urlscan.io logo urlscan.io
SecurityTrails logo

www.k-bettel.de Open in urlscan Pro
195.201.125.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Submission: On July 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 18 domains to perform 62 HTTP transactions. The main IP is 195.201.125.43, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is www.k-bettel.de.
TLS certificate: Issued by R3 on May 30th 2022. Valid for: 3 months.
This is the only time www.k-bettel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 195.201.125.43 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.217.92.94 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 136.243.4.18 24940 (HETZNER-AS)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 2606:4700:440... 13335 (CLOUDFLAR...)
1 157.90.5.183 24940 (HETZNER-AS)
2 46.105.201.240 16276 (OVH)
1 192.99.8.27 16276 (OVH)
5 213.202.218.154 24961 (MYLOC-AS ...)
1 10 104.20.45.59 13335 (CLOUDFLAR...)
1 2 89.163.148.251 24961 (MYLOC-AS ...)
1 212.53.214.163 8893 (ARTFILES-...)
1 35.204.150.5 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
62 19
16    195.201.125.43 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: k-bettel.hansespace.de
www.k-bettel.de
www.traffic-master.de
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    52.217.92.94 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2606:4700:3035::6815:2c75 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adsfcdn.com
2    136.243.4.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.4.243.136.clients.your-server.de
ad.a-ads.com
static.a-ads.com
11    2606:4700:20::681a:c6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bmcdn3.com
static.bmcdn3.com
media.bmcdn3.com
4    2606:4700:4400::6812:2aa7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.coinbase.com
1    157.90.5.183 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mnode1000.your-node.de
www.shimly.net
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.27 (Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net
s4.histats.com
5    213.202.218.154 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: mail.lcmmedia.de
www.lcmmedia.de
10    104.20.45.59 (None, )

ASN13335 (CLOUDFLARENET, US)
l.adcocktail.com
bk.adcocktail.com
2    89.163.148.251 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: mail.croxy.de
www.croxy.de
1    212.53.214.163 (Flensburg, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
www.spiele.links2000.de
1    35.204.150.5 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.150.204.35.bc.googleusercontent.com
www.lithium-zukunft.de
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adsfirm.com
Apex Domain
Subdomains		 Transfer
15 k-bettel.de
www.k-bettel.de
47 KB
11 bmcdn3.com
cdn.bmcdn3.com — Cisco Umbrella Rank: 97238
static.bmcdn3.com — Cisco Umbrella Rank: 203501
media.bmcdn3.com — Cisco Umbrella Rank: 216485
170 KB
10 adcocktail.com
l.adcocktail.com
bk.adcocktail.com
13 KB
5 lcmmedia.de
www.lcmmedia.de
3 KB
4 coinbase.com
www.coinbase.com — Cisco Umbrella Rank: 30594
1 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 15099
s4.histats.com — Cisco Umbrella Rank: 12573
12 KB
2 adsfirm.com
cdn.adsfirm.com — Cisco Umbrella Rank: 382352
18 KB
2 croxy.de
www.croxy.de
649 B
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 32908
static.a-ads.com — Cisco Umbrella Rank: 44837
669 KB
2 adsfcdn.com
cdn.adsfcdn.com — Cisco Umbrella Rank: 171360
30 KB
2 amazonaws.com
s3.amazonaws.com
8 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 258
4 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 350
64 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
46 KB
1 lithium-zukunft.de
www.lithium-zukunft.de — Cisco Umbrella Rank: 979411
1 links2000.de
www.spiele.links2000.de
19 KB
1 shimly.net
www.shimly.net
25 KB
1 traffic-master.de
www.traffic-master.de
250 B
62 18
Domain Requested by
15 www.k-bettel.de www.k-bettel.de
8 l.adcocktail.com www.shimly.net
l.adcocktail.com
8 cdn.bmcdn3.com www.k-bettel.de
cdn.bmcdn3.com
5 www.lcmmedia.de www.shimly.net
www.lcmmedia.de
4 www.coinbase.com 3 redirects www.k-bettel.de
2 static.bmcdn3.com cdn.bmcdn3.com
2 cdn.adsfirm.com cdn.adsfcdn.com
cdn.adsfirm.com
2 bk.adcocktail.com 1 redirects l.adcocktail.com
2 www.croxy.de 1 redirects www.lcmmedia.de
2 s10.histats.com www.k-bettel.de
s10.histats.com
2 cdn.adsfcdn.com www.k-bettel.de
2 s3.amazonaws.com www.k-bettel.de
s3.amazonaws.com
2 cdnjs.cloudflare.com www.k-bettel.de
2 ajax.googleapis.com www.k-bettel.de
www.shimly.net
1 media.bmcdn3.com cdn.bmcdn3.com
1 www.googletagmanager.com s3.amazonaws.com
1 www.lithium-zukunft.de www.lcmmedia.de
1 www.spiele.links2000.de www.shimly.net
1 s4.histats.com s10.histats.com
1 static.a-ads.com ad.a-ads.com
1 www.shimly.net www.k-bettel.de
1 www.traffic-master.de 1 redirects
1 ad.a-ads.com www.k-bettel.de
62 23

This site contains links to these domains. Also see Links.

Domain
www.traffic-master.de
www.histats.com
Subject Issuer Validity Valid
k-bettel.de
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh
coinbase.com
Cloudflare Inc ECC CA-3		 2022-02-18 -
2023-02-17		 a year crt.sh
shimly.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
histats.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
lcmmedia.de
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.adcocktail.com
Thawte RSA CA 2018		 2022-03-17 -
2023-04-17		 a year crt.sh
croxy.de
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
www.lithium-zukunft.de
R3		 2022-07-14 -
2022-10-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Frame ID: DBAB595B69762D9598B58CD748ED8F91
Requests: 33 HTTP requests in this frame

Frame: https://ad.a-ads.com/1663200?size=160x600
Frame ID: 35DD5952E171A3887A27D68B40A54E32
Requests: 3 HTTP requests in this frame

Frame: https://www.coinbase.com/de/signup
Frame ID: 8E9E6A09D8D06E122C35F78DE3153993
Requests: 1 HTTP requests in this frame

Frame: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Frame ID: 174EE5D23BA67A57516D838963CF88DF
Requests: 13 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Frame ID: 596B1469CBA93B72105AE59573E01742
Requests: 1 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD0yMzk2JnNpZD04OCZ2MT02Zjk3NzQ1YWNiZWE3YjM5YTI5YmVmZTMzMTAwODU3MzBkN2RmNzdlYTg0MjljYTM4ODkyOTdjOWY4NmFkMWFlODI3ZGY5ZmQwYWU4MWQzOTI3OTBjYjEyN2EzMmMxZGFkNTFhMGVmOWUyYzlhOTgyOGQwMDJmMWU2YTY1MDYxNiZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Frame ID: C9D0149B5A5060DD34EAD961140CBB9C
Requests: 2 HTTP requests in this frame

Frame: https://www.lithium-zukunft.de/wachstum
Frame ID: 8AAFB8915CD3E79448E2294A58E9C497
Requests: 2 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2396&sid=88
Frame ID: 6AEC15C0E7989D5127D52DF628693960
Requests: 2 HTTP requests in this frame

Frame: https://cdn.adsfirm.com/iframe/
Frame ID: 49860DF9F86D60F13DB7CAC23810D4E3
Requests: 4 HTTP requests in this frame

Frame: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: A652C569B9C08A69E45A919A98B239DD
Requests: 7 HTTP requests in this frame

Frame: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 2BD668627AB896C89CCAA4242C2BA4E8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

K-Bettel.de - Bettel dich reich!

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

97 %
HTTPS

39 %
IPv6

18
Domains

23
Subdomains

19
IPs

6
Countries

1130 kB
Transfer

1545 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.traffic-master.de/traffic.php HTTP 302
  • https://www.coinbase.com/join/izCQcQ HTTP 302
  • https://www.coinbase.com/de/join/izCQcQ HTTP 301
  • https://www.coinbase.com/signup HTTP 302
  • https://www.coinbase.com/de/signup
Request Chain 46
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzMzNzd8ODc5MTJ8MTk5OTE0fDE2NTc4NDc1MjY= HTTP 302
  • https://www.spiele.links2000.de/links2000.gif
Request Chain 47
  • https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cubGl0aGl1bS16dWt1bmZ0LmRlL3dhY2hzdHVt HTTP 301
  • https://www.lithium-zukunft.de/wachstum

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.k-bettel.de/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
e0d4fede289cc89fd09e1cc3ee458e46169988ce6c6a582c7f2cad89b4d7ff67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3688
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 01:12:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
main.css
www.k-bettel.de/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.k-bettel.de/css/main.css
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 11:15:05 GMT
Server
Apache
ETag
"1aa8-5a26107816040-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1361
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 00:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 00:11:36 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10551310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBYSkCid%2FjjDAH8IbW4P3NwAtqJE5eFgsQ4l5ZniApE570w0OffSq0c1eb9QYL5X3oE1axl2%2B9z16D1PV3mfLKJFxE9lIdiqBIpsDR7348S%2F63NxM2HVn%2FWWGPyDMd2SdCidU2ayWupRp4w8wTal2irC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72aea0bcef5c9a39-FRA
expires
Wed, 05 Jul 2023 01:12:05 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4274257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7Tij8W%2FowFvCy19DlDhkXPOI019PsD4pI3qRSP67Uj%2FUXySFvWwN8VszwRzOEwuLobXfw%2Fxz%2Ff%2BgudRL%2B7hlGsOGyiGI%2BGtlOw%2F15uoSUQvvvKCv46Ih9QofJpe6uF7HAMMptru33YjXAjCaLKaehUD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72aea0bcef5a9a39-FRA
expires
Wed, 05 Jul 2023 01:12:05 GMT
script.js
s3.amazonaws.com/valao-cloud/cookie-hinweis/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.92.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:07 GMT
Last-Modified
Fri, 25 Nov 2016 10:04:09 GMT
Server
AmazonS3
x-amz-request-id
CKFE4NH4XSJVAJDJ
ETag
"9f90654a8f604d63de9dd294259e6eff"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
4605
x-amz-id-2
rqqVwAi9Vo5kNmyGTvvDlOJTTd6rSkorPzj3TkgdHDtLcUEJ2JrIXYoVpddpWQwgHEH+EAHdNN0=
TmFvVWxmQXhhbTA9.js
cdn.adsfcdn.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsfcdn.com/js/TmFvVWxmQXhhbTA9.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2c75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d6a585982bddd8eb45578ec3c3e160e799b70d1f1403eb854113d713bcffb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29973
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 09 Jul 2022 04:29:32 GMT
server
cloudflare
etag
W/"62c9042c-d7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5ZKdbZypVHQWu4b4Vk4u0kPUSKpr2ES%2B2EF2AJZ%2BmZDilvkFN01oNjhKxGhWo1bgCkD%2BIpux3blMx3fNFj11BdAsbp3YIMwDl9FH%2BCyyfJ9a7eJDZ6e5DpEkXEXAyGguiYe8JaP%2FMq3h7V9sq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
72aea0bd6ebd5c5c-FRA
expires
Fri, 15 Jul 2022 04:52:32 GMT
1663200
ad.a-ads.com/ Frame 35DD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1663200?size=160x600
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
555efe36ad42441d2cd7320d464cbc5a64bcde8204073a27422e687c2fc40865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 15 Jul 2022 01:12:06 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www.k-bettel.de/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
bg.png
www.k-bettel.de/images/ 		288 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/bg.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"120-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
288
header.png
www.k-bettel.de/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/header.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 25 May 2020 11:36:45 GMT
Server
Apache
ETag
"8d1b-5a67764bd4d40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
36123
topLoginBg.png
www.k-bettel.de/images/ 		704 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/topLoginBg.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"2c0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
704
topButton.png
www.k-bettel.de/images/ 		215 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/topButton.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"d7-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
215
mainBg.gif
www.k-bettel.de/images/ 		98 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/mainBg.gif
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"62-4ca767b64d500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
98
navTop.png
www.k-bettel.de/images/ 		208 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navTop.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"d0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
208
navMid.png
www.k-bettel.de/images/ 		192 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navMid.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"c0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
192
navFoot.png
www.k-bettel.de/images/ 		236 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navFoot.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"ec-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
236
623c55576a92bc002503d00b.js
cdn.bmcdn3.com/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/623c55576a92bc002503d00b.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58fa1c8d013bc2c0f5be953242c0e0d24bfc1bfcd14711cec3f32a2191edd754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
accept-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-methods
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwZHfJLAolKLZ9m6Jd3ks3eh6vL%2FCeHC5KeLDsb6QsqPivraZKkGUbtAlWT2fQLEsN%2F7R3M4Jh3YrbjmBq3QmwXEUSIZw0CwQA8m5d5E5vlgCCw%2BuNxypE3GXu5PQwv6b%2FeiNsBQ1hUyR5uP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
cf-ray
72aea0bd8ab49bb3-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 15 Jul 2022 01:42:06 GMT
signup
www.coinbase.com/de/ Frame 8E9E
Redirect Chain
  • https://www.traffic-master.de/traffic.php
  • https://www.coinbase.com/join/izCQcQ
  • https://www.coinbase.com/de/join/izCQcQ
  • https://www.coinbase.com/signup
  • https://www.coinbase.com/de/signup
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coinbase.com/de/signup
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://login.coinbase.com https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob: https://www.youtube.com https://player.vimeo.com/video/ https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://*.paypal.com https://pay.google.com/ https://accounts.google.com/ https://transact.atomicfi.com/ https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com https://alchemy.veriff.com https://price-table-widget.coinbase.com https://magic.veriff.me https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect https://lpcdn.lpsnmedia.net/ https://va.idp.liveperson.net/ https://va.msg.liveperson.net/ https://va.msghist.liveperson.net/; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://player.vimeo.com/api/player.js https://vimeo.com/api/oembed.json https://s.adroll.com https://d.adroll.com https://cdn.segment.com https://api.segment.io https://login.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://*.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://people.googleapis.com https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://*.braintree-api.com https://api.braintreegateway.com https://vq0hrc01qb.execute-api.us-east-1.amazonaws.com/api wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://contentful.coinbase.com/ https://api.userleap.com/ https://api.sprig.com/ https://widgets.marqeta.com/client/api/v1/ https://assets.ctfassets.net/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://api.kickofflabs.com/ https://c.tvpixel.com/ https://p.tvpixel.com/ https://*.salesforce.com https://rs.fullstory.com https://api.wallet.coinbase.com wss://va.msg.liveperson.net/ wss://*.bridge.walletconnect.org wss://bridge.walletconnect.org https://registry.walletconnect.com/api/v2/wallets wss://www.walletlink.org; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://i.vimeocdn.com/video/ https://d.adroll.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://asset-metadata-service-production.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://*.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px https://atomicfi-public-production.s3.amazonaws.com https://cdn-public.atomicfi.com https://api.custody.coinbase.com/ https://help.coinbase.com/ https://lpcdn.lpsnmedia.net/; media-src 'self' https://www.coinbase.com https://lpcdn.lpsnmedia.net/ blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://cdn.segment.com https://player.vimeo.com/api/player.js https://s.adroll.com https://d.adroll.com https://www.youtube.com/iframe_api https://www.youtube.com/s/player/ https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com https://recaptcha.net/ https://www.gstatic.cn/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://cdn.atomicfi.com/transact.js https://c.tvpixel.com/ https://p.tvpixel.com/ https://rs.fullstory.com https://price-table-widget.coinbase.com https://lptag.liveperson.net/ https://accdn.lpsnmedia.net/ https://lpcdn.lpsnmedia.net/ https://va.v.liveperson.net/; style-src 'self' 'unsafe-inline' https://assets.coinbase.com https://www.coinbase.com https://s.adroll.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
BYPASS
cf-ray
72aea0c53b436919-FRA
content-encoding
gzip
content-security-policy
default-src 'self' https://login.coinbase.com https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://static-assets.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob: https://www.youtube.com https://player.vimeo.com/video/ https://widget.coinbase.com https://datawrapper.dwcdn.net/ https://widgets.marqeta.com https://*.paypal.com https://pay.google.com/ https://accounts.google.com/ https://transact.atomicfi.com/ https://cb-monorail-legal-agreements-prod.s3.us-east-1.amazonaws.com https://alchemy.veriff.com https://price-table-widget.coinbase.com https://magic.veriff.me https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect https://lpcdn.lpsnmedia.net/ https://va.idp.liveperson.net/ https://va.msg.liveperson.net/ https://va.msghist.liveperson.net/; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://player.vimeo.com/api/player.js https://vimeo.com/api/oembed.json https://s.adroll.com https://d.adroll.com https://cdn.segment.com https://api.segment.io https://login.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://assets.coinbase.com/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://analytics.google.com https://*.google-analytics.com https://maps.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://people.googleapis.com https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://translations.coinbase.com https://translations.coinbase.com https://static.coinbase.com https://events-service.coinbase.com/amp https://events-service.coinbase.com/track-exposures https://events-service.coinbase.com/bugsnag https://events-service.coinbase.com/metrics https://*.braintree-api.com https://api.braintreegateway.com https://vq0hrc01qb.execute-api.us-east-1.amazonaws.com/api wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api https://cdn.contentful.com/ https://preview.contentful.com/ https://contentful.coinbase.com/ https://api.userleap.com/ https://api.sprig.com/ https://widgets.marqeta.com/client/api/v1/ https://assets.ctfassets.net/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://api.kickofflabs.com/ https://c.tvpixel.com/ https://p.tvpixel.com/ https://*.salesforce.com https://rs.fullstory.com https://api.wallet.coinbase.com wss://va.msg.liveperson.net/ wss://*.bridge.walletconnect.org wss://bridge.walletconnect.org https://registry.walletconnect.com/api/v2/wallets wss://www.walletlink.org; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://assets.ctfassets.net/; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://i.vimeocdn.com/video/ https://d.adroll.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://dynamic-assets.coinbase.com https://published-assets.coinbase.com https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://asset-metadata-service-production.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: https://static.coinbase.com https://www.facebook.com/tr/ https://images.ctfassets.net/ https://i.ytimg.com/vi/ https://*.paypal.com https://px.ads.linkedin.com https://www.linkedin.com/px https://p.adsymptotic.com/d/px https://atomicfi-public-production.s3.amazonaws.com https://cdn-public.atomicfi.com https://api.custody.coinbase.com/ https://help.coinbase.com/ https://lpcdn.lpsnmedia.net/; media-src 'self' https://www.coinbase.com https://lpcdn.lpsnmedia.net/ blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://cdn.segment.com https://player.vimeo.com/api/player.js https://s.adroll.com https://d.adroll.com https://www.youtube.com/iframe_api https://www.youtube.com/s/player/ https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com https://widget.coinbase.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://static-assets.coinbase.com/js/ https://*.paypal.com https://recaptcha.net/ https://www.gstatic.cn/ https://images.ctfassets.net/ https://pay.google.com/ https://accounts.google.com/ https://cdn.atomicfi.com/transact.js https://c.tvpixel.com/ https://p.tvpixel.com/ https://rs.fullstory.com https://price-table-widget.coinbase.com https://lptag.liveperson.net/ https://accdn.lpsnmedia.net/ https://lpcdn.lpsnmedia.net/ https://va.v.liveperson.net/; style-src 'self' 'unsafe-inline' https://assets.coinbase.com https://www.coinbase.com https://s.adroll.com https://assets.coinbase.com/ https://card.coinbase.com/ https://static.coinbase.com; report-uri /csp-logging
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 01:12:07 GMT
etag
W/"24eba-4LJRhDRMEovgwTTWYQPXg/zC8cw"
expect-ct
enforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
expires
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
surrogate-control
no-store
trace-id
6653887269829836383
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
BYPASS
cf-ray
72aea0c42a6a6919-FRA
content-length
64
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 01:12:07 GMT
expect-ct
enforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
expires
0
location
/de/signup
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
surrogate-control
no-store
trace-id
8237475183708192842
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-xss-protection
1; mode=block
ptp-1-1675-30-48-sh
www.shimly.net/public/ Frame 174E 		65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shimly.net/public/ptp-1-1675-30-48-sh
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.5.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mnode1000.your-node.de
Software
Apache /
Resource Hash
27b16f23d9d1b742da4e761a10868c5a2156eda54207f1643263ffc36c0a2f0e

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
25674
content-type
text/html; charset=utf-8
date
Fri, 15 Jul 2022 01:12:06 GMT
server
Apache
vary
Accept-Encoding
pop.php
www.k-bettel.de/popup/ 		0
0
623c565afdbfc7001a590989.js
cdn.bmcdn3.com/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3109fb4b81d52def23ecdb56ec026bb0ac3e9cd6a05a93e7e00526824682bf2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
accept-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-methods
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vf9FulS%2Br1H7iDQ0dYikn4iA9z2D7BsRCCO5DNLtKLoIsVv3n7I11jjxZKPU4oDqGid0OD7HHVdwNTflu5c%2FixZWBkc9SNPnI2V%2BaOTs5oBLgFi2ndY6mlDkC%2FLnApUCrkVI1OR5ioOdvXpY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
cf-ray
72aea0bd8ab59bb3-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 15 Jul 2022 01:42:06 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:02:22 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
718932443
contentTop.png
www.k-bettel.de/images/ 		237 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentTop.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"ed-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
237
contentMid.gif
www.k-bettel.de/images/ 		81 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentMid.gif
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"51-4ca767b64d500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
81
contentFoot.png
www.k-bettel.de/images/ 		101 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentFoot.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"65-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
101
countmid.png
www.k-bettel.de/images/ 		94 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/countmid.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:05 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"5e-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
94
footer.png
www.k-bettel.de/images/ 		467 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/footer.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"1d3-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
467
160x600
static.a-ads.com/a-ads-banners/393781/ Frame 35DD 		663 KB
664 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393781/160x600?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1663200?size=160x600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx /
Resource Hash
657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
last-modified
Tue, 31 May 2022 13:36:40 GMT
server
nginx
x-amz-request-id
Q9PGPD39HZ5EHRY6
etag
"be74ac110e715286295dca6083c0d2a7"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
679079
accept-ranges
bytes
x-amz-version-id
IqF_AcCFiT4rzay4H.z3QpoKMh_R2ZHV
x-amz-id-2
70xFKz6qSUi5vEQJ9EgqrPGANRr+X0QLLbJ/Fzm0vROpx6u7YBzzsm8jBjy6L66CxOtsZ3Uvv+4=
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 35DD 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
4631295.php
s4.histats.com/stats/ 		95 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4631295.php?4631295&@f16&@g1&@h1&@i1&@j1657847526050&@k0&@l1&@mK-Bettel.de%20-%20Bettel%20dich%20reich!&@n0&@o1000&@q0&@r0&@s328&@ten-US&@u1600&@b1:-15459546&@b3:1657847526&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500876.ip-192-99-8.net
Software
/
Resource Hash
35ee5e2773ddc3a944f878b3560b046e470fb0188e63febd9f02533d8aed97a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:06 GMT
Connection
close
Content-Length
95
Content-Type
text/html;charset=UTF-8
ziel.php
www.lcmmedia.de/kamp/ Frame 596B 		1 KB
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.30 PleskLin
Resource Hash
f08cd907ffb36d2a5c02f6e990d10c606bcddb435b851041bb77b73adc8639c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.shimly.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
690
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.30 PleskLin
truncated
/ Frame 174E 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 174E 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 22:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jul 2023 22:19:10 GMT
lay.php
l.adcocktail.com/ Frame 174E 		262 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Jul 2022 01:12:06 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
72aea0be3d376945-FRA
content-length
174
expires
Wed, 11 Jan 1984 05:00:00 GMT
layer.css
l.adcocktail.com/ Frame 174E 		2 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/layer.css?id=2
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2018 13:34:28 GMT
server
cloudflare
etag
"684-565180dcd5f3b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
cf-ray
72aea0be8d7c6945-FRA
content-length
586
layerhead.js
l.adcocktail.com/ Frame 174E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/layerhead.js?id=2
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2018 09:26:46 GMT
server
cloudflare
etag
"d67-5651497f64282-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
cf-ray
72aea0be8d7d6945-FRA
content-length
1300
l_rota_v.php
l.adcocktail.com/ Frame 174E 		2 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebbfe1eefff0733bd582f14030519c42de1fb2018e0b96c961efabe2e4ddd67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Jul 2022 01:12:06 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
72aea0be8d7f6945-FRA
content-length
726
expires
Wed, 11 Jan 1984 05:00:00 GMT
frame_forced.php
www.lcmmedia.de/kamp/ Frame C9D0 		373 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD0yMzk2JnNpZD04OCZ2MT02Zjk3NzQ1YWNiZWE3YjM5YTI5YmVmZTMzMTAwODU3MzBkN2RmNzdlYTg0MjljYTM4ODkyOTdjOWY4NmFkMWFlODI3ZGY5ZmQwYWU4MWQzOTI3OTBjYjEyN2EzMmMxZGFkNTFhMGVmOWUyYzlhOTgyOGQwMDJmMWU2YTY1MDYxNiZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.30 PleskLin
Resource Hash
21809cc53562cc5be1107582b2541e462cdaede1dc5ba766824b77e86c2f7301
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
327
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.30 PleskLin
go.php
www.croxy.de/ Frame 8AAF 		599 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.croxy.de/go.php?id=2396&sid=aHR0cHM6Ly93d3cubGl0aGl1bS16dWt1bmZ0LmRlL3dhY2hzdHVt
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.163.148.251 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.croxy.de
Software
nginx / PHP/7.3.20 PleskLin
Resource Hash
161108104fe17f9f817c158809a90df0a2f0abb4e275a73e37bcad7f1d5d8bd5

Request headers

Referer
https://www.lcmmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
326
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
ms-author-via
DAV
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.20 PleskLin
kamp_m_lcm.php
www.lcmmedia.de/kamp/ Frame 6AEC 		1 KB
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2396&sid=88
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.30 PleskLin
Resource Hash
a712e6ca4e5cc875dd45431e983b109010d7ce121ad3aeacb3f026a3c2dbde74
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
565
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.30 PleskLin
bk_rota.php
bk.adcocktail.com/ Frame 174E 		279 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.adcocktail.com/bk_rota.php?format=468x60&uid=87912&wsid=199914
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a894b7bc309915f90a38bc419cae7c364115406cb15ab6fc12c9e7f048de276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
72aea0becde16945-FRA
content-length
202
expires
Wed, 11 Jan 1984 05:00:00 GMT
adc_layer_logo.png
l.adcocktail.com/images/ Frame 174E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_logo.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:13 GMT
server
cloudflare
age
5177
etag
"1448-56502018ce55d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
72aea0bebdc16945-FRA
content-length
5192
adc_layer_fav.png
l.adcocktail.com/images/ Frame 174E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_fav.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:13 GMT
server
cloudflare
age
5449
etag
"68b-56502018c397b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
72aea0bebdc26945-FRA
content-length
1675
adc_layer_new.png
l.adcocktail.com/images/ Frame 174E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_new.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:14 GMT
server
cloudflare
age
4765
etag
"54c-56502018e6c02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
72aea0bebdc36945-FRA
content-length
1356
adc_layer_stop.png
l.adcocktail.com/images/ Frame 174E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_stop.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:14 GMT
server
cloudflare
age
4765
etag
"4ea-56502018f0844"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
72aea0bebdc46945-FRA
content-length
1258
style.css
www.lcmmedia.de/kamp/ Frame 6AEC 		486 B
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/style.css
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2396&sid=88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PleskLin
Resource Hash
f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2396&sid=88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 16:02:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"1e6-5c3deb3e84805-gzip"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-accel-version
0.01
date
Fri, 15 Jul 2022 01:12:06 GMT
accept-ranges
bytes
content-length
255
frame_forced.php
www.lcmmedia.de/kamp/ Frame C9D0 		32 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD0yMzk2JnNpZD04OCZ2MT02Zjk3NzQ1YWNiZWE3YjM5YTI5YmVmZTMzMTAwODU3MzBkN2RmNzdlYTg0MjljYTM4ODkyOTdjOWY4NmFkMWFlODI3ZGY5ZmQwYWU4MWQzOTI3OTBjYjEyN2EzMmMxZGFkNTFhMGVmOWUyYzlhOTgyOGQwMDJmMWU2YTY1MDYxNiZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.30 PleskLin
Resource Hash
7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD0yMzk2JnNpZD04OCZ2MT02Zjk3NzQ1YWNiZWE3YjM5YTI5YmVmZTMzMTAwODU3MzBkN2RmNzdlYTg0MjljYTM4ODkyOTdjOWY4NmFkMWFlODI3ZGY5ZmQwYWU4MWQzOTI3OTBjYjEyN2EzMmMxZGFkNTFhMGVmOWUyYzlhOTgyOGQwMDJmMWU2YTY1MDYxNiZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
39
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.30 PleskLin
links2000.gif
www.spiele.links2000.de/ Frame 174E
Redirect Chain
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzMzNzd8ODc5MTJ8MTk5OTE0fDE2NTc4NDc1MjY=
  • https://www.spiele.links2000.de/links2000.gif
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spiele.links2000.de/links2000.gif
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Server
212.53.214.163 Flensburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
Software
Apache /
Resource Hash
608c6f10838f82cab43378458f60f0b295cb7351950531f34b6d65ade1d0c7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
last-modified
Sat, 17 Aug 2019 06:53:04 GMT
server
Apache
accept-ranges
bytes
etag
"4997-5904a8f0006b6"
content-length
18839
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 15 Jul 2022 01:12:06 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://www.spiele.links2000.de/links2000.gif
note
CACHING IS DISABLED
cf-ray
72aea0bf0e1f6945-FRA
content-length
20
expires
Wed, 11 Jan 1984 05:00:00 GMT
wachstum
www.lithium-zukunft.de/ Frame 8AAF
Redirect Chain
  • https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cubGl0aGl1bS16dWt1bmZ0LmRlL3dhY2hzdHVt
  • https://www.lithium-zukunft.de/wachstum
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lithium-zukunft.de/wachstum
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=2396&sid=88&v1=6f97745acbea7b39a29befe3310085730d7df77ea8429ca3889297c9f86ad1ae827df9fd0ae81d392790cb127a32c1dad51a0ef9e2c9a9828d002f1e6a650616&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.204.150.5 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.150.204.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.croxy.de
Referer
https://www.croxy.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate no-transform
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=Edge

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 01:12:06 GMT
location
https://www.lithium-zukunft.de/wachstum
ms-author-via
DAV
server
nginx
x-powered-by
PHP/7.3.20 PleskLin
gtm.js
www.googletagmanager.com/ 		124 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVL985
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
815a08570065421ca3fc1e52164b75f498db1037c12798be91664262e84bd6d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46556
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Jul 2022 01:12:06 GMT
901405584196.js
cdn.bmcdn3.com/js/source/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/source/901405584196.js?v=1.0.1
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/js/623c55576a92bc002503d00b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6f4084e9e0587e95e25d42850922ddf7c84ff9eebb629a3a05cba82282c177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
accept-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-methods
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysz9gWSIYzxmtbpjhwg3GJPHzKFfHAU9zUQTAgzxN4s%2FM5bhU%2FjPpJl4KdxDS0MnWpszrcsC%2FenapeN4oLO5cXbIyt6cbnfBKb%2Ba%2FGJckDY%2FkA%2BOUxnFPcXewnJWUJ9k8hYnwvvfIOs4D8Kj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
cf-ray
72aea0bf7c4f9bb3-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Fri, 15 Jul 2022 01:42:06 GMT
cc_328.js
s10.histats.com/counters/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_328.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:09:48 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
51.254.41.128/25
etag
"853387749"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
7129
x-request-id
916391113
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
/
cdn.adsfirm.com/iframe/ Frame 4986 		42 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adsfirm.com/iframe/
Requested by
Host: cdn.adsfcdn.com
URL: https://cdn.adsfcdn.com/js/TmFvVWxmQXhhbTA9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246e8b0bbc5119f4d67faf2c6d2f9624a7be89d555e05281e1709a98097f03a5

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72aea0c1bc345c7a-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 01:12:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 13 Jun 2022 08:58:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev2qco60PHA4sDF5HzU4Zr7%2FCfrf9NPtkY1LsArdTIHvO6KRe%2BFM8yepQwapFY%2F2dyVOli3JTVH3bD9DkrmIKOzFNS4NCQrJEgCtlgN9YljIlN5rHN6p5gfjIW6zPpWR9fOO1hbGHBWQAT%2Bic58%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
cdn.bmcdn3.com/p/623c55576a92bc002503d00b/ Frame A652 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/js/source/901405584196.js?v=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b41d6820c5d384648cd890114fb072bb53efd0a2c39a9f04bc1141f4ae98cb7

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-encoding
gzip
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
72aea0c24f499bb3-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 01:12:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STGgkTj%2Fk%2F3UGKJvKm34v23MNlxBIFGyhWaYj8B8Cquj9gL76Qxq%2FmS9Yxrc44Q%2BgkXf%2BlWWwJRjAIEbVf5GKqZ%2FEVfChC6rOQVRMqOREMpT8V6jyaDfEL8RSRo%2BdGbfgSsPS%2FTJW3pwkuO1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/ 		35 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=de788e12-6e49-4c55-8101-a1aba82a23de
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
accept-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VigHGzpV%2FBwFkiQGIxObmjB0%2FemcAcjzMiD9ATLrwkdKNmUwORsp1CpnRZc1WkclTM609OLr1KSLYP%2FOGAoQx8X%2FBFVkgIpcEYcfyGueF%2B9lavfnkOvmA2GpnmOiMK9wvytNHaDTriy8OlRQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cf-ray
72aea0c24f479bb3-FRA
cf-cache-status
DYNAMIC
truncated
/ Frame 4986 		505 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c42dd792f7ea62abcb52e60fe3627394cc5c27d5dfbea9a99dbb5ca815638d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
cdn.bmcdn3.com/p/623c565afdbfc7001a590989/ Frame 2BD6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/js/source/901405584196.js?v=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8499370658c420cb2e99475cf903e20c7ea25d0152c25ee8ac0c7e8c4005ace9

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-encoding
gzip
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
72aea0c26f599bb3-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 01:12:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOdQ2QtlwYZKEcom8K7tlJ6t10SsUGpLDI%2BpfjF1ZaIso6D3hMUlwVunTZbg%2Fw%2FsNw4F9FkYqygxhIroZ6ig8M8ZxTqkC7sg6Xx%2Bb4qI6dvra8LZXOWNMG5A5Eg69ghI3AA7cZcOwgh4w%2BjS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
imp
cdn.adsfirm.com/ad/ Frame 4986 		819 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.adsfirm.com/ad/imp?c=eyJzaWQiOiJia2htZDFWWk56TktZVEE5IiwiYmlkIjoiVG1GdlZXeG1RWGhoYlRBOSIsInNpemUiOiI0Njh4NjAiLCJmIjoiMCIsIm4iOiIwIiwiZmlkIjoiMjc5OTA0MWEzNTE1ZmI0OGIxNzJjMTQxZjgwYzBmZGMiLCJ1dWlkIjoiNmZlNGI5OTQtNWMzOS00ZTk2LTg2MmQtZDkwZjFmYzcwNGVkIiwic291cmNlIjoiaHR0cHM6Ly93d3cuay1iZXR0ZWwuZGUvaW5kZXgucGhwP2NvbnRlbnQ9L25vcmVsb2FkJnJlZj00NDE0ODQmdGFuPTAzMDk2NDViNzRhNTNlMzVhYTY3NGUzMDU1MGI4NzBiJnN0ZXAyPW9rIiwicmVmIjoiaHR0cHM6Ly93d3cuay1iZXR0ZWwuZGUvaW5kZXgucGhwP2NvbnRlbnQ9L25vcmVsb2FkJnJlZj00NDE0ODQmdGFuPTAzMDk2NDViNzRhNTNlMzVhYTY3NGUzMDU1MGI4NzBiJnN0ZXAyPW9rIiwidGltZXpvbmUiOjAsImxhbmciOiJlbi1VUyIsInBsYXRmb3JtIjoiV2luMzIiLCJzY3JlZW4iOiIxNjAweDEyMDAifQ==
Requested by
Host: cdn.adsfirm.com
URL: https://cdn.adsfirm.com/iframe/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15d1373139d451c90b532dc03e6bcd96fce6973a4145415b8718cac345b4c29

Request headers

Referer
https://cdn.adsfirm.com/iframe/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPgL6kymd6qb6%2BRva7b6E4gQyAsVJo4rPTyosileN4CtoRZ70EadJ9HuU2TS1LpddFMpYG7107M2k7I4f5B1OxGDuXPofTKjET1NdtHJ07EWFaOpC8tUIyWDPml88F%2B7Hc28IEQva23n1wFV1II%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
72aea0c32ba19153-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
img.css
static.bmcdn3.com/css/ Frame 2BD6 		10 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/img.css?v=v1.25.10
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b5321876158751e32376f288432d101ce4991523bff3d278ed6613801a3351

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5041
cf-polished
origSize=10164
last-modified
Tue, 28 Jun 2022 17:05:39 GMT
server
cloudflare
etag
W/"62bb34e3-27b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpOYzcJNGIMjy9ks8BF%2FqHBGlbAi3YRVaVIEA57dsgDk2IAg0LVb0RpigA6CGKw4o7HGWjjjEyt5%2Fvy%2BNiOri8uiLaf%2F2rubMM94%2FUUMXE9bavYR5DRy48UX6wUlNKYt%2B06hbt6x7%2F%2BMfh4KfdaI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
72aea0c368439bb3-FRA
cf-bgj
minify
49b13200-f91d-11ec-857a-51fff68f8f6bca006509-b67d-442b-9f2b-cb27ebe91339.png
media.bmcdn3.com/static/ Frame 2BD6 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bmcdn3.com/static/49b13200-f91d-11ec-857a-51fff68f8f6bca006509-b67d-442b-9f2b-cb27ebe91339.png
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319ba9525e8dd57816813ff818d687874414afd2aaf472370b8010d8e0321cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4184
cf-polished
origSize=176491
content-length
134288
last-modified
Fri, 01 Jul 2022 09:07:52 GMT
server
cloudflare
etag
"62beb968-2b16b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I49ICeQv91KFUlZ%2BNRXYt77UlNzcHKu31ySJucP1oTXWUC8UWtjp3LNFyxeiaL5LlLR2ggLgL47YJNc9lbtw0IB%2BLB5GXsMi5q6To6uYFUlXSdGIm4UYNHFhXn2grUL0rBba3xVLFha%2F1h6bXsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
72aea0c368419bb3-FRA
cf-bgj
imgq:100,h2pri
46860.css
static.bmcdn3.com/css/text/ Frame A652 		17 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/text/46860.css?v=v1.25.10
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=fbf1a9456897a5badd6fabdf12fa7d0a&fidnoua=ab522cd10032f375d23076075f373cad&impid=de788e12-6e49-4c55-8101-a1aba82a23de&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96d197a47a3fd436a74ec9292e62cb48d80aec199e250a3f846e5502129aae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235
cf-polished
origSize=17168
last-modified
Tue, 28 Jun 2022 17:05:32 GMT
server
cloudflare
etag
W/"62bb34dc-4310"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16Am8bVYB%2FSX9oQgAl0qmjwFcynn7uuGn%2BzxQ6g3lGJ0VXwHHt4xagXctNbwGuE10oZHESVXF6ryHzN1M0QvMS6m8r3YL9ebOIa%2F5kDYS%2BeM1ZfjmcdtUDYHF4A75Zh2c451sY499KbQe2JpEucj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
72aea0c368429bb3-FRA
cf-bgj
minify
d87ec83e821bdc0baa0d896e83677923.jpg
cdn.adsfcdn.com/banner/ Frame 4986 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adsfcdn.com/banner/d87ec83e821bdc0baa0d896e83677923.jpg
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2c75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfb44c16d398447aa64d2196a14f8b38832316cc27040ba16cd9df94fa035ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.adsfirm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
761828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28618
last-modified
Wed, 06 Jul 2022 05:27:16 GMT
server
cloudflare
etag
"62c51d34-6fca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNrjk4l%2F%2B2vUAkj%2B%2BwPv%2BKW1flX5Aei%2FHockOd0YVG3Dod%2FnVEKFMCDFaVT%2BhRua2H4Nro4cHj5gbnJXKeC4zBXOyP59Fu1g3CA9dtLT02bgvVDrIEYNNKFRYTlmIkyJMIns00EvS4Z3S5Qd6tI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
72aea0c37b889b58-FRA
expires
Fri, 05 Aug 2022 05:34:58 GMT
truncated
/ Frame A652 		292 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9231074c4a13ea732a6e9a47bc90560dfea16ab6a7496c24354732c0cb714537

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A652 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
755fc0caec1e189bec125a7f0dd5143ce200946bc789abdfa7030fd3bb97a814

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A652 		589 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6491ff7db9d295432c0c21c6383470abf21d53fd3b7cfffdbe46fe4b0fb656d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A652 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aeed5d1ea1b94c22c1a5fb1b40152a90d554fb92690a1f89664288bfd907702

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A652 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29c9cf80258b36d8d7684447d82713a3b709c87fca9f664812a3afb31efa68bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BD6 		292 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9231074c4a13ea732a6e9a47bc90560dfea16ab6a7496c24354732c0cb714537

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BD6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
755fc0caec1e189bec125a7f0dd5143ce200946bc789abdfa7030fd3bb97a814

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BD6 		589 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6491ff7db9d295432c0c21c6383470abf21d53fd3b7cfffdbe46fe4b0fb656d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2BD6 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aeed5d1ea1b94c22c1a5fb1b40152a90d554fb92690a1f89664288bfd907702

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
dark-bottom.css
s3.amazonaws.com/valao-cloud/cookie-hinweis/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/dark-bottom.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.92.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 01:12:08 GMT
Last-Modified
Thu, 13 Jun 2019 19:15:46 GMT
Server
AmazonS3
x-amz-request-id
734EKGC8NQXC1JK8
ETag
"5bf7ee25dfc531a650cadc3770723438"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3341
x-amz-id-2
POeIx6siBn4zmsIDlAwKrkboTrYfJtb2Ae5Ki+BCjxKkEaFVRNDkbuiVJfDjny8KtODffqVQsnI=
/
cdn.bmcdn3.com/confirm/e6f5c9ed-bf3f-403c-b584-73df25fdb427/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bmcdn3.com/confirm/e6f5c9ed-bf3f-403c-b584-73df25fdb427/?fid=fbf1a9456897a5badd6fabdf12fa7d0a&source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SE3mXfb3cOZAYblDEeKR73DwmIX0pZ%2BACDh%2BDIg1fZSywcwXWQ3pbYVTNxLNFD7E%2FJTcYBMxmXU1VacMJvWIr2YQstLi1R4fF0TeqtLF3qBS4xzsGTqUNKABQDMkiJl70lsTLcoC3hNcGimI"}],"group":"cf-nel","max_age":604800}
cf-ray
72aea0d519559bb3-FRA
/
cdn.bmcdn3.com/confirm/6d0a2fea-f30f-470a-aa6b-7b45fe7309af/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bmcdn3.com/confirm/6d0a2fea-f30f-470a-aa6b-7b45fe7309af/?fid=fbf1a9456897a5badd6fabdf12fa7d0a&source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D0309645b74a53e35aa674e30550b870b%26step2%3Dok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 01:12:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dk5CWz3LYYrNz9H%2BWNoWxASvgV5QgzSwUzezRPoOsg8CdOHHctXP3o1zV3XbD%2F09F3JxNAa%2BKeig59QDfemY6pnoYrKg6VQ%2BUnj9F7pdnqc69X5NVRtQAB%2FF7R1zf%2F03YzQIJhrbP9ZgT%2F%2F2"}],"group":"cf-nel","max_age":604800}
cf-ray
72aea0d519619bb3-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.k-bettel.de
URL
http://www.k-bettel.de/popup/pop.php

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery number| auto_refresh object| _Hasync object| cookieconsent_options object| afblocks function| chfh function| chfh2 string| _HST_cntval object| Histats number| G5hF8MZvNqnLogLevel boolean| hasCookieConsent object| dataLayer object| _HistatsCounterGraphics_328_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_328 function| histats_canvascounters_base.js object| google_tag_manager boolean| changed boolean| isG5hF8MZvNqnTabActive function| G5hF8MZvNqnBMRun boolean| isG5hF8MZvNqnLoaded object| bmblocks function| update_cookieconsent_options string| token

10 Cookies

Domain/Path Name / Value
www.k-bettel.de/ Name: PHPSESSID
Value: b1qpbr4v10n9ducqj1roohi0p6
www.k-bettel.de/ Name: HstCfa4631295
Value: 1657847526050
www.k-bettel.de/ Name: HstCla4631295
Value: 1657847526050
www.k-bettel.de/ Name: HstCmu4631295
Value: 1657847526050
www.k-bettel.de/ Name: HstPn4631295
Value: 1
www.k-bettel.de/ Name: HstPt4631295
Value: 1
www.k-bettel.de/ Name: HstCnv4631295
Value: 1
www.k-bettel.de/ Name: HstCns4631295
Value: 1
www.k-bettel.de/ Name: bitmedia_fid
Value: eyJmaWQiOiJmYmYxYTk0NTY4OTdhNWJhZGQ2ZmFiZGYxMmZhN2QwYSIsImZpZG5vdWEiOiJhYjUyMmNkMTAwMzJmMzc1ZDIzMDc2MDc1ZjM3M2NhZCJ9
.coinbase.com/ Name: __cf_bm
Value: rooC4nSMXSvS7U25ker8328VE0k9F0baxWiE3AyZPZQ-1657847526-0-Ac8dns6as3kCqdULNRT5+cekzS7t+C979/kAhk2er427F2KtN65r/KaPDcMojZFcPP/WFIgBsQQ2Q6OlMt5mKnw=

5 Console Messages

Source Level URL
Text
security error URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok' was loaded over HTTPS, but requested an insecure script 'http://www.k-bettel.de/popup/pop.php'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=(Line 16)
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=0309645b74a53e35aa674e30550b870b&step2=ok' was loaded over HTTPS, but requested an insecure frame 'http://l.adcocktail.com/l_frame.php?uid=87912&kid=0&wid=0&wsid=199914'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Message:
Mixed Content: The page at 'https://www.shimly.net/public/ptp-1-1675-30-48-sh' was loaded over HTTPS, but requested an insecure element 'http://bk.adcocktail.com/bk_rota_v.php?tan=MzMzNzd8ODc5MTJ8MTk5OTE0fDE2NTc4NDc1MjY='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error
Message:
Refused to frame 'https://www.lithium-zukunft.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.coinbase.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bk.adcocktail.com
cdn.adsfcdn.com
cdn.adsfirm.com
cdn.bmcdn3.com
cdnjs.cloudflare.com
l.adcocktail.com
media.bmcdn3.com
s10.histats.com
s3.amazonaws.com
s4.histats.com
static.a-ads.com
static.bmcdn3.com
www.coinbase.com
www.croxy.de
www.googletagmanager.com
www.k-bettel.de
www.lcmmedia.de
www.lithium-zukunft.de
www.shimly.net
www.spiele.links2000.de
www.traffic-master.de
www.k-bettel.de
104.20.45.59
136.243.4.18
157.90.5.183
192.99.8.27
195.201.125.43
212.53.214.163
213.202.218.154
2606:4700:20::681a:c6b
2606:4700:3035::6815:2c75
2606:4700:4400::6812:2aa7
2606:4700::6811:180e
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2008
2a06:98c1:3121::3
35.204.150.5
46.105.201.240
52.217.92.94
89.163.148.251
1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90
112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4
161108104fe17f9f817c158809a90df0a2f0abb4e275a73e37bcad7f1d5d8bd5
1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979
21809cc53562cc5be1107582b2541e462cdaede1dc5ba766824b77e86c2f7301
246e8b0bbc5119f4d67faf2c6d2f9624a7be89d555e05281e1709a98097f03a5
27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449
27b16f23d9d1b742da4e761a10868c5a2156eda54207f1643263ffc36c0a2f0e
29c9cf80258b36d8d7684447d82713a3b709c87fca9f664812a3afb31efa68bd
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a
3109fb4b81d52def23ecdb56ec026bb0ac3e9cd6a05a93e7e00526824682bf2d
33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa
355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546
35ee5e2773ddc3a944f878b3560b046e470fb0188e63febd9f02533d8aed97a2
3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0
4aeed5d1ea1b94c22c1a5fb1b40152a90d554fb92690a1f89664288bfd907702
4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47
511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9
527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4
555efe36ad42441d2cd7320d464cbc5a64bcde8204073a27422e687c2fc40865
58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a
58fa1c8d013bc2c0f5be953242c0e0d24bfc1bfcd14711cec3f32a2191edd754
5b41d6820c5d384648cd890114fb072bb53efd0a2c39a9f04bc1141f4ae98cb7
608c6f10838f82cab43378458f60f0b295cb7351950531f34b6d65ade1d0c7e5
63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171
6491ff7db9d295432c0c21c6383470abf21d53fd3b7cfffdbe46fe4b0fb656d5
657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6f4084e9e0587e95e25d42850922ddf7c84ff9eebb629a3a05cba82282c177
6c42dd792f7ea62abcb52e60fe3627394cc5c27d5dfbea9a99dbb5ca815638d8
6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac
6ebbfe1eefff0733bd582f14030519c42de1fb2018e0b96c961efabe2e4ddd67
755fc0caec1e189bec125a7f0dd5143ce200946bc789abdfa7030fd3bb97a814
7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32
815a08570065421ca3fc1e52164b75f498db1037c12798be91664262e84bd6d5
8499370658c420cb2e99475cf903e20c7ea25d0152c25ee8ac0c7e8c4005ace9
8a894b7bc309915f90a38bc419cae7c364115406cb15ab6fc12c9e7f048de276
8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0
8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e
8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525
90d6a585982bddd8eb45578ec3c3e160e799b70d1f1403eb854113d713bcffb2
9231074c4a13ea732a6e9a47bc90560dfea16ab6a7496c24354732c0cb714537
9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c
9dfb44c16d398447aa64d2196a14f8b38832316cc27040ba16cd9df94fa035ff
a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d
a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e
a712e6ca4e5cc875dd45431e983b109010d7ce121ad3aeacb3f026a3c2dbde74
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
b0b5321876158751e32376f288432d101ce4991523bff3d278ed6613801a3351
bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c
c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7
c96d197a47a3fd436a74ec9292e62cb48d80aec199e250a3f846e5502129aae1
cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02
e0d4fede289cc89fd09e1cc3ee458e46169988ce6c6a582c7f2cad89b4d7ff67
e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4
e319ba9525e8dd57816813ff818d687874414afd2aaf472370b8010d8e0321cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
f08cd907ffb36d2a5c02f6e990d10c606bcddb435b851041bb77b73adc8639c3
f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b
f15d1373139d451c90b532dc03e6bcd96fce6973a4145415b8718cac345b4c29
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d