/api/ Frame 9037	4 KB 2 KB	31ms 31ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 35ad49cf7b2ed2454d120288a46618f481f5ac49c627863e225a117889016faa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 1402 Keep-Alive timeout=5, max=91 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/ Frame 9037	85 KB 30 KB	23ms 21ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1538f" vary Accept-Encoding x-hw 1642277507.dop143.fr8.t,1642277507.cds231.fr8.hn,1642277507.cds057.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H/1.1	200 OK	adframe.js Show response www.ads4allweb.de/api/ad/ Frame 9037	18 B 297 B	25ms 24ms	Script application/javascript	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/ad/adframe.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash fb1de05487cbd9748085d35910b6f9877706b2a63c3cd64e2fadb9c318cb0505 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Fri, 16 Aug 2019 11:59:04 GMT Server Apache ETag "12-5903ab775b200" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 18
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/ Frame 9037	96 KB 29 KB	25ms 25ms	Script application/javascript	2600:9000:214f:8000:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8000:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 03:05:40 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 18:35:51 GMT server AmazonS3 age 61576 etag "78cf0f1f296c61b336db981022359dbc" x-cache Hit from cloudfront content-type application/javascript via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 content-length 29778 x-amz-cf-id o5tm2y_09Tga4pLL2HhgmTvotvADiht7t7lZFIoicJzgcCW2rSPIPQ==
GET H2	200	p_script.php Show response www.sponsortown.de/v3/ Frame 9037	452 B 450 B	30ms 30ms	Script text/html	5.35.252.146 GD-EMEA-DC-SXB1
General Check archive.org Show headers Download Go to Full URL https://www.sponsortown.de/v3/p_script.php?pid=6120&intro=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.35.252.146 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE), Reverse DNS rs244210.rs.hosteurope.de Software nginx / PHP/7.2.34, PleskLin Resource Hash c7ccdc3fcd991f8916e68c1fa3938d016b78ee0fc652715a320349e8f536c364 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx x-powered-by PHP/7.2.34, PleskLin content-length 303 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame EE86	107 B 122 B	34ms 34ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame EE86	107 B 122 B	33ms 33ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame C050	603 B 65 B	39ms 39ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7322400680000432&output=html&adk=1812271804&adf=690015218&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jefffm.de%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642277507427&bpp=2&bdt=142&idt=83&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&nras=1&correlator=6717010456154&frm=8&ife=1&pv=2&ga_vid=1575878626.1642277508&ga_sid=1642277508&ga_hid=149000824&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3312077908&scr_x=-12245933&scr_y=-12245933&eid=44750774%2C31064017&oid=2&pvsid=2531967083153566&pem=155&tmod=304&top=https%3A%2F%2Fcrypto-fire.website&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.agd5dqo20xt4&fsb=1&dtd=103 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sat, 15 Jan 2022 20:11:47 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame 9037	122 KB 39 KB	48ms 47ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 833af79fceebd91289eb5aac891019a7e5bd2a99f74fbd8d8430f52d6f908f2d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-1e6ef" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 16 Jan 2022 20:11:47 GMT
GET H/1.1	200 OK	pix ads.rekmob.com/retarget/ Frame 9037 Redirect Chain https://x.bidswitch.net/sync?ssp=reklamstore https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=44bM08SXVgRobMzbXnzwYKHb&ssp=reklamstore https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1	35 B 403 B	28ms 28ms	Image image/gif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:22 GMT Server nginx/1.9.6 Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers Location //ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Date Sat, 15 Jan 2022 20:11:47 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 9037	320 B 621 B	23ms 22ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1090192 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 93c1766e021bb747cb54ebd99734cc9e878c10fe9608122e3d2c8f52465f54e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:22 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame 9037	82 KB 33 KB	27ms 27ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9eeead7da0c3d1c131af3727ec19b2289ea8256adaf0a84022d864148536ceb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33317 x-xss-protection 0 last-modified Sat, 15 Jan 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jan 2022 20:11:47 GMT
GET H/1.1	200 OK	textlinks.php Show response www.ads4allweb.de/ads/ Frame 79D3	319 B 486 B	21ms 21ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/ads/textlinks.php Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 3557761eeead595148091109ff52cf6c83162ddd7135cba55d6a57d7c59f3115 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 251 Keep-Alive timeout=5, max=89 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	/ Show response ebesucher-klicker.de/ Frame 7DF7	8 KB 3 KB	28ms 27ms	Document text/html	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://ebesucher-klicker.de/ Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin Resource Hash 2adec4fc39729f74d084a42e96efd44f3760820b12e2de91777f43ab63e7cdce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html; charset=UTF-8 content-length 2833 x-powered-by PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding content-encoding gzip
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 9037	322 B 621 B	21ms 21ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1103918 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash b910f4f743abe988a31010affca9069c3a13151c785fdc5189fb78f7f674c00a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:22 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H2	200	jw.js Show response c.blyatflix.de/ Frame EE86	2 KB 745 B	29ms 29ms	Script text/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/?key=15A17 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash cd849d3bc4887050022d0a1de2da04125caf32ea35f08ef0ba45fed317ae3530 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip vary Accept-Encoding server nginx x-xss-protection 1; mode=block strict-transport-security max-age=15768000; includeSubDomains content-type text/javascript; charset=utf-8
GET H/1.0	200 OK	2251 str5.openstream.co/ Frame 4B40 Redirect Chain https://listen.openstream.co/6172/audio https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2...	128 KB 0	1815ms 873ms	Media audio/mpeg	141.95.53.179 OVH
General Check archive.org Show headers Download Go to Full URL https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.0 Server 141.95.53.179 , France, ASN16276 (OVH, FR), Reverse DNS vps-a014f2b6.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers icy-genre Pop/Dance/HipHop/Trance Pragma no-cache icy-name Radio4Users Server Icecast 2.3.3 kh11 8.6.5 icy-br 128 icy-url https://ebesucher-klicker.de/ Instance-id 5375f500897af48552f828bc12ed9cd3 Cache-Control no-cache icy-pub 1 Connection close Content-Type audio/mpeg icy-metaint 0 icy-description Unspecified description Expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Sat, 15 Jan 2022 20:11:47 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame 9037	152 B 988 B	52ms 52ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c03e3e436c3361bb57f0de109f1c67a44e21e601f730b5dcf8dbd96e9c31036 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:47 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 003a73fe-921e-4c31-9fd1-4d2ca981e0c7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 152 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame 9037	33 B 587 B	56ms 56ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__V2No05TdyVTnBHd3Fbwy Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 46fa884b007929e0171e126ef42fa863a5d96b4e1d8e757e53e39e6978502988 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 9037	4 KB 2 KB	40ms 40ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=f92a43a687bb491bb9f1e58a8c68f222&ufid=V2No05TdyVTnBHd3Fbwy&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__V2No05TdyVTnBHd3Fbwy&ref=www.ads4allweb.de&_=1642277507612&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 493fb34aa7f9b959bb57fe3b11a501daa6a22510dbca37bb04894f0c7ec937a4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:22 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 9037	0 179 B	23ms 23ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:47 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame 9037	151 B 987 B	23ms 23ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash ea7a3ef22ee912a57f23e96cb599bf3c56cafb24a959bf8175cdbbbc4030439f Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:47 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 57d69e8b-982a-4f81-953b-0f9027bbb31e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 151 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame 9037	33 B 587 B	63ms 62ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTExNDMxMTk%3D&callback=adf__qE2jNCn00SL1t68Ono4e Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 538d4222eb4d1bb5b5f1de0e6c14a6e0007fdaa9da5a930a8c8c2e67063060aa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 9037	4 KB 2 KB	45ms 45ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=7ddf8f8d485040a3a069760a74ccac18&ufid=qE2jNCn00SL1t68Ono4e&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__qE2jNCn00SL1t68Ono4e&ref=www.ads4allweb.de&_=1642277507614&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 427e53a9627d5c96f74d94a3f78d164c64b70b88a84c7838286d4ef5c14a8441 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:22 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	cdb Show response bidder.criteo.com/ Frame 9037	0 218 B	25ms 24ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=208&cb=75967212685 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 15 Jan 2022 20:11:47 GMT server Finatra vary Origin access-control-allow-origin https://www.ads4allweb.de access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 9037	0 179 B	23ms 22ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:47 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H2	200	tb_v.php Show response tl.adcocktail.com/ Frame 79D3	2 KB 513 B	77ms 77ms	Script text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tl.adcocktail.com/tb_v.php?uid=1867&wsid=28382&format=468x60&reflink=off Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16d48dfa7f0b1807615fad674cc23f97276bc0af75f61ccef4f005fca2961a87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 15 Jan 2022 20:11:47 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 6ce1c156aa3a5369-FRA content-length 454 expires Wed, 11 Jan 1984 05:00:00 GMT
GET		view.php traffic-buchen.de/ Frame F5E3	0 0
GET H2	200	zone Show response adpro.netzwerk-ad.de/codes/ Frame 7DF7	434 B 602 B	290ms 289ms	Script application/javascript	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://adpro.netzwerk-ad.de/codes/zone?rcd=Mzk= Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/7.1.33, PleskLin Resource Hash 6474fd253eef05a21056df760c2d087cb436bace10ec68cab9ae2a784da7ac05 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip server nginx x-powered-by PHP/7.1.33, PleskLin x-cache-status BYPASS vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate content-length 316 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	main.css ebesucher-klicker.de/css/ Frame 7DF7	4 KB 4 KB	26ms 25ms	Stylesheet text/css	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://ebesucher-klicker.de/css/main.css Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash 6cae17abdeea20d73682245c12c36900184c8afea05408ac70835a6431cfbddf Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Mon, 04 Jan 2021 16:09:29 GMT server nginx x-powered-by PleskLin etag "5ff33db9-e0b" content-type text/css accept-ranges bytes content-length 3595
GET H2	200	jquery-1.10.2.js Show response code.jquery.com/ Frame 7DF7	267 KB 79 KB	20ms 20ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.10.2.js Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:07 GMT server nginx etag W/"54499a47-42b2f" vary Accept-Encoding x-hw 1642277507.dop143.fr8.t,1642277507.cds231.fr8.hn,1642277507.cds041.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80743
GET H2	200	logo.png ebesucher-klicker.de/images/ Frame 7DF7	32 KB 32 KB	44ms 44ms	Image image/png	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://ebesucher-klicker.de/images/logo.png Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash 3acc0c14d8b48cbf12ea40cb135eb7007c85ea3d8e6b042fb3c912757efc2b00 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Sat, 23 Jan 2021 20:21:24 GMT server nginx x-powered-by PleskLin etag "600c8544-809f" content-type image/png accept-ranges bytes content-length 32927
GET H/1.1	200 OK	script-v2.js Show response s3.amazonaws.com/valao-cloud/cookie-hinweis/ Frame 7DF7	4 KB 5 KB	114ms 113ms	Script application/javascript	52.217.83.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script-v2.js Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.83.182 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b9ba2c9588f6fe8aa9a056868f9d4f806cc27297dae91ec3192c0de7cf2f334e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:48 GMT Last-Modified Thu, 31 Jan 2019 08:10:46 GMT Server AmazonS3 x-amz-request-id BVHKVAC17SWXHBDH ETag "415fbfba67f3f5cb671dce2781f21ed1" Content-Type application/javascript Accept-Ranges bytes Content-Length 4265 x-amz-id-2 Pl3qCNQ259S2zeaUzRjAfb2TxGpjItb2pROJ35j45ExwP3HMKN4VnsNwsZpHfpeaHi6+077Fq1w=
GET H/1.1	401 Authorization required	1470 str4.openstream.co/ Frame EE86 Redirect Chain https://listen.openstream.co/6623/audio https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en...	0 116 B	466ms 466ms	Media text/plain	51.38.51.167 OVH
General Check archive.org Show headers Download Go to Full URL https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol HTTP/1.1 Server 51.38.51.167 , France, ASN16276 (OVH, FR), Reverse DNS vps-ab28582c.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Server Icecast 2.3.3 kh11 8.6.5 Redirect headers date Sat, 15 Jan 2022 20:11:47 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET		/ thisis.aninter.net/ Frame EE86	0 0
GET H/1.1	200 OK	1717829 Show response ad.a-ads.com/ Frame A48F	6 KB 2 KB	34ms 34ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1717829?size=468x60 Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 4adb83d57ed755850a235e0cd727e146309852c935468f508d20bc817df7819a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:47 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://ebesucher-klicker.de/ Content-Encoding gzip
GET H2	200	banner Show response adpro.netzwerk-ad.de/codes/ Frame 8DBA	450 B 609 B	240ms 240ms	Document text/html	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/7.1.33 PleskLin Resource Hash 7a2ffda8add383e665ea9e2292531a29587bd1acd4f77849a9cd0e268c26ff28 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:47 GMT content-type text/html; charset=UTF-8 content-length 321 x-powered-by PHP/7.1.33 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding content-encoding gzip x-cache-status BYPASS
GET H2	200	syncframe Show response gum.criteo.com/ Frame CD8C	9 KB 4 KB	85ms 30ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto-fire.website Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 2505 date Sat, 15 Jan 2022 20:11:47 GMT content-length 4160 strict-transport-security max-age=31536000; preload;
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 9037	2 KB 1 KB	30ms 30ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 557 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c156da524333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 9037	2 KB 1 KB	28ms 28ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=7ddf8f8d485040a3a069760a74ccac18&nai=&si=35370&pn=&h=50&w=320&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 557 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c156ea724333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H/1.1	200 OK	468x60 static.a-ads.com/a-ads-banners/117620/ Frame A48F	156 KB 157 KB	22ms 22ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1717829?size=468x60 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:47 GMT Last-Modified Sun, 19 Apr 2020 16:08:09 GMT Server nginx x-amz-request-id 7EZ376GTFZAZQ10H ETag "d89cd17d5e22adfb5532615d116d84b8" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 160195 Connection keep-alive Accept-Ranges bytes x-amz-version-id LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4 x-amz-id-2 QbrBXmBv2znSSc/73Ug1P+4Z2dSLwtFbuOH+PCfTNfuhuskGmX4B3w64873wntyJrodXD9vHuRs= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 9037	31 KB 24 KB	30ms 30ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1642277507686&ver1=2.2.3&qid=230383f5530383f5434353&rnd=0d8trr0nihtu&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 1332 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c1571ada4333-FRA content-length 24217 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 9037	26 B 84 B	79ms 79ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1642277507768&rnd=0d8trr0nihtu&ifm=1&uai=1&cid=544&s=www.ads4allweb.de&p=43241&x=rekmob&adtg=f92a43a687bb491bb9f1e58a8c68f222&ats=0&atf=&nsi=&si=35370&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 341 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c157f9584a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 9037	26 B 84 B	79ms 79ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1642277507755818&ver=1.2r81&qid=230383f5530383f5434353&p=43241&s=www.ads4allweb.de&x=rekmob&cid=544&od1=&od2=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nci=&nai=&si=35370&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=0d8trr0nihtu&impid=&idl=&ttduid=&id5=&emh=&tps=19&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&os=&mm=&di=&ip=84.19.175.165&ci=&pp=&bp=&w=468&h=60&pn=&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=4&icpl=31&icp=https%253A//crypto-fire.website&irfl=114&irf=https%253A//www.ads4allweb.de/api/kamp/rota.php%253Fsidfl_eq54497fl_np544uidfl_eq5441055fl_np544artfl_eq544traffic&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-17-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=19 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 556 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c157f9624a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:47 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame CD8C Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=0&topUrl=crypto-fire.website&lsw=1 https://mug.criteo.com/sid?cpp=KURGh3xwUlJwcmtDM2dZNU5PS0Ywcng5bTV2cFpqQ3c4NlJYdmtHMVJMTmR0MlB6ZG5GbFRhcFQxMGZuWEFjYzFOMytlMVptZHdUVDc0ckVlRzZpMDhSdXlpVGRNMUpRRXhzVm9tZnVFKzYvUWdxR0dLOENIWEkzZjh5YW...	441 B 650 B	82ms 27ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=KURGh3xwUlJwcmtDM2dZNU5PS0Ywcng5bTV2cFpqQ3c4NlJYdmtHMVJMTmR0MlB6ZG5GbFRhcFQxMGZuWEFjYzFOMytlMVptZHdUVDc0ckVlRzZpMDhSdXlpVGRNMUpRRXhzVm9tZnVFKzYvUWdxR0dLOENIWEkzZjh5YW1uNkxUcEUxSHZSZG1QRkdzRnQ1VkhuZ21kaFFFRzdIVTFKdnFxNGNHM0VWeDZmS0JxWG5ZY0l2RFljNmdSU0U4RlgwaWNDZFhWUWVCS04yMDZlWk4xbWI2QW5rY0hoZVFET0pUQmpLYnB5ZzZET0ZRN2JPeDdQYVVSZ3A3N1BjUFJWTllKWGQ0YlYvcUhwdGFJWlFaTWVnN05uVk5CN2ZZSmhCeTVYWDB5T2hrMjJoY1VIWDI3ZGxrMmVnOFg5eG9IRnd0a3lsS3w&cppv=2 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 79d4cd6a658bdf3e74339ed967d1a110867c34a14e1817d03e2120545fbc2d6f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 4169 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 15 Jan 2022 20:11:47 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=KURGh3xwUlJwcmtDM2dZNU5PS0Ywcng5bTV2cFpqQ3c4NlJYdmtHMVJMTmR0MlB6ZG5GbFRhcFQxMGZuWEFjYzFOMytlMVptZHdUVDc0ckVlRzZpMDhSdXlpVGRNMUpRRXhzVm9tZnVFKzYvUWdxR0dLOENIWEkzZjh5YW1uNkxUcEUxSHZSZG1QRkdzRnQ1VkhuZ21kaFFFRzdIVTFKdnFxNGNHM0VWeDZmS0JxWG5ZY0l2RFljNmdSU0U4RlgwaWNDZFhWUWVCS04yMDZlWk4xbWI2QW5rY0hoZVFET0pUQmpLYnB5ZzZET0ZRN2JPeDdQYVVSZ3A3N1BjUFJWTllKWGQ0YlYvcUhwdGFJWlFaTWVnN05uVk5CN2ZZSmhCeTVYWDB5T2hrMjJoY1VIWDI3ZGxrMmVnOFg5eG9IRnd0a3lsS3w&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1719 content-length 594 expires 0
GET H2	200	4126WQs.gif adpro.netzwerk-ad.de/advertiser/uploads/ Frame 8DBA	565 KB 566 KB	39ms 39ms	Image image/gif	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://adpro.netzwerk-ad.de/advertiser/uploads/4126WQs.gif Requested by Host: adpro.netzwerk-ad.de URL: https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:47 GMT last-modified Fri, 17 Dec 2021 16:14:10 GMT server nginx x-powered-by PleskLin etag "8d557-5d359d44ba58e" x-cache-status BYPASS content-type image/gif accept-ranges bytes content-length 578903
GET H/1.0	200 OK	2251 str5.openstream.co/ Frame 7DF7 Redirect Chain https://listen.openstream.co/6172/audio https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2...	128 KB 0	1833ms 992ms	Media audio/mpeg	141.95.53.179 OVH
General Check archive.org Show headers Download Go to Full URL https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.0 Server 141.95.53.179 , France, ASN16276 (OVH, FR), Reverse DNS vps-a014f2b6.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers icy-genre Pop/Dance/HipHop/Trance Pragma no-cache icy-name Radio4Users Server Icecast 2.3.3 kh11 8.6.5 icy-br 128 icy-url https://ebesucher-klicker.de/ Instance-id 5375f500897af48552f828bc12ed9cd3 Cache-Control no-cache icy-pub 1 Connection close Content-Type audio/mpeg icy-metaint 0 icy-description Unspecified description Expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Sat, 15 Jan 2022 20:11:47 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277507%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET H/1.1	200 OK	425ed8a5b36d4914aa298c1aa1835fdc adimg.rekmob.com/ Frame 9CC0	23 KB 23 KB	107ms 18ms	Image image/jpeg	143.204.215.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/425ed8a5b36d4914aa298c1aa1835fdc Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-100.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5eaec74a8d2c88fd80c34040c61e97f366402c2fe8dc8ef6a1b3fd2e9a3c5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 03:26:56 GMT Via 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:55 GMT Server AmazonS3 Age 60293 ETag "373bb0579268fdc61771542229bc3701" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop FRA53-C1 Content-Length 23144 X-Amz-Cf-Id tv9T_2Dhh-d9mxagL7HOvDsu_nBpQrd4LFGhx3McmczkCIdcWyI-Ew==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame 9CC0	2 B 179 B	23ms 23ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=f92a43a687bb491bb9f1e58a8c68f222&udid=c54b017d56b7455197c45524f2629318&rid=NjFlMzJhODMwY2YyYTE2ZDQ4MzQzMzNh&adId=MTM1OQ== Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21210&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:23 GMT Connection keep-alive Server nginx/1.9.6 X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H/1.1	200 OK	425ed8a5b36d4914aa298c1aa1835fdc adimg.rekmob.com/ Frame F111	23 KB 23 KB	18ms 18ms	Image image/jpeg	143.204.215.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/425ed8a5b36d4914aa298c1aa1835fdc Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-100.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5eaec74a8d2c88fd80c34040c61e97f366402c2fe8dc8ef6a1b3fd2e9a3c5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 03:26:56 GMT Via 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:55 GMT Server AmazonS3 Age 60293 ETag "373bb0579268fdc61771542229bc3701" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop FRA53-C1 Content-Length 23144 X-Amz-Cf-Id VkmIovVgR5PcrqiLlwaB5wiZBYHkCGmmlxqKOMCUC-K6VhI05jZWDg==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame F111	2 B 179 B	23ms 23ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=f92a43a687bb491bb9f1e58a8c68f222&udid=0347f771e36a49f5b7c981b807b2ced7&rid=NjFlMzJhODMwY2YyNDA0NzE3ZDMyZjJm&adId=MTM1OQ== Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:23 GMT Connection keep-alive Server nginx/1.9.6 X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H/1.1	200 OK	425ed8a5b36d4914aa298c1aa1835fdc adimg.rekmob.com/ Frame D0FF	23 KB 23 KB	29ms 29ms	Image image/jpeg	143.204.215.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/425ed8a5b36d4914aa298c1aa1835fdc Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-100.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5eaec74a8d2c88fd80c34040c61e97f366402c2fe8dc8ef6a1b3fd2e9a3c5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 03:26:56 GMT Via 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:55 GMT Server AmazonS3 Age 60294 ETag "373bb0579268fdc61771542229bc3701" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop FRA53-C1 Content-Length 23144 X-Amz-Cf-Id L2FJABr9REQlVp6v1kUUN5xbXM1FBDt-S-FQnKlE4dbevh_6tk0hHg==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame D0FF	2 B 179 B	40ms 40ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=f92a43a687bb491bb9f1e58a8c68f222&udid=9aa80788b50e4ce09721bbadaa26d08c&rid=NjFlMzJhODMwY2YyYTE2ZDQ4MzQzMzQx&adId=MTM1OQ== Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=21175&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:23 GMT Connection keep-alive Server nginx/1.9.6 X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H2	200	/ cdn.bmcdn2.com/confirm/7d694aa1-4332-4fb6-a775-6e69b9cf75bb/	0 413 B	144ms 144ms	Image text/plain	2606:4700:20::681a:9ca CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bmcdn2.com/confirm/7d694aa1-4332-4fb6-a775-6e69b9cf75bb/?fid=96ee72b272892abe60dfa493a462b4e0 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9ca , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:49 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAHPE07WxX62pn%2BUcTjO3dLFfV3ZJJ8BqWS%2BBooog2U9qEegki3kkra92LqJJxbEtLDySgWFwOM3tYFtmK1ZwN9TuWibtHn9%2B3Ysp77Q3HIhvLHaRsmmdYrMr3Rif1%2BaOzEW%2Bsnxw1pOCbRA"}],"group":"cf-nel","max_age":604800} cf-ray 6ce1c1642a7a4dca-FRA content-length 0
GET H/1.1	200 OK	light-floating.css s3.amazonaws.com/valao-cloud/cookie-hinweis/ Frame 4B40	4 KB 4 KB	115ms 114ms	Stylesheet text/css	52.217.83.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/light-floating.css Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script-v2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.83.182 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 0b5dfe1fee3ff0e0ce2f41e6f1a99a4fffe0cec83f8f419e2a91fe4ea97a5860 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:50 GMT Last-Modified Thu, 13 Jun 2019 19:15:46 GMT Server AmazonS3 x-amz-request-id M0D63XV58D43XNK7 ETag "53186ade4d0003e8bacd7843c10a5b16" Content-Type text/css Accept-Ranges bytes Content-Length 3631 x-amz-id-2 urdg9jgj7es+Sj/Ij4ZG6o6ShbjVqSnaCEA7ny478HsQ3r9uTx/pFnIU4lErWQV9kaq+fXT0xc0=
GET H2	200	syncframe Show response gum.criteo.com/ Frame 1F01	9 KB 4 KB	26ms 26ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto-fire.website Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 3358 date Sat, 15 Jan 2022 20:11:49 GMT content-length 4160 strict-transport-security max-age=31536000; preload;
GET H2	200	sid Show response mug.criteo.com/ Frame 1F01 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=2&topUrl=crypto-fire.website&bundle=npgSFV9oWHlDMTlhZ2p3Q051QTcwUkpPMWFJUDJJVHpLQmw5WnNBempDVnZnTm... https://mug.criteo.com/sid?cpp=f-cWgHx4T0YrUHNubzI1cTJob25IbkJZL01wSjlGWjdFRUJZWnQwekxVdzJrQTQzUHc5ZnpIajNieURTdXpoU0htRnR2UHNxb1ZzZkRYRWRER1NQazN6eEZmZ2Zya1IvZ3IycWNqN2NoeWx0SjNuN2JJNEhYeWZRaFk0dV...	449 B 652 B	27ms 27ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=f-cWgHx4T0YrUHNubzI1cTJob25IbkJZL01wSjlGWjdFRUJZWnQwekxVdzJrQTQzUHc5ZnpIajNieURTdXpoU0htRnR2UHNxb1ZzZkRYRWRER1NQazN6eEZmZ2Zya1IvZ3IycWNqN2NoeWx0SjNuN2JJNEhYeWZRaFk0dVdDY0NUZUpSeVNpR2RzaHM4R0lMYTBWejJHOXBUWUxIdXo3SUhaaDkyaUF2RzFHS0ZnNVBVb25ZV043NGlpU0VnT0xtOTl4N2hmL3M1UExiNlpGS1VYSEVpYVUwMmN6bmNRRXBYeGExQ2k3cG5EdGRPSE51SUU4Skd3Nng3a1pHNlhtOWYyTk9XbXA3V0VPSkVoNW9EaUpwU21wNGxzbEJjOEZMOHlRL1J2ZU0zR1d1OFNTYkh6Tyt1S3YycUttQlc5bmRzUGdvcXw&cppv=2 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 41938c2417442fce5f3731ecf29e36d2a4bb03d93de41bfcf2ef76b09154623a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:49 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3144 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 15 Jan 2022 20:11:49 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=f-cWgHx4T0YrUHNubzI1cTJob25IbkJZL01wSjlGWjdFRUJZWnQwekxVdzJrQTQzUHc5ZnpIajNieURTdXpoU0htRnR2UHNxb1ZzZkRYRWRER1NQazN6eEZmZ2Zya1IvZ3IycWNqN2NoeWx0SjNuN2JJNEhYeWZRaFk0dVdDY0NUZUpSeVNpR2RzaHM4R0lMYTBWejJHOXBUWUxIdXo3SUhaaDkyaUF2RzFHS0ZnNVBVb25ZV043NGlpU0VnT0xtOTl4N2hmL3M1UExiNlpGS1VYSEVpYVUwMmN6bmNRRXBYeGExQ2k3cG5EdGRPSE51SUU4Skd3Nng3a1pHNlhtOWYyTk9XbXA3V0VPSkVoNW9EaUpwU21wNGxzbEJjOEZMOHlRL1J2ZU0zR1d1OFNTYkh6Tyt1S3YycUttQlc5bmRzUGdvcXw&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 2508 content-length 594 expires 0
GET H/1.1	200 OK	light-floating.css s3.amazonaws.com/valao-cloud/cookie-hinweis/ Frame 7DF7	4 KB 4 KB	112ms 112ms	Stylesheet text/css	52.217.83.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/light-floating.css Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script-v2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.83.182 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 0b5dfe1fee3ff0e0ce2f41e6f1a99a4fffe0cec83f8f419e2a91fe4ea97a5860 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Last-Modified Thu, 13 Jun 2019 19:15:46 GMT Server AmazonS3 x-amz-request-id 3VVWQZEJ8EXX46MH ETag "53186ade4d0003e8bacd7843c10a5b16" Content-Type text/css Accept-Ranges bytes Content-Length 3631 x-amz-id-2 JUwNahL1f72ZZ9MW92ogSqIYohWfAyDc+W4dAbjXp/w3zBIXx2S3jwLQjJiTFsdEnk2a7aVZfTQ=
GET H2	200	syncframe Show response gum.criteo.com/ Frame 08B2	9 KB 4 KB	28ms 28ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto-fire.website Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 4344 date Sat, 15 Jan 2022 20:11:49 GMT content-length 4160 strict-transport-security max-age=31536000; preload;
GET H2	200	sid Show response mug.criteo.com/ Frame 08B2 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=2&topUrl=crypto-fire.website&bundle=FoEL_19oWHlDMTlhZ2p3Q051QTcwUkpPMWFCVXRHVnBRNmVwREolMkZrQ3pzbV... https://mug.criteo.com/sid?cpp=kl3ZgHxXUkI1b1hVcGVjOUQwSlBmZDlydER3di91eG5tOCttK1RtN1VaTWRLUng5SWxSU3lHK2FRdk1sOFI2MVRWRFJRUFVvZ2NjWnY2M3UwdHMzZVptdm9KY3piYTI5WW1RRU9sbXJqS1BIM0V1bFpvZG9xbUhwRUJLeH...	460 B 660 B	28ms 28ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=kl3ZgHxXUkI1b1hVcGVjOUQwSlBmZDlydER3di91eG5tOCttK1RtN1VaTWRLUng5SWxSU3lHK2FRdk1sOFI2MVRWRFJRUFVvZ2NjWnY2M3UwdHMzZVptdm9KY3piYTI5WW1RRU9sbXJqS1BIM0V1bFpvZG9xbUhwRUJLeHp2R1o2MDNVcDl6dTVKQlJPS0JJMWR2bnk5aEs5b1BrUFI0Sk5sVy8wWjdQQys0MXZNamdUN3h6QktUR2J2R0RxaFNzdzd2cURFZThwL2l4WmJ4ZjNJQ0xDbzNncysvYTkzdHRYV3JVVW5nQ05oUlpIS2Z2L2R5eTNSbzFLNWt0VlUycEI4SndMZXRLZXNGRGJmRVVLMmNHUVE3S2U0TkR1T25uQlNHbHM1Y21NdWtNcXNITG5QNDdyeUJRVUpiT1pLMW16VVhWU3w&cppv=2 Requested by Host: jefffm.de URL: https://jefffm.de/ Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 7e3d2764bbe8bbd0e1346ca60cf96c04ed20b7f0428245298aa8051de4246d7e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:49 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3174 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 15 Jan 2022 20:11:49 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=kl3ZgHxXUkI1b1hVcGVjOUQwSlBmZDlydER3di91eG5tOCttK1RtN1VaTWRLUng5SWxSU3lHK2FRdk1sOFI2MVRWRFJRUFVvZ2NjWnY2M3UwdHMzZVptdm9KY3piYTI5WW1RRU9sbXJqS1BIM0V1bFpvZG9xbUhwRUJLeHp2R1o2MDNVcDl6dTVKQlJPS0JJMWR2bnk5aEs5b1BrUFI0Sk5sVy8wWjdQQys0MXZNamdUN3h6QktUR2J2R0RxaFNzdzd2cURFZThwL2l4WmJ4ZjNJQ0xDbzNncysvYTkzdHRYV3JVVW5nQ05oUlpIS2Z2L2R5eTNSbzFLNWt0VlUycEI4SndMZXRLZXNGRGJmRVVLMmNHUVE3S2U0TkR1T25uQlNHbHM1Y21NdWtNcXNITG5QNDdyeUJRVUpiT1pLMW16VVhWU3w&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 2065 content-length 594 expires 0
GET H/1.1	200 OK	125b60957a4544e9af2f03e8596cdfe3 adimg.rekmob.com/ Frame 8814	20 KB 21 KB	20ms 19ms	Image image/jpeg	143.204.215.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/125b60957a4544e9af2f03e8596cdfe3 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-100.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 0d0ac9911a560fee79bbafa54a46ca817f7d852f059846c05c27ffd18409084d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 07:39:30 GMT Via 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:18 GMT Server AmazonS3 Age 46208 ETag "3b9eae4dc398c495162367411fa23564" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive X-Amz-Cf-Pop FRA53-C1 Content-Length 20583 X-Amz-Cf-Id EyC9fCWvjC-9bN_jeXigCpJh5ZArn1xhGdfMSwXwrIkaT8a226ARxQ==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame 8814	2 B 179 B	28ms 28ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=7ddf8f8d485040a3a069760a74ccac18&udid=be27d7f382fd4ae499598e21a3039aa9&rid=NjFlMzJhODMwY2YyODIxMGFmMGQ2NjBm&adId=MTM1Nw== Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=19094&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:25 GMT Connection keep-alive Server nginx/1.9.6 X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame EE86	11 KB 8 KB	56ms 31ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 412372d46fa224cc4c411572d7900556e130047cbbf11dcaa7bc8ca905a11b16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8615 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame AADD	11 KB 8 KB	61ms 37ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064017 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 981c189f072d8240faa9760e7589f3823bca038bfe9039981c510df2c2d0364c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8561 x-xss-protection 0
GET H2	200	/ Show response media.hubuhost.com/re/ Frame 0825	313 B 444 B	24ms 24ms	Document text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://media.hubuhost.com/re/?sess=4eWyl5zkmPXSmmS4xXkXQCcxLRX5OWVqqtOfJELYAmOU5zAJRxVh21bMj9X4Lb%2Be Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 7d9c57b506477ae4e935151c648e633d131fef7bee36ad6506aa75c0c2d75826 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:50 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7E97	11 KB 9 KB	55ms 33ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064115 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ee9666a526231fa67ebe2ec336d99b7e691935af0042a143505805348098f1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8714 x-xss-protection 0
GET H2	200	lds.gif media.hubuhost.com/re/ Frame 0825	7 KB 8 KB	24ms 24ms	Image image/gif	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://media.hubuhost.com/re/lds.gif Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/re/?sess=4eWyl5zkmPXSmmS4xXkXQCcxLRX5OWVqqtOfJELYAmOU5zAJRxVh21bMj9X4Lb%2Be Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash d8a3fd24717c94b02e488de14bf097f271b58c74f15e94c633114e303581e211 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/re/?sess=4eWyl5zkmPXSmmS4xXkXQCcxLRX5OWVqqtOfJELYAmOU5zAJRxVh21bMj9X4Lb%2Be User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT last-modified Thu, 21 Jan 2021 21:01:23 GMT server nginx etag "6009eba3-1dff" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 7679 x-xss-protection 1; mode=block
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame EE86	17 KB 7 KB	77ms 33ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=jefffm.de&bust=31064017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 15 Jan 2022 20:11:50 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	31ms 31ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5a53ecc46b5ad770bfa14348431d6ca4fdaee5d507876dcf1a751fead7e05a12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8467 x-xss-protection 0
GET H2	200	/ Show response media.hubuhost.com/re/ Frame 0825	245 B 386 B	28ms 26ms	Document text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://media.hubuhost.com/re/?sess=CzVnRhKXnz7vb4ZYxAPgCE5CupmBSB0M2VE4VXcMIfdokIXqFeO4SgIutWvsBbiJ Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 14e641f86fbe61ffc2e41f7c0cc844b2d20dfa831957af795dc778a73d033e23 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/re/?sess=4eWyl5zkmPXSmmS4xXkXQCcxLRX5OWVqqtOfJELYAmOU5zAJRxVh21bMj9X4Lb%2Be Response headers server nginx date Sat, 15 Jan 2022 20:11:50 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7E97	17 KB 6 KB	86ms 46ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064115 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 15 Jan 2022 20:11:50 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame AADD	17 KB 6 KB	79ms 41ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de&bust=31064017 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 15 Jan 2022 20:11:50 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	47ms 43ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31064115 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 15 Jan 2022 20:11:50 GMT
GET H2	200	/ Show response g.cash-ads.com/banner/ Frame 0825	6 KB 2 KB	21ms 21ms	Script text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://g.cash-ads.com/banner/?code=rJHSfj2%2BNDqECusCL0ZFNg%3D%3D Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/re/?sess=CzVnRhKXnz7vb4ZYxAPgCE5CupmBSB0M2VE4VXcMIfdokIXqFeO4SgIutWvsBbiJ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 9e4e0fdd320046e1b9f6b3f255bf7aad0bad3e287beed8ffb5fb785fd97cc7f6 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip server nginx x-frame-options deny vary Accept-Encoding content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H2	200	base.js Show response g.cash-ads.com/js/ Frame 0825	91 KB 37 KB	43ms 42ms	Script application/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://g.cash-ads.com/js/base.js Requested by Host: g.cash-ads.com URL: https://g.cash-ads.com/banner/?code=rJHSfj2%2BNDqECusCL0ZFNg%3D%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip last-modified Tue, 31 Aug 2021 15:27:16 GMT server nginx etag W/"612e4a54-16b34" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H2	200	jw.js Show response c.blyatflix.de/ Frame 0825	2 KB 745 B	21ms 21ms	Script text/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Requested by Host: g.cash-ads.com URL: https://g.cash-ads.com/banner/?code=rJHSfj2%2BNDqECusCL0ZFNg%3D%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash cd849d3bc4887050022d0a1de2da04125caf32ea35f08ef0ba45fed317ae3530 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:50 GMT content-encoding gzip vary Accept-Encoding server nginx x-xss-protection 1; mode=block strict-transport-security max-age=15768000; includeSubDomains content-type text/javascript; charset=utf-8
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E08	13 KB 5 KB	49ms 20ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 15 Jan 2022 19:44:47 GMT expires Sun, 15 Jan 2023 19:44:47 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 1623 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 2127	783 B 741 B	80ms 30ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9bd0effcdc880278d068a5bc8ebd840e3bef4738f7c073f5c1dc644bac0a775a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eRhELLywLpuOKr7TIUV+TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 15 Jan 2022 20:11:50 GMT date Sat, 15 Jan 2022 20:11:50 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-eRhELLywLpuOKr7TIUV+TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 201E	13 KB 5 KB	39ms 18ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 15 Jan 2022 19:44:47 GMT expires Sun, 15 Jan 2023 19:44:47 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 1623 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F020	783 B 741 B	74ms 31ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 96c44a3eb492113ded6c55a0eed9efbdfcabb1dde14e5882f7e4a8abafc3dd28 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-TJVRqyEY8RcyzQl4yyEfiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 15 Jan 2022 20:11:50 GMT date Sat, 15 Jan 2022 20:11:50 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-TJVRqyEY8RcyzQl4yyEfiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3874	13 KB 5 KB	40ms 22ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 15 Jan 2022 19:44:47 GMT expires Sun, 15 Jan 2023 19:44:47 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 1623 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 0628	783 B 737 B	71ms 31ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9417fe871fd8c9a00611766e983b3ce6fd3849063ffffe07e07454adc1a91b3e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-c3C6v9JvBshXY3inccqMFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 15 Jan 2022 20:11:50 GMT date Sat, 15 Jan 2022 20:11:50 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-c3C6v9JvBshXY3inccqMFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93D7	13 KB 5 KB	38ms 23ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Sat, 15 Jan 2022 19:44:47 GMT expires Sun, 15 Jan 2023 19:44:47 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 1623 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 956D	783 B 1 KB	65ms 29ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b87cad06a2fc1c4d19ea833298b64e5fd33e0b22f40babb80983533628c31252 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-6uKRvh7U3DLqrvn7JUQrIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 15 Jan 2022 20:11:50 GMT date Sat, 15 Jan 2022 20:11:50 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-6uKRvh7U3DLqrvn7JUQrIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response www.jefffm.de/ Frame 274D Redirect Chain https://traffic-buchen.de/view.php https://www.jefffm.de/	2 KB 1 KB	107ms 106ms	Document text/html	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/ Requested by Host: c.blyatflix.de URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 2aa636abf797b6881d39c397c17556adec4f3c0ee95196e8be530ed26b47a870 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/ Response headers server nginx date Sat, 15 Jan 2022 20:11:51 GMT content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip Redirect headers server nginx date Sat, 15 Jan 2022 20:11:50 GMT content-type text/html; charset=UTF-8 location https://www.jefffm.de strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	401 Authorization required	1470 str4.openstream.co/ Frame 0825 Redirect Chain https://listen.openstream.co/6623/audio https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277510%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en...	0 116 B	752ms 751ms	Media text/plain	51.38.51.167 OVH
General Check archive.org Show headers Download Go to Full URL https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277510%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/re/?sess=CzVnRhKXnz7vb4ZYxAPgCE5CupmBSB0M2VE4VXcMIfdokIXqFeO4SgIutWvsBbiJ Protocol HTTP/1.1 Server 51.38.51.167 , France, ASN16276 (OVH, FR), Reverse DNS vps-ab28582c.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://media.hubuhost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Server Icecast 2.3.3 kh11 8.6.5 Redirect headers date Sat, 15 Jan 2022 20:11:50 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277510%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET		/ thisis.aninter.net/ Frame 0825	0 0
GET H3	200	qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Show response pagead2.googlesyndication.com/bg/ Frame 201E	35 KB 13 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 19:59:52 GMT content-encoding br x-content-type-options nosniff age 87119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13349 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Jan 2023 19:59:52 GMT
GET H3	200	qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Show response pagead2.googlesyndication.com/bg/ Frame 8E08	35 KB 13 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 19:59:52 GMT content-encoding br x-content-type-options nosniff age 87119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13349 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Jan 2023 19:59:52 GMT
GET H3	200	qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Show response pagead2.googlesyndication.com/bg/ Frame 3874	35 KB 13 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 19:59:52 GMT content-encoding br x-content-type-options nosniff age 87119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13349 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Jan 2023 19:59:52 GMT
GET H3	200	qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Show response pagead2.googlesyndication.com/bg/ Frame 93D7	35 KB 13 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e8f18d77170af82f72cfb83f4cec093f5683a0fcffd8f126d9d2fce1a332f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 14 Jan 2022 19:59:52 GMT content-encoding br x-content-type-options nosniff age 87119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13349 x-xss-protection 0 last-modified Thu, 06 Jan 2022 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 14 Jan 2023 19:59:52 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 956D	0 0	66ms 66ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=1251317072339285&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 2127	0 0	54ms 54ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=2531967083153566&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 0628	0 0	81ms 81ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=2997807048826276&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F020	0 0	66ms 66ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=945213137904629&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H2	200	style.css www.jefffm.de/ Frame 274D	2 KB 2 KB	38ms 38ms	Stylesheet text/css	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/style.css Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 1ebd484ba31b9baa99927a85e0d885d9969e6a390faff9abd7644b7bfdb90c92 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Tue, 29 Sep 2020 17:48:25 GMT server nginx etag "5f737369-845" strict-transport-security max-age=15768000; includeSubDomains content-type text/css accept-ranges bytes content-length 2117 x-xss-protection 1; mode=block
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 274D	146 KB 51 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 252da27338fba38ca10ee83501bc52f8ace3ef57e5f4679a355cfd33eb115beb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51976 x-xss-protection 0 server cafe etag 15714099537180077169 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:51 GMT
GET H2	200	logo.gif www.jefffm.de/images/ Frame 274D	2 KB 2 KB	33ms 33ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/logo.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash b58d7f06bae5f9dfccec0c9b53a77640694a38b068bc53687052ddc125b5eb1f Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Tue, 29 Sep 2020 17:45:07 GMT server nginx etag "5f7372a3-63f" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 1599 x-xss-protection 1; mode=block
GET H2	200	welcome.gif www.jefffm.de/images/ Frame 274D	13 KB 14 KB	33ms 33ms	Image image/gif	167.86.126.136 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/welcome.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS h102.hubuhost.com Software nginx / Resource Hash 9b5eb1d12ee14b27244e1846d6539989615a4714b96c9cc663fa05997dc00ba0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Thu, 22 Mar 2007 21:43:48 GMT server nginx etag "4602f894-35ea" strict-transport-security max-age=15768000; includeSubDomains content-type image/gif accept-ranges bytes content-length 13802 x-xss-protection 1; mode=block
GET H2	200	/ Show response media.hubuhost.com/ Frame 274D	435 B 401 B	25ms 25ms	Script text/html	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://media.hubuhost.com/?key=15A17 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 65b7dc45dab8b6ef4b8061c392704b0c863b88385c50df0c3ca04ad33280ffdc Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip server nginx x-frame-options deny vary Accept-Encoding content-type text/html; charset=UTF-8 strict-transport-security max-age=15768000; includeSubDomains x-xss-protection 1; mode=block
GET H/1.1	200 OK	1783915 Show response ad.a-ads.com/ Frame 5F18	6 KB 2 KB	28ms 28ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1783915?size=728x90 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 3c160174af0c49d3eda68c47293f6ce409bea6ba1ad099999bcb5328e5d2f610 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:51 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://www.jefffm.de/ Content-Encoding gzip
GET H/1.1	200 OK	rota.php Show response www.ads4allweb.de/api/kamp/ Frame 1024	141 B 406 B	29ms 29ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 86cd44adc631805cdfadfe2d362fd742439925b45896275d36ba8a8d69b3095e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 146 Keep-Alive timeout=5, max=88 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	206	audio.mp3 listen.openstream.co/4379/ Frame 274D	0 0	45ms 45ms	Media text/html	63.34.73.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://listen.openstream.co/4379/audio.mp3 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.73.39 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-73-39.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.jefffm.de/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 201E	0 9 B	20ms 19ms	Image text/plain	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?9RN7JA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 8E08	0 9 B	19ms 19ms	Image text/plain	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?GohZZg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	jw.js Show response c.blyatflix.de/ Frame 274D	2 KB 745 B	22ms 22ms	Script text/javascript	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO Requested by Host: media.hubuhost.com URL: https://media.hubuhost.com/?key=15A17 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash cd849d3bc4887050022d0a1de2da04125caf32ea35f08ef0ba45fed317ae3530 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip vary Accept-Encoding server nginx x-xss-protection 1; mode=block strict-transport-security max-age=15768000; includeSubDomains content-type text/javascript; charset=utf-8
GET H/1.1	200 OK	728x90 static.a-ads.com/a-ads-banners/134568/ Frame 5F18	21 KB 21 KB	44ms 43ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/134568/728x90?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1783915?size=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash 0abc94bcaf3340d739852eaf411326154dff6eada8e80d0924baf566685c4b04 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Last-Modified Tue, 15 Dec 2020 10:04:53 GMT Server nginx x-amz-request-id 0B2KJEKKY1PCXHB8 ETag "c83fecc143b5af3853edbb2c55a7b657" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 21380 Connection keep-alive Accept-Ranges bytes x-amz-version-id null x-amz-id-2 ZxsgCPjyYPWAB4dn/ulyb1p9pH0YPwsCczsLOOlJ5160JVdBNMeh0XlOw2j0Yw0l3jiDb0+sA7o= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 3874	0 9 B	19ms 19ms	Image text/plain	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?0wrC1A Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 93D7	0 9 B	18ms 18ms	Image text/plain	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?KDXBpw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/ Frame 274D	278 KB 100 KB	52ms 52ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dc63319416d7b81a7c4da618d75ec674707eaa6b79c89d171fa31b9a2594635a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 102629 x-xss-protection 0 server cafe etag 8165968128240070270 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 15 Jan 2022 20:11:51 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AADD	0 20 B	54ms 53ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=945213137904629&bg=!QUKlQgbNAAaocxMpqHM7ACkAdvg8Wl5trJ1piaumEmYNYVBqUcypp4EUxsFaVjxtNCIljetnOAj4kgIAAAC_UgAAAAZoAQeZAvV1OvwcDmoFEfVC7Ai98QS-Z9l1HBiH9bpIoRCNUqFZRbUMIhFr5hmdTgPHJp2QQOSXus_Ip7FMWmQ3kxztvQdzHxPx_UfFL1xEH520BvcpWnyMBhav5D6lwts7tNYbMbvhIQsfZMDpQFwzYt3hGjVHChnfrYGHnCvW1YCoarkIagOH_oo5QsX75mO88P83B9TwFnqz2WjGeOIpKX7mvVNrkg6GkoG3yGKb74_GajYUn0eiI84nG6w4CEZQKwuLSP5Xx-BgysZvnVN5v4MV8JKz8K9X45aja8cKMNweDQW9sFscAPkHts7LglRTWRMjuZuuxAdgclnxd2OXwjDOG5kjEKFBanPBp__ogj122FPwtLA3acQnsBLm2eRXzlVgNszhkIEn2rvsWeZdQTD08z28hQ4eu7uWzwUTDhiTZgcVxc3xwDMVB61k32tpmuqSLAIrdJlUBPW3tQvRKx3eKm92GXJKZ5skVxn61CzJrvZSskT1UwznPhPuag-AahFOxnBBOJzBDeasN1Vy9_YX8y73farreP7Twz_kf7Hy8fiB43PDHQcjEmKVc7t0W9_43GrqhylwENncw98ltkmYZ8EgbXoXXYCBNvRMukU6ZOqxWKA1TpRJpNfsvE7sj1dKwk4HqRIkSUQdObHFgSF9RLaEBOGlEluo4100mX14ulROug7fF7tJ4sGz8-cV97EXFtsAQdJdYQTNpqLfRy1oPOZRDdBst59cIsTbQFQ7XrlyddwzuC0f4G74r5oVI-SlbjSkpQNWyseBxZ8YVpPDTOEVnJUQ9bfvxTaPJ8jb8N86oaziXYEQPooka51iIcEdDkVdlNgDLqVf2zz96PUR3zYQ9sHzxHeld884KRDqmN94uggU8fFaBEXsQTVysVQo0TpGKcBDqYKDIQigLIhyLk2IBQB5iIRH9eG39qutLQdCuokTpd4GCOn4YZQF-RyGsERA-jUMm9uX4IVAHuP3Yknq-q-JHcNz-uClLvutGobve05VMbVn Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		view.php traffic-buchen.de/ Frame B080	0 0
GET H/1.1	401 Authorization required	1470 str4.openstream.co/ Frame 274D Redirect Chain https://listen.openstream.co/6623/audio https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en...	0 116 B	817ms 817ms	Media text/plain	51.38.51.167 OVH
General Check archive.org Show headers Download Go to Full URL https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Server 51.38.51.167 , France, ASN16276 (OVH, FR), Reverse DNS vps-ab28582c.vps.ovh.net Software Icecast 2.3.3 kh11 8.6.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Server Icecast 2.3.3 kh11 8.6.5 Redirect headers date Sat, 15 Jan 2022 20:11:51 GMT server Apache/2.4.38 (Debian) os-server-ip 172.17.0.2 access-control-allow-origin * location https://str4.openstream.co/1470?aw_0_1st.collectionid%3D6623%26stationId%3D6623%26publisherId%3D1494%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22DE%22%5D%26aw_0_azn.planguage%3D%5B%22de%22%2C%22en%22%5D%26aw_0_azn.pgenre%3D%5B%22Music%22%2C%22Talk%22%2C%22Public%22%5D x-powered-by PHP/7.4.23 access-control-max-age 1000 content-type text/html; charset=UTF-8 os-server-name listen.openstream.co os-server-id ecs-ec2 access-control-allow-headers * content-length 0
GET		/ thisis.aninter.net/ Frame 274D	0 0
GET H/1.1	200 OK	count.php Show response www.ads4allweb.de/api/ Frame 1024	4 KB 2 KB	26ms 25ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 339c6f3a59741b84c6840b35469776552fa276a7fe9aa2528a40da41076ab44f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Server Apache Cache-control no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 1402 Keep-Alive timeout=5, max=87 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame EE86	0 20 B	57ms 56ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=2531967083153566&bg=!oqGloeXNAAaocxMpqHM7ACkAdvg8WgeXCl0ciVK07esVLkUk5ZiHuoKIUTb-z66QA2bHhD26YP7vHwIAAADsUgAAAAJoAQeZAwRMIMSal3hFfZkNHfQ3IDmYOGWImh_qFJKmF0aczZL0frYrNm_JYX0MoMxgJPC_sCQllo6RGbXcJkkBOupvNhU1i3T9ZAmDgWKdJBVmWLraVSTng4BzbuI8IdsUXNsMlfF-8tLPuA2QUpSN60HDBCqBEld0QzIbg4AmM_55wYf8tn2jnNI25H_A5FwZdrG7h5KjiGF7g0z_QY3Re9bnOpcwVP_Y7BXQ6KedmD8QWWKdjstSAdxIr5Xi8URbujRAg-d4duEwrmzGyIYkgCVT8_RlcS4A097BZriUgiFE1BLE2r0qHHsb1UTyzsU2jV63kXGm9f7NiyDjE9h36ahzV1wuaV6-P1wv1Z_vpdqIeJrB_M54J-h3XGVJ0zBCuYNR3-BQB86dcHi1ZXGH5fXtUkB92HsIaOOGbXo-7g9nKfR6-vyoWOECdzEXyvaWqT44heEfbDYYdNamqj7HiLZxyzhoe3vQhq8VHZxiT5M4AW3Fuqn3IbGdc74Z4euk9yw41m1nOYwVZqFouOBx9ZXeBcBno-datG2XqHcA3c9F3zLsXEvz_f3OIMwAw2iGKECs3msZmedebh07IIJ4Zkgxh-CcLOyDjm5FIL4pMtujmYoqh87ToYiKlmLxhluDcXoTDsOStHNw82KmwhVtA8GhiGH40rqOGKXt31snUahf6kL4EbzV7nOMwJElr15NWgEwfJA-3EEEk5ZJo2XuDIKvVTiMtusEV0KXftQQaQgbHIuLwb2sWgLsls0NTF7eM9_TjfWrF6ssnbbFOeSRktcjRT5NPlXb3CaZ8zqTCXPrVAwuaij1JunH3Yowvfb9176Oke1zuh2mBlPBHvYgPIeQTGXOvpC3bRT01oT2fXuEMK6OjRw49JIwP1-fJEwwLTINRg_NrEF3M-oFYb7Wg1leCHUACcC26V3xwPhqJzOnEHr3y8jR2f4t-P_h5lAEh9i39IJ7K7cd_hGd6CrW-TqZ8VK1umc5C0rvZoLW2uVAgeyHQW7rIG3fRPKTAyrqkDMeAPNzLsZk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	55ms 55ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=2997807048826276&bg=!Dg2lDUnNAAaocxMpqHM7ACkAdvg8WuC6UT9jZKRpi48UwZUBlyTwSrvKZ62T66FvArtCU3yhNPz0rgIAAAD5UgAAAAhoAQeZArlqSUnaf7UIF15AMYlFn8Q8E9jbKQWIFnTSje72GbImvRLtwI4Zeo_3-YNNR7TEAFAvofuzUQBeB-I9axGyx309eyHKv6pizbm_Y-mIvzA1YLO79GCgREEctcm0qidPRvYmy0Quxmkmb-XnYkllMdbT5WTk3xJcx2QSWtOB9IoKtfT_dVRfXSNwsxMXyFA_CNKU6CxSrBChb80JTCz1nOXv7KY0DXhPAkcT9QUwhawm7zUvP0F3CJG4FPwjzdjQaMpniWelZMFW_gkbzYOX-3tQLbBcKWz2OhDwYQa4mwHB39WIDcY1Fi_RaY3SuBbnUsJVoTv2xI2b-3CrIJLK_kJNoxaGcFk4R698edurbF6TV8Ao1H0uhxt-7N3o99Lon2dB75zdg5eaZZQ-9TJ2Pb1XEKrqamBfr0QoO57ssJ9Lt-UTSW32PZjyKt3Pc98Ptu-YU4RBFkPrso0P80TPytEE9w7N4dPhZSdKYbopKv9w6BDC8Nr_EhuTGGByL0jpGH0yt_GUZLvkg24BX62oDeeUTGPGIl9i1FzHyP5dlq0oGoaxMYHkAUCHNAXxDcBVDqt6TpNxCMHB6fqXDUjRdUyQcy4Uz1kXkfvVC4LV7D9OuTG0Jd8RA42z1VyhSpFZcWxOdUO9hXTxQgqFZJXus4JQrZc2fS_eAkzSwVuwRn05495OWA7Pv6ni4G3lK6bwD1aU72kCwy-cZaAEWb5ir3vQg4H0OJ20ah4yhl5akfTFwHkkAkfcLSXbITqYSWoG5XEZQZ7Uq0aBfF8Bi426sm9ap5G2XRY6ERaNaP8n8gFd2T8LRBsi54ShAcwLwRf8hawu2eiSzThHF1MDlnOi7hlTeCQnaaHmQum9wYU5uLSr5afUaWVKFmtMYSOEHoBLToZsAD9jSyrzlP5i_kCNBwb8fkd7_3x3PBHr Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame 274D	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 274D	107 B 122 B	29ms 29ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.jefffm.de Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame ECE9	603 B 65 B	41ms 40ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7322400680000432&output=html&adk=1812271804&adf=540959012&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A148096%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fmedia.hubuhost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642277511278&bpp=3&bdt=152&idt=88&shv=r20220112&mjsv=m202201060101&ptt=9&saldr=aa&nras=1&correlator=6830892747211&frm=24&ife=1&pv=1&ga_vid=1996494573.1642277511&ga_sid=1642277511&ga_hid=892436220&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2437642916&scr_x=-12245933&scr_y=-12245933&eid=31063751%2C31064036%2C31062931&oid=2&pvsid=2248455055140097&pem=615&tmod=489&top=https%3A%2F%2Fcrypto-fire.website%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.7kgn6iixkama&fsb=1&dtd=99 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7322400680000432&plah=www.jefffm.de Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sat, 15 Jan 2022 20:11:51 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7E97	0 20 B	54ms 53ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=1251317072339285&bg=!4-Cl4KTNAAaocxMpqHM7ACkAdvg8Wo7YpHIBbEN43MIcCivNGovH7dFeDh8OhALuuzjJsQE8M07wFgIAAADwUgAAAANoAQcKAJChNYjy1qwNZUDz8pz-fguCLY50bNU05F_CMo2uEEuwGJJAJaccnPntSFUA1HvPu0DHhbT8tpoTgp5tzAmQqZwgZXbrCY5HgfaYO88ZcLkD3u35I724g_q8rY_3MQgAzdb3gramEpbMjb_4_UIGwltIgidlCMb96afLoCEooQ2b-qNIWvyuoE2KmEaqSl32P8GZAsjwOFQWxei6wqbGMl1ZNhcCjCOXD0f6TbfpABtY1X4K14J9x5oMUSIVFnWEI15uxSmMcrzKel1geQhH1ZSqHgqZriTzijopZzPw2bqCM5mUM9ezWvG_1ctltImaJatK_AVcB3weutFewQRxyuupr9x2o3MeJTy8x0-I59qeFc-qLBaTOnijFdL7Sj1nw6wC0NyOx7dHzdQrKZJkS6qLxUGQZDjFDQjntkPNsz2gmUCAz5Mjf2GQDJ90Yfp8P7_ZTQMVg-w43vzPdb-n2PycwHCYlMdupk2z2J3jQeQLG5Zk2HMUjWQ30HB3AONy7nx4ofCmzsQi3eN679Gyit0IoHqqwZq5eo2KsWTujsx-m8HItWIX4CTLxwrVA-OormCi7jF0UgvmxW4JYK0RK43C_BYL2dzESlnlkcSlu3sr2vGT68SJvHn7dg2hV5qiaWRxa2TBjZ-m3akMCumjvmJbYkjMQUBf9YHkqWyqmwJ9xf1DU55VKFfKrQqFQfETYMQ3S-_3uNmIfqRscoZ3VV4N8TwjYeYb5kSCmVeyOy-mQL6vQuGu7iEYpGkKJkPLV4EFs97mMO6sMQHCTgurUO2SOCkSjF89uDj7FT-U8mENQ4FXdYl2Oii9alfsJyE90RltV8aPQOPgBU_3qjlEXvDql7gIIkWrk3F4BSgXe1bqpUoJFwkhxpJkr35sRccPAnXVS4Fo8MqXQlhu_gy51MdvusnJ4x7baAOiuWNnVSE9-pidFL8VNUisnjfamAFCGp0xlCadhGUDHV59keNYZxiykR2ooGGbxW0ppDchPMV6SFJLY_XGLCMCpYdLHXFCtEkse-KOcp3gfr8Tk77Dd4FrUydfitOBoF6inDf1wVmHbf1APpkwzM0dROMsuOLO_Jgt0xeqmawk_rlHfCoXzfrJBYloM8tndkmUeMSIP9hju48hMty0un1gO1FJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/ Frame 1024	85 KB 30 KB	19ms 18ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-1538f" vary Accept-Encoding x-hw 1642277511.dop143.fr8.t,1642277511.cds231.fr8.hn,1642277511.cds057.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H/1.1	200 OK	adframe.js Show response www.ads4allweb.de/api/ad/ Frame 1024	18 B 297 B	22ms 21ms	Script application/javascript	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/ad/adframe.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash fb1de05487cbd9748085d35910b6f9877706b2a63c3cd64e2fadb9c318cb0505 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Last-Modified Fri, 16 Aug 2019 11:59:04 GMT Server Apache ETag "12-5903ab775b200" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=86 Content-Length 18
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/ Frame 1024	96 KB 29 KB	20ms 20ms	Script application/javascript	2600:9000:214f:8000:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8000:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 03:05:40 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 18:35:51 GMT server AmazonS3 age 61580 etag "78cf0f1f296c61b336db981022359dbc" x-cache Hit from cloudfront content-type application/javascript via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 content-length 29778 x-amz-cf-id BXiPLRKkZHyiatR27BVgfj6JjYdMlWn_ijRlwCSchirEbQQIB58q0A==
GET H2	200	p_script.php Show response www.sponsortown.de/v3/ Frame 1024	452 B 451 B	25ms 25ms	Script text/html	5.35.252.146 GD-EMEA-DC-SXB1
General Check archive.org Show headers Download Go to Full URL https://www.sponsortown.de/v3/p_script.php?pid=6120&intro=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.35.252.146 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE), Reverse DNS rs244210.rs.hosteurope.de Software nginx / PHP/7.2.34, PleskLin Resource Hash 180acca4450bbffe1173dc1065334c85805282dcf5bb6f43facb05851c9e5f66 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip server nginx x-powered-by PHP/7.2.34, PleskLin content-length 304 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame 1024	122 KB 39 KB	40ms 40ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 833af79fceebd91289eb5aac891019a7e5bd2a99f74fbd8d8430f52d6f908f2d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-1e6ef" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 16 Jan 2022 20:11:51 GMT
GET H/1.1	200 OK	pix ads.rekmob.com/retarget/ Frame 1024 Redirect Chain https://x.bidswitch.net/sync?ssp=reklamstore https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D... https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D... https://x.bidswitch.net/sync?dsp_id=429&user_id=21a1fabc-483c-530f-b05b-51e6d1b87b61&ssp=reklamstore&expires=30&user_group=1 https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1	35 B 403 B	28ms 28ms	Image image/gif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:26 GMT Server nginx/1.9.6 Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers Location //ads.rekmob.com/retarget/pix?id=bs&cv=3936de46-35a3-4987-ae21-40a8ea02d5bb&d=1 Date Sat, 15 Jan 2022 20:11:52 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 1024	320 B 621 B	21ms 21ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1090192 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 93c1766e021bb747cb54ebd99734cc9e878c10fe9608122e3d2c8f52465f54e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:25 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame 1024	82 KB 33 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1ab60e540a1401fd40b5f266332ba0471ec2210f433899fae96104d5ff847b33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33319 x-xss-protection 0 last-modified Sat, 15 Jan 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 15 Jan 2022 20:11:51 GMT
GET H/1.1	200 OK	textlinks.php Show response www.ads4allweb.de/ads/ Frame 5D2E	319 B 486 B	21ms 21ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/ads/textlinks.php Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 3557761eeead595148091109ff52cf6c83162ddd7135cba55d6a57d7c59f3115 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 251 Keep-Alive timeout=5, max=85 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	/ Show response ebesucher-klicker.de/ Frame 4A25	8 KB 3 KB	27ms 27ms	Document text/html	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://ebesucher-klicker.de/ Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin Resource Hash 2adec4fc39729f74d084a42e96efd44f3760820b12e2de91777f43ab63e7cdce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:51 GMT content-type text/html; charset=UTF-8 content-length 2833 x-powered-by PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding content-encoding gzip
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 1024	322 B 621 B	20ms 20ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1103918 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash b910f4f743abe988a31010affca9069c3a13151c785fdc5189fb78f7f674c00a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:25 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame 1024	152 B 988 B	77ms 77ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash cc79ec5c3050b5d210de66a0b0b5d7915aab2c97e760da9cf26942d753a09ec8 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:51 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid b7e51ad4-e092-4a96-9594-13c7829650dc Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 152 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame 1024	33 B 587 B	59ms 58ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTg3OTEzNw%3D%3D&callback=adf__Xpt8i32HfOIUxMfuwWXu Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e12fc62a0a7c55a50a97c40ab1c6cab223b727accdc7efd38b260d96cd1de31e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 1024	4 KB 2 KB	50ms 49ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=f92a43a687bb491bb9f1e58a8c68f222&ufid=Xpt8i32HfOIUxMfuwWXu&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__Xpt8i32HfOIUxMfuwWXu&ref=www.ads4allweb.de&_=1642277511457&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 4774780ee9a19447eea4fe3be69d4c5758f459e78a66e66ff091127d27ff234c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:26 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 1024	0 179 B	23ms 23ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:51 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v2/ Frame 1024	152 B 988 B	65ms 65ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 718e77b4a5020712597b1c817c59c0b2d21df79af2b468ae899f540fb6114376 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 15 Jan 2022 20:11:51 GMT X-Proxy-Origin 84.19.175.165; 84.19.175.165; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 2f1fa6b3-e4df-4612-8182-589d5a9f39ce Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ads4allweb.de Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 152 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Frame 1024	33 B 587 B	65ms 64ms	Script text/javascript	37.157.4.29 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTExNDMxMTk%3D&callback=adf__24IslrCnLGBiooIgra56 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 0fb52a4cae219337cab173aa832c01b9a87a4e106e93bf3c1819f6394a9f0fac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 1024	4 KB 2 KB	46ms 46ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=7ddf8f8d485040a3a069760a74ccac18&ufid=24IslrCnLGBiooIgra56&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__24IslrCnLGBiooIgra56&ref=www.ads4allweb.de&_=1642277511472&crtg=-1&rc=10 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash fd7dd14579a92f86420dc919890b07e9568710b2155b238e7d607ce179c5c89d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 19:07:26 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Transfer-Encoding chunked Connection keep-alive
POST H2	204	cdb Show response bidder.criteo.com/ Frame 1024	0 218 B	26ms 25ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=208&cb=70211001630 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 15 Jan 2022 20:11:51 GMT server Finatra vary Origin access-control-allow-origin https://www.ads4allweb.de access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 1024	0 179 B	26ms 26ms	XHR text/plain	185.184.8.65 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-65.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Sat, 15 Jan 2022 20:11:51 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H2	200	tb_v.php Show response tl.adcocktail.com/ Frame 5D2E	2 KB 558 B	88ms 88ms	Script text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tl.adcocktail.com/tb_v.php?uid=1867&wsid=28382&format=468x60&reflink=off Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6588c796f2978840a662eb392cadb60165486dc294e0abf6872753a75f66eb5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 15 Jan 2022 20:11:51 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 6ce1c16ecedd5369-FRA content-length 453 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	zone Show response adpro.netzwerk-ad.de/codes/ Frame 4A25	434 B 603 B	442ms 442ms	Script application/javascript	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://adpro.netzwerk-ad.de/codes/zone?rcd=Mzk= Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/7.1.33, PleskLin Resource Hash 9a70e988d2068ba3df4b2f37420d9ae0fcaf78968ced19a32fa8cfc93d0ad205 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip server nginx x-powered-by PHP/7.1.33, PleskLin x-cache-status BYPASS vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate content-length 317 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	main.css ebesucher-klicker.de/css/ Frame 4A25	4 KB 4 KB	32ms 32ms	Stylesheet text/css	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://ebesucher-klicker.de/css/main.css Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash 6cae17abdeea20d73682245c12c36900184c8afea05408ac70835a6431cfbddf Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Mon, 04 Jan 2021 16:09:29 GMT server nginx x-powered-by PleskLin etag "5ff33db9-e0b" content-type text/css accept-ranges bytes content-length 3595
GET H2	200	jquery-1.10.2.js Show response code.jquery.com/ Frame 4A25	267 KB 79 KB	19ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.10.2.js Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:07 GMT server nginx etag W/"54499a47-42b2f" vary Accept-Encoding x-hw 1642277511.dop143.fr8.t,1642277511.cds231.fr8.hn,1642277511.cds041.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80743
GET H2	200	logo.png ebesucher-klicker.de/images/ Frame 4A25	32 KB 32 KB	60ms 60ms	Image image/png	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://ebesucher-klicker.de/images/logo.png Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash 3acc0c14d8b48cbf12ea40cb135eb7007c85ea3d8e6b042fb3c912757efc2b00 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Sat, 23 Jan 2021 20:21:24 GMT server nginx x-powered-by PleskLin etag "600c8544-809f" content-type image/png accept-ranges bytes content-length 32927
GET H/1.1	200 OK	script-v2.js Show response s3.amazonaws.com/valao-cloud/cookie-hinweis/ Frame 4A25	4 KB 5 KB	113ms 112ms	Script application/javascript	52.217.83.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script-v2.js Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.83.182 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b9ba2c9588f6fe8aa9a056868f9d4f806cc27297dae91ec3192c0de7cf2f334e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:52 GMT Last-Modified Thu, 31 Jan 2019 08:10:46 GMT Server AmazonS3 x-amz-request-id R9BYR5JSGGZQH2WE ETag "415fbfba67f3f5cb671dce2781f21ed1" Content-Type application/javascript Accept-Ranges bytes Content-Length 4265 x-amz-id-2 AbTICy9t2DsQLrnqKPDZoimWqyah1AhNBjE+Vw3+vCMNlhQQsMx101P6+3bKl/SNL8vro4FgAZc=
GET H/1.1	200 OK	1717829 Show response ad.a-ads.com/ Frame AC51	6 KB 2 KB	27ms 26ms	Document text/html	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1717829?size=468x60 Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 4adb83d57ed755850a235e0cd727e146309852c935468f508d20bc817df7819a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ Response headers Server nginx Date Sat, 15 Jan 2022 20:11:51 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger(R) X-Original-Referer https://ebesucher-klicker.de/ Content-Encoding gzip
GET H2	200	banner Show response adpro.netzwerk-ad.de/codes/ Frame FA3A	450 B 609 B	269ms 269ms	Document text/html	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= Requested by Host: ebesucher-klicker.de URL: https://ebesucher-klicker.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PHP/7.1.33 PleskLin Resource Hash 7a2ffda8add383e665ea9e2292531a29587bd1acd4f77849a9cd0e268c26ff28 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ebesucher-klicker.de/ Response headers server nginx date Sat, 15 Jan 2022 20:11:51 GMT content-type text/html; charset=UTF-8 content-length 321 x-powered-by PHP/7.1.33 PleskLin expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding content-encoding gzip x-cache-status BYPASS
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 1024	2 KB 1 KB	30ms 30ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 561 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c16efd554333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:51 GMT
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 1024	2 KB 1 KB	48ms 48ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=7ddf8f8d485040a3a069760a74ccac18&nai=&si=35370&pn=&h=50&w=320&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 561 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c16f0da24333-FRA content-length 1168 expires Sat, 15 Jan 2022 22:11:51 GMT
GET H/1.1	200 OK	468x60 static.a-ads.com/a-ads-banners/117620/ Frame AC51	156 KB 157 KB	52ms 52ms	Image image/gif	148.251.155.232 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1717829?size=468x60 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.232.155.251.148.clients.your-server.de Software nginx / Resource Hash d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 15 Jan 2022 20:11:51 GMT Last-Modified Sun, 19 Apr 2020 16:08:09 GMT Server nginx x-amz-request-id 7EZ376GTFZAZQ10H ETag "d89cd17d5e22adfb5532615d116d84b8" Content-Type image/gif Cache-Control max-age=315360000 Content-Length 160195 Connection keep-alive Accept-Ranges bytes x-amz-version-id LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4 x-amz-id-2 QbrBXmBv2znSSc/73Ug1P+4Z2dSLwtFbuOH+PCfTNfuhuskGmX4B3w64873wntyJrodXD9vHuRs= Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 1024	31 KB 24 KB	51ms 51ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1642277511701&ver1=2.2.3&qid=230383f5530383f5434353&rnd=60ronw3pxrze&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43241&s=www.ads4allweb.de&x=rekmob&nci=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nai=&si=35370&pn=&h=60&w=468&bp=&pp=&ci=&ip=84.19.175.165&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:20:06 GMT server cloudflare age 1336 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c170297b4333-FRA content-length 24217 expires Sat, 15 Jan 2022 22:11:51 GMT
GET H2	200	4126WQs.gif adpro.netzwerk-ad.de/advertiser/uploads/ Frame FA3A	565 KB 566 KB	217ms 217ms	Image image/gif	89.163.223.180 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://adpro.netzwerk-ad.de/advertiser/uploads/4126WQs.gif Requested by Host: adpro.netzwerk-ad.de URL: https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS vps2050907.fastwebserver.de Software nginx / PleskLin Resource Hash dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://adpro.netzwerk-ad.de/codes/banner?rcd=MjM= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Fri, 17 Dec 2021 16:14:10 GMT server nginx x-powered-by PleskLin etag "8d557-5d359d44ba58e" x-cache-status BYPASS content-type image/gif accept-ranges bytes content-length 578903
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 1024	26 B 134 B	36ms 34ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1642277511790&rnd=60ronw3pxrze&ifm=1&uai=1&cid=544&s=www.ads4allweb.de&p=43241&x=rekmob&adtg=f92a43a687bb491bb9f1e58a8c68f222&ats=0&atf=&nsi=&si=35370&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 345 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c170ddbd4a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:51 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 1024	26 B 87 B	35ms 34ms	Image image/gif	2606:4700::6810:78c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1642277511779514&ver=1.2r81&qid=230383f5530383f5434353&p=43241&s=www.ads4allweb.de&x=rekmob&cid=544&od1=&od2=&adtg=f92a43a687bb491bb9f1e58a8c68f222&nci=&nai=&si=35370&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=60ronw3pxrze&impid=&idl=&ttduid=&id5=&emh=&tps=19&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36&os=&mm=&di=&ip=84.19.175.165&ci=&pp=&bp=&w=468&h=60&pn=&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=4&icpl=31&icp=https%253A//crypto-fire.website&irfl=114&irf=https%253A//www.ads4allweb.de/api/kamp/rota.php%253Fsidfl_eq54497fl_np544uidfl_eq5441055fl_np544artfl_eq544traffic&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-17-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=20 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=20985&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:78c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT cf-cache-status HIT last-modified Sun, 09 Jan 2022 14:19:57 GMT server cloudflare age 560 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 6ce1c170ddc04a62-FRA content-length 26 expires Sat, 15 Jan 2022 22:11:51 GMT
GET H2	200	x.png media.hubuhost.com/img/ Frame 7E97	578 B 770 B	22ms 21ms	Image image/png	5.9.20.91 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://media.hubuhost.com/img/x.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 15 Jan 2022 20:11:51 GMT last-modified Fri, 20 Nov 2020 23:32:05 GMT server nginx etag "5fb851f5-242" strict-transport-security max-age=15768000; includeSubDomains content-type image/png accept-ranges bytes content-length 578 x-xss-protection 1; mode=block
GET		2251 str5.openstream.co/ Frame 4A25 Redirect Chain https://listen.openstream.co/6172/audio https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2...	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

thisis.aninter.net

URL

https://thisis.aninter.net/?type=https

Domain

thisis.aninter.net

URL

https://thisis.aninter.net/?type=https

Domain

thisis.aninter.net

URL

https://thisis.aninter.net/?type=https

Domain

traffic-buchen.de

URL

https://traffic-buchen.de/view.php

Domain

thisis.aninter.net

URL

https://thisis.aninter.net/?type=https

Domain

thisis.aninter.net

URL

https://thisis.aninter.net/?type=https

Domain

traffic-buchen.de

URL

https://traffic-buchen.de/view.php

Domain

thisis.aninter.net

URL

https://thisis.aninter.net/?type=https

Domain

str5.openstream.co

URL

https://str5.openstream.co/2251?aw_0_1st.collectionid%3D6172%26stationId%3D6172%26publisherId%3D2275%26k%3D1642277511%26aw_0_azn.pcountry%3D%5B%22AD%22%2C%22AN%22%2C%22DE%22%2C%22FR%22%2C%22AE%22%2C%22AF%22%2C%22AG%22%2C%22AL%22%2C%22AI%22%2C%22AM%22%2C%22AO%22%2C%22AQ%22%2C%22AR%22%2C%22AS%22%2C%22AT%22%2C%22AU%22%2C%22AW%22%2C%22AZ%22%2C%22BA%22%2C%22BB%22%2C%22BD%22%2C%22BE%22%2C%22BF%22%2C%22BG%22%2C%22BH%22%2C%22BI%22%2C%22BJ%22%2C%22BM%22%2C%22BN%22%2C%22BO%22%2C%22BR%22%2C%22BS%22%2C%22BT%22%2C%22BV%22%2C%22BW%22%2C%22BY%22%2C%22BZ%22%2C%22CA%22%2C%22CC%22%2C%22CD%22%2C%22CF%22%2C%22CG%22%2C%22CH%22%2C%22CI%22%2C%22CK%22%2C%22CL%22%2C%22CM%22%2C%22CN%22%2C%22CO%22%2C%22CR%22%2C%22CU%22%2C%22CV%22%2C%22CX%22%2C%22CY%22%2C%22CZ%22%2C%22DJ%22%2C%22DK%22%2C%22DM%22%2C%22DO%22%2C%22DZ%22%2C%22EC%22%2C%22EE%22%2C%22EG%22%2C%22EH%22%2C%22ER%22%2C%22ES%22%2C%22ET%22%2C%22FI%22%2C%22FJ%22%2C%22FK%22%2C%22FM%22%2C%22FO%22%2C%22GA%22%2C%22GB%22%2C%22GD%22%2C%22GE%22%2C%22GF%22%2C%22GG%22%2C%22GH%22%2C%22GI%22%2C%22GL%22%2C%22GM%22%2C%22GN%22%2C%22GP%22%2C%22GQ%22%2C%22GR%22%2C%22GS%22%2C%22GT%22%2C%22GU%22%2C%22GW%22%2C%22GY%22%2C%22GZ%22%2C%22HK%22%2C%22HM%22%2C%22HN%22%2C%22HR%22%2C%22HT%22%2C%22HU%22%2C%22ID%22%2C%22IE%22%2C%22IL%22%2C%22IM%22%2C%22IN%22%2C%22IO%22%2C%22IQ%22%2C%22IR%22%2C%22IS%22%2C%22IT%22%2C%22JE%22%2C%22JM%22%2C%22JO%22%2C%22JP%22%2C%22KE%22%2C%22KG%22%2C%22KH%22%2C%22KI%22%2C%22KM%22%2C%22KN%22%2C%22KP%22%2C%22KR%22%2C%22KW%22%2C%22KY%22%2C%22KZ%22%2C%22LA%22%2C%22LB%22%2C%22LC%22%2C%22LI%22%2C%22LK%22%2C%22LR%22%2C%22LS%22%2C%22LT%22%2C%22LU%22%2C%22LV%22%2C%22LY%22%2C%22MA%22%2C%22MC%22%2C%22MD%22%2C%22ME%22%2C%22MG%22%2C%22MH%22%2C%22MK%22%2C%22ML%22%2C%22MM%22%2C%22MN%22%2C%22MO%22%2C%22MP%22%2C%22MQ%22%2C%22MR%22%2C%22MS%22%2C%22MT%22%2C%22MU%22%2C%22MV%22%2C%22MW%22%2C%22MX%22%2C%22MY%22%2C%22MZ%22%2C%22NA%22%2C%22NC%22%2C%22NE%22%2C%22NF%22%2C%22NG%22%2C%22NI%22%2C%22NL%22%2C%22NO%22%2C%22NP%22%2C%22NR%22%2C%22NU%22%2C%22NZ%22%2C%22OM%22%2C%22PA%22%2C%22PE%22%2C%22PF%22%2C%22PG%22%2C%22PH%22%2C%22PK%22%2C%22PL%22%2C%22PM%22%2C%22PN%22%2C%22PR%22%2C%22PS%22%2C%22PT%22%2C%22PW%22%2C%22PY%22%2C%22QA%22%2C%22RE%22%2C%22RO%22%2C%22RS%22%2C%22RU%22%2C%22RW%22%2C%22SA%22%2C%22SB%22%2C%22SC%22%2C%22SD%22%2C%22SE%22%2C%22SG%22%2C%22SH%22%2C%22SI%22%2C%22SJ%22%2C%22SK%22%2C%22SL%22%2C%22SM%22%2C%22SN%22%2C%22SO%22%2C%22SR%22%2C%22ST%22%2C%22SV%22%2C%22SY%22%2C%22SZ%22%2C%22TC%22%2C%22TD%22%2C%22TF%22%2C%22TG%22%2C%22TH%22%2C%22TJ%22%2C%22TK%22%2C%22TL%22%2C%22TM%22%2C%22TN%22%2C%22TO%22%2C%22TR%22%2C%22TT%22%2C%22TV%22%2C%22TW%22%2C%22TZ%22%2C%22UA%22%2C%22UG%22%2C%22UM%22%2C%22US%22%2C%22UY%22%2C%22UZ%22%2C%22VA%22%2C%22VC%22%2C%22VE%22%2C%22VG%22%2C%22VI%22%2C%22VN%22%2C%22VU%22%2C%22WF%22%2C%22WS%22%2C%22XK%22%2C%22YE%22%2C%22YT%22%2C%22ZA%22%2C%22ZM%22%2C%22ZW%22%5D%26aw_0_azn.planguage%3D%5B%22aa%22%2C%22ab%22%2C%22ae%22%2C%22af%22%2C%22ak%22%2C%22am%22%2C%22an%22%2C%22ar%22%2C%22as%22%2C%22av%22%2C%22ay%22%2C%22az%22%2C%22ba%22%2C%22be%22%2C%22bg%22%2C%22bh%22%2C%22bi%22%2C%22bm%22%2C%22bn%22%2C%22bo%22%2C%22br%22%2C%22bs%22%2C%22ca%22%2C%22ce%22%2C%22ch%22%2C%22co%22%2C%22cr%22%2C%22cs%22%2C%22cu%22%2C%22cv%22%2C%22cy%22%2C%22da%22%2C%22de%22%2C%22dv%22%2C%22dz%22%2C%22ee%22%2C%22el%22%2C%22en%22%2C%22eo%22%2C%22es%22%2C%22et%22%2C%22eu%22%2C%22fa%22%2C%22ff%22%2C%22fi%22%2C%22fj%22%2C%22fo%22%2C%22fr%22%2C%22fy%22%2C%22ga%22%2C%22gd%22%2C%22gl%22%2C%22gn%22%2C%22gu%22%2C%22gv%22%2C%22ha%22%2C%22he%22%2C%22hi%22%2C%22ho%22%2C%22hr%22%2C%22ht%22%2C%22hu%22%2C%22hy%22%2C%22hz%22%2C%22ia%22%2C%22id%22%2C%22ie%22%2C%22ig%22%2C%22ii%22%2C%22ik%22%2C%22io%22%2C%22is%22%2C%22it%22%2C%22iu%22%2C%22ja%22%2C%22jv%22%2C%22ka%22%2C%22kg%22%2C%22ki%22%2C%22kj%22%2C%22kk%22%2C%22kl%22%2C%22km%22%2C%22kn%22%2C%22ko%22%2C%22kr%22%2C%22ks%22%2C%22ku%22%2C%22kv%22%2C%22kw%22%2C%22ky%22%2C%22la%22%2C%22lb%22%2C%22lg%22%2C%22li%22%2C%22ln%22%2C%22lo%22%2C%22lt%22%2C%22lu%22%2C%22lv%22%2C%22mg%22%2C%22mh%22%2C%22mi%22%2C%22mk%22%2C%22ml%22%2C%22mn%22%2C%22mr%22%2C%22ms%22%2C%22mt%22%2C%22my%22%2C%22na%22%2C%22nb%22%2C%22nd%22%2C%22ne%22%2C%22ng%22%2C%22nl%22%2C%22nn%22%2C%22no%22%2C%22nr%22%2C%22nv%22%2C%22ny%22%2C%22oc%22%2C%22oj%22%2C%22om%22%2C%22or%22%2C%22os%22%2C%22pa%22%2C%22pi%22%2C%22pl%22%2C%22ps%22%2C%22pt%22%2C%22qu%22%2C%22rm%22%2C%22rn%22%2C%22ro%22%2C%22ru%22%2C%22rw%22%2C%22sa%22%2C%22sc%22%2C%22sd%22%2C%22se%22%2C%22sg%22%2C%22si%22%2C%22sk%22%2C%22sl%22%2C%22sm%22%2C%22sn%22%2C%22so%22%2C%22sq%22%2C%22sr%22%2C%22ss%22%2C%22st%22%2C%22su%22%2C%22sv%22%2C%22sw%22%2C%22ta%22%2C%22te%22%2C%22tg%22%2C%22th%22%2C%22ti%22%2C%22tk%22%2C%22tl%22%2C%22tn%22%2C%22to%22%2C%22tr%22%2C%22ts%22%2C%22tt%22%2C%22tw%22%2C%22ty%22%2C%22ug%22%2C%22uk%22%2C%22ur%22%2C%22uz%22%2C%22ve%22%2C%22vi%22%2C%22vo%22%2C%22wa%22%2C%22wo%22%2C%22xh%22%2C%22yi%22%2C%22yo%22%2C%22za%22%2C%22zh%22%2C%22zu%22%5D%26aw_0_azn.pgenre%3D%5B%22Games+and+Hobbies%22%2C%22Music%22%2C%22Top40%5C%2FHits+-+Pop%22%5D