www.kntrlstb.com Open in urlscan Pro
2606:4700:3033::ac43:da8b  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ref.gitadres.com/supertotobet Page URL
2. https://www.kntrlstb.com/?r=3586 Page URL
3. https://www.kntrlstb.com/?r=3586 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	supertotobet Show response ref.gitadres.com/	1 KB 1 KB	267ms 234ms	Document text/html	2606:4700:3036::6815:2c3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ref.gitadres.com/supertotobet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2c3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2de182eceb14376820b15d7fa40f6349e723843de6f480bb4cec5bf62202cdf8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 06 Dec 2021 10:53:52 GMT content-type text/html; charset=utf-8 cache-control private x-aspnetmvc-version 5.2 x-aspnet-version 4.0.30319 x-powered-by ASP.NET cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RA%2FT%2B9VJRrr9CzqDZeDrK0wIKyW7dy8F9fsTonNJZMdibljdDfb%2BpopBVc80HPBmaptEko%2BW4tQO3nCuiOK7ID%2B3k5XTsiKAS%2BuqRMHzEddsJrDuGIFUyPR0ZsoU4vKA33faMSDGbtJx831fHRcS"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b94f9106b8a0eb7-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	jquery-3.3.1.min.js Show response ref.gitadres.com/Content/js/	85 KB 31 KB	19ms 18ms	Script application/javascript	2606:4700:3036::6815:2c3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ref.gitadres.com/Content/js/jquery-3.3.1.min.js Requested by Host: ref.gitadres.com URL: https://ref.gitadres.com/supertotobet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2c3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://ref.gitadres.com/supertotobet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:52 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 178 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Thu, 08 Mar 2018 10:40:19 GMT server cloudflare etag W/"1e5d40dac9b6d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJekxmqUiyyvJ5iWa5%2B3rYgs0aTclk4wrLSkgIb0GgjGm8hsLbpQIdq02mQZx8JGB1fRPCVjZvFojP5QFQPNG9dYrCxuP%2B%2FQeotZ8phRQfSENw2ZVkcjg%2FM0UZ62erns%2BbklISz4dIffnJ89CK9Q"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6b94f911fe6d0eb7-FRA
GET H2	503	/ Show response www.kntrlstb.com/	10 KB 11 KB	47ms 16ms	Document text/html	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/?r=3586 Requested by Host: ref.gitadres.com URL: https://ref.gitadres.com/supertotobet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 361d1941704fce65e6f3581b687e61eeece90f63ace99538a2b6cac4f8d58e7e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ref.gitadres.com/ Response headers date Mon, 06 Dec 2021 10:53:52 GMT content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjgMEEVh6CbU8wDXgPlXjhpekKqt2X1X70HdkUQk1FoPBtD3uEb7D771smdGURqBXc046Wuhj305VlPKyg7z%2FuTFCUCxsk6VuY0cunSgMDt%2F%2FjwWdGDe2ef7CNQ8txwwLn9R0HDlmzqFYgUJYmOg"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6b94f9126990693f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	v1 Show response www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	39 KB 14 KB	62ms 50ms	Script text/javascript	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6b94f9126990693f Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/?r=3586 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c0a6865076ac573522477bd5f55fcffae99f881800955573096778dc0c582c2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=JECnz7hJSr6SBWNHvxAq0R3JqL1OZ7LBiboUjvx9QC8-1638788032-0-gaNycGzNCGU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:52 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmCxSRVt67xPUH3hB8Y%2BE0N5DikhU8tJ9ryOZ%2B%2BvL5CM3qUjQdhdNVdfUv4qG5xy0Rhraw9Uw3Ma%2F1cTl6gRPQSekaTnchOMEBbsMm%2F755v8V3XJ8bLdJcLrVs1fdV1Ab%2FivH07tGugmH7J2pMyE"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate cf-ray 6b94f912bc1105fd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	transparent.gif www.kntrlstb.com/cdn-cgi/images/trace/jschal/js/	42 B 258 B	22ms 9ms	Image image/gif	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.kntrlstb.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6b94f9126990693f Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=JECnz7hJSr6SBWNHvxAq0R3JqL1OZ7LBiboUjvx9QC8-1638788032-0-gaNycGzNCGU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=JECnz7hJSr6SBWNHvxAq0R3JqL1OZ7LBiboUjvx9QC8-1638788032-0-gaNycGzNCGU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:52 GMT x-content-type-options nosniff last-modified Wed, 01 Dec 2021 12:20:23 GMT server cloudflare etag "61a76887-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6b94f912bc1605fd-FRA vary Accept-Encoding content-length 42 expires Mon, 06 Dec 2021 12:53:52 GMT
GET H3	200	transparent.gif www.kntrlstb.com/cdn-cgi/images/trace/jschal/nojs/	42 B 222 B	22ms 10ms	Image image/gif	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.kntrlstb.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6b94f9126990693f Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=JECnz7hJSr6SBWNHvxAq0R3JqL1OZ7LBiboUjvx9QC8-1638788032-0-gaNycGzNCGU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=JECnz7hJSr6SBWNHvxAq0R3JqL1OZ7LBiboUjvx9QC8-1638788032-0-gaNycGzNCGU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:52 GMT x-content-type-options nosniff last-modified Wed, 01 Dec 2021 12:20:23 GMT server cloudflare etag "61a76887-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6b94f912bc1405fd-FRA vary Accept-Encoding content-length 42 expires Mon, 06 Dec 2021 12:53:52 GMT
POST H3	200	359912cdbe30f49 Show response www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2643038263438964:1638785210:27992a424b0b34d8f6a5b1a29102d6af172e7462f3602d71b0ed1e2f50d0efbb/6b94f9126990693f/	100 KB 60 KB	126ms 126ms	XHR text/plain	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2643038263438964:1638785210:27992a424b0b34d8f6a5b1a29102d6af172e7462f3602d71b0ed1e2f50d0efbb/6b94f9126990693f/359912cdbe30f49 Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6b94f9126990693f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f8d4a0b2cf0c818e7208b014622dde2bea2dc7178d496ff226df656d4fe39df Request headers Referer https://www.kntrlstb.com/?r=3586 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 CF-Challenge 359912cdbe30f49 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Dec 2021 10:53:52 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tkgt4ryR6q6oUvl%2BC8pahJ%2B1oPetFRgnh5xGNx9ii7UBhRHkatunRsPqEoBp%2FA%2B4Kz0tjX7XbrAg2cyHV45xt%2FZ1R2b%2BuU5y24gMD5%2Fz%2B1XYIC4zDA68bfJTc6J0Dd7UV68u%2FZ5%2BD%2BFRwWOCGdoR"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cf-ray 6b94f9134d0f05fd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
POST H3	200	359912cdbe30f49 Show response www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2643038263438964:1638785210:27992a424b0b34d8f6a5b1a29102d6af172e7462f3602d71b0ed1e2f50d0efbb/6b94f9126990693f/	2 KB 3 KB	205ms 205ms	XHR text/plain	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2643038263438964:1638785210:27992a424b0b34d8f6a5b1a29102d6af172e7462f3602d71b0ed1e2f50d0efbb/6b94f9126990693f/359912cdbe30f49 Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6b94f9126990693f Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash faac0e526778d5dd6e778d43d6e1a055ddd94b31d28540d644ac39bee3ae59a3 Request headers Referer https://www.kntrlstb.com/?r=3586 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 CF-Challenge 359912cdbe30f49 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Dec 2021 10:53:53 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf_chl_out CBy+Ln2UafASvjNrXcamUjNz99S4xMVaDzW/gsxsl5HJTGARjbXRcMtfhN8PMQee9Ask0IP12bRebrKRnWKmng==$tIZ730ISTkxZ5xxZrMM/2g== vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain;charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAs%2BjUwkK8m2hXcC1umOyws51nGvHdSnJdErJMTxjoRWOhjj5BBLF3vCqidHtQubQ8v9vyPvnsWcgF05ED3GZAUFKLgAm%2FitkciSIEVVqXwyc7lib2VZ0%2FLI0fQ1gpEWUdjHsAFAYy3ryAXs2c5%2B"}],"group":"cf-nel","max_age":604800} cf_chl_out_s Ut8524NdPkt2Ey7wr+ooYzKszgVgQdRe/agq7tNxwWZUePq8dTX1+Q/7qZW3kf4Ym+nJvr83j7zxXyRG9mKr6tctwNPRFLy9/Xfh+za2TzREPngxMA3c2ybqp80VCswqB9BkTdEtPPoX+wKAjmsAURs9olJQppTBTqCdS0W9RDWpVp3NPL+eoDO5pH41uWXyYNkSRnTHlNHKBK5mzhVz8V18ASL60nYHkUzQZTZCNGVSfwItdCEsa6FHzuvxGRh1$MATD511lVylYmlE+RIQfuA== cf-ray 6b94f918c92a05fd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	503	Primary Request / Show response www.kntrlstb.com/	10 KB 11 KB	18ms 18ms	Document text/html	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/?r=3586 Requested by Host: ref.gitadres.com URL: https://ref.gitadres.com/supertotobet Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ceebc5b84ba30d2d15c007132066923a3df6563d0b7fb835bbca812d37c4b20 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586 Response headers date Mon, 06 Dec 2021 10:53:55 GMT content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKZA7o0awH%2FFjlOXdRLsS4c%2BDCp9%2FAsorZ1tnknNf3mEjnxjyss2piw99mcREmeFoseGkyUO8GpuLdQk4b8r2DbYkczLatcZc6Wvzxc7q%2BQJ60RmHY8YAIGU9xz7Vnw%2FpSPL7%2BUWGJIHYQs5ZFm1"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6b94f9269c5805fd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	v1 Show response www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	35 KB 13 KB	28ms 28ms	Script text/javascript	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6b94f9269c5805fd Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/?r=3586 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b1fe4f9cbec3eb76fa709df60bb2c0eeffc8349e2e033fc64339c42ed2d4aca Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=p0Toxo64urGGxriowJgH.9cNZdT4IEH.u.ACuB3EHec-1638788035-0-gaNycGzNBlE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:55 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjvyMOjDYdfy7ONaTYUDBM7w2LFYM1%2BgsYmLY6JMMw3fXoR%2FOpnYLm2Xr9YYwYN39Amwzgrg7OeKHGnUBWvnzUBqQJfE5S1p3R%2FuC9x7%2FtT5xqayKBm09eZ7aOZ5YFhPrthuH4YxIsFoMMFaCWyI"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate cf-ray 6b94f926ccb105fd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	transparent.gif www.kntrlstb.com/cdn-cgi/images/trace/jschal/js/	42 B 222 B	11ms 11ms	Image image/gif	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.kntrlstb.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6b94f9269c5805fd Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=p0Toxo64urGGxriowJgH.9cNZdT4IEH.u.ACuB3EHec-1638788035-0-gaNycGzNBlE Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=p0Toxo64urGGxriowJgH.9cNZdT4IEH.u.ACuB3EHec-1638788035-0-gaNycGzNBlE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:55 GMT x-content-type-options nosniff last-modified Wed, 01 Dec 2021 12:20:23 GMT server cloudflare etag "61a76887-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6b94f926ccb205fd-FRA vary Accept-Encoding content-length 42 expires Mon, 06 Dec 2021 12:53:55 GMT
GET H3	200	transparent.gif www.kntrlstb.com/cdn-cgi/images/trace/jschal/nojs/	42 B 222 B	9ms 9ms	Image image/gif	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.kntrlstb.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6b94f9269c5805fd Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=p0Toxo64urGGxriowJgH.9cNZdT4IEH.u.ACuB3EHec-1638788035-0-gaNycGzNBlE Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.kntrlstb.com/?r=3586&__cf_chl_rt_tk=p0Toxo64urGGxriowJgH.9cNZdT4IEH.u.ACuB3EHec-1638788035-0-gaNycGzNBlE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 10:53:55 GMT x-content-type-options nosniff last-modified Wed, 01 Dec 2021 12:20:23 GMT server cloudflare etag "61a76887-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6b94f926ccb405fd-FRA vary Accept-Encoding content-length 42 expires Mon, 06 Dec 2021 12:53:55 GMT
POST H3	200	2ba7fbbaf3cb596 Show response www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06275092704522413:1638785177:913ad5ee716465b0197562c878d02c6624ca169931121fcda28e0a8742a74023/6b94f9269c5805fd/	103 KB 64 KB	112ms 112ms	XHR text/plain	2606:4700:3033::ac43:da8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06275092704522413:1638785177:913ad5ee716465b0197562c878d02c6624ca169931121fcda28e0a8742a74023/6b94f9269c5805fd/2ba7fbbaf3cb596 Requested by Host: www.kntrlstb.com URL: https://www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6b94f9269c5805fd Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:da8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27c7b35e89d223f0bee7833b4f640d2de5ac615c53fc8bd19b816baeaba47c7f Request headers Referer https://www.kntrlstb.com/?r=3586 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 CF-Challenge 2ba7fbbaf3cb596 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Dec 2021 10:53:55 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcxgxK%2BjHioZt1tO9jBRgYR4Qg5LVIBHD2GQVF06zIh5WKeYGNJt%2F0ttK3JwjlPpJW50pCZ%2B6CJrAKw9mcAUt8v%2FdK6H%2B440SRZtEar2%2FIEULlMHaYG1vi%2FTTqAYbj4yuSUJ8Ns8Ug%2FDHINMGJ9%2F"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cf-ray 6b94f9272d7005fd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _cf_chl_opt function| _cf_chl_enter function| SHA256 function| sendRequest function| _cf_atob boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx function| _ number| d number| jOgJLac

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.kntrlstb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06275092704522413:1638785177:913ad5ee716465b0197562c878d02c6624ca169931121fcda28e0a8742a74023/6b94f9269c5805fd	1969-12-31 23:59:59	Name: cf_chl_seq_2ba7fbbaf3cb596 Value: efc873b9b7117d1
			www.kntrlstb.com/	1970-01-19 23:13:11	Name: cf_chl_rc_ni Value: 1
			www.kntrlstb.com/	1970-01-19 23:13:11	Name: cf_chl_prog Value: e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.kntrlstb.com/?r=3586 Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.kntrlstb.com/?r=3586 Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ref.gitadres.com
www.kntrlstb.com
2606:4700:3033::ac43:da8b
2606:4700:3036::6815:2c3b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0a6865076ac573522477bd5f55fcffae99f881800955573096778dc0c582c2
1ceebc5b84ba30d2d15c007132066923a3df6563d0b7fb835bbca812d37c4b20
27c7b35e89d223f0bee7833b4f640d2de5ac615c53fc8bd19b816baeaba47c7f
2de182eceb14376820b15d7fa40f6349e723843de6f480bb4cec5bf62202cdf8
361d1941704fce65e6f3581b687e61eeece90f63ace99538a2b6cac4f8d58e7e
5f8d4a0b2cf0c818e7208b014622dde2bea2dc7178d496ff226df656d4fe39df
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b1fe4f9cbec3eb76fa709df60bb2c0eeffc8349e2e033fc64339c42ed2d4aca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faac0e526778d5dd6e778d43d6e1a055ddd94b31d28540d644ac39bee3ae59a3