urlscan.io logo urlscan.io
SecurityTrails logo

www.k-bettel.de Open in urlscan Pro
195.201.125.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Submission: On June 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 163 HTTP transactions. The main IP is 195.201.125.43, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is www.k-bettel.de.
TLS certificate: Issued by R3 on May 30th 2022. Valid for: 3 months.
This is the only time www.k-bettel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 195.201.125.43 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.216.36.160 16509 (AMAZON-02)
2 148.251.233.147 24940 (HETZNER-AS)
21 2606:4700:20:... 13335 (CLOUDFLAR...)
2 67 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 159.69.68.169 24940 (HETZNER-AS)
2 46.105.201.240 16276 (OVH)
1 192.99.8.34 16276 (OVH)
5 213.202.218.154 24961 (MYLOC-AS ...)
1 10 104.20.46.59 13335 (CLOUDFLAR...)
1 2 89.163.148.251 24961 (MYLOC-AS ...)
3 104.16.168.131 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a03:4000:30:... 197540 (NETCUP-AS...)
1 195.28.12.55 31400 (ACCELERAT...)
5 104.16.169.131 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 161.156.47.58 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
163 22
17    195.201.125.43 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: k-bettel.hansespace.de
www.k-bettel.de
www.traffic-master.de
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    52.216.36.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    148.251.233.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.147.233.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
21    2606:4700:20::681a:d6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bmcdn3.com
static.bmcdn3.com
media.bmcdn3.com
67    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
coin-farm.com
1    159.69.68.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dserv01.lightningsoft.de
www.shimly.net
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.34 (Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
5    213.202.218.154 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: mail.lcmmedia.de
www.lcmmedia.de
10    104.20.46.59 (None, )

ASN13335 (CLOUDFLARENET, US)
l.adcocktail.com
bk.adcocktail.com
2    89.163.148.251 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: mail.croxy.de
www.croxy.de
3    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a03:4000:30:f0ad::16:2728 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
lesezirkel-onlinetexte.de
1    195.28.12.55 (Germany)

ASN31400 (ACCELERATED-IT, DE)
PTR: static.klamm.de
static.klamm.de
5    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
hcaptcha.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    161.156.47.58 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 3a.2f.9ca1.ip4.static.sl-reverse.com
vg08.met.vgwort.de
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
67 coin-farm.com
coin-farm.com
903 KB
21 bmcdn3.com
cdn.bmcdn3.com — Cisco Umbrella Rank: 125001
static.bmcdn3.com — Cisco Umbrella Rank: 175542
media.bmcdn3.com — Cisco Umbrella Rank: 227158
151 KB
15 k-bettel.de
www.k-bettel.de
47 KB
14 lesezirkel-onlinetexte.de
lesezirkel-onlinetexte.de
229 KB
10 adcocktail.com
l.adcocktail.com
bk.adcocktail.com
13 KB
8 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 7240
newassets.hcaptcha.com — Cisco Umbrella Rank: 11231
651 KB
5 lcmmedia.de
www.lcmmedia.de
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
241 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 294
fonts.googleapis.com — Cisco Umbrella Rank: 55
95 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 16886
s4.histats.com — Cisco Umbrella Rank: 14147
12 KB
2 gstatic.com
fonts.gstatic.com
38 KB
2 vgwort.de
vg08.met.vgwort.de — Cisco Umbrella Rank: 144210
725 B
2 croxy.de
www.croxy.de
855 B
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 27095
static.a-ads.com — Cisco Umbrella Rank: 39748
666 KB
2 amazonaws.com
s3.amazonaws.com
8 KB
2 traffic-master.de
www.traffic-master.de
24 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
4 KB
1 klamm.de
static.klamm.de
17 KB
1 shimly.net
www.shimly.net
25 KB
163 19
Domain Requested by
67 coin-farm.com 2 redirects www.k-bettel.de
coin-farm.com
15 www.k-bettel.de www.k-bettel.de
14 static.bmcdn3.com cdn.bmcdn3.com
static.bmcdn3.com
14 lesezirkel-onlinetexte.de www.lcmmedia.de
lesezirkel-onlinetexte.de
8 l.adcocktail.com www.shimly.net
l.adcocktail.com
6 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
5 www.lcmmedia.de www.shimly.net
www.lcmmedia.de
5 cdn.bmcdn3.com www.k-bettel.de
cdn.bmcdn3.com
4 www.googletagmanager.com coin-farm.com
s3.amazonaws.com
www.googletagmanager.com
3 ajax.googleapis.com www.k-bettel.de
www.shimly.net
coin-farm.com
2 media.bmcdn3.com cdn.bmcdn3.com
2 fonts.gstatic.com fonts.googleapis.com
2 vg08.met.vgwort.de 1 redirects lesezirkel-onlinetexte.de
2 bk.adcocktail.com 1 redirects l.adcocktail.com
2 hcaptcha.com coin-farm.com
newassets.hcaptcha.com
2 www.croxy.de 1 redirects www.lcmmedia.de
2 s10.histats.com www.k-bettel.de
s10.histats.com
2 s3.amazonaws.com www.k-bettel.de
s3.amazonaws.com
2 www.traffic-master.de 1 redirects www.k-bettel.de
2 cdnjs.cloudflare.com www.k-bettel.de
1 fonts.googleapis.com lesezirkel-onlinetexte.de
1 static.klamm.de www.shimly.net
1 s4.histats.com s10.histats.com
1 static.a-ads.com ad.a-ads.com
1 www.shimly.net www.k-bettel.de
1 ad.a-ads.com www.k-bettel.de
163 26

This site contains links to these domains. Also see Links.

Domain
www.traffic-master.de
www.histats.com
Subject Issuer Validity Valid
k-bettel.de
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
traffic-master.de
R3		 2022-05-26 -
2022-08-24		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh
shimly.net
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh
histats.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
lcmmedia.de
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.adcocktail.com
Thawte RSA CA 2018		 2022-03-17 -
2023-04-17		 a year crt.sh
croxy.de
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
lesezirkel-onlinetexte.de
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Frame ID: 98D1C8445C217E0FEEA178B6E1BA3CF6
Requests: 30 HTTP requests in this frame

Frame: https://ad.a-ads.com/1663200?size=160x600
Frame ID: 9AB91C2C2AAD17CB0D08948787EF0E5E
Requests: 3 HTTP requests in this frame

Frame: https://coin-farm.com/?welcome
Frame ID: 41023BC6BFDEC4BABDA5BFD7B6DF138F
Requests: 70 HTTP requests in this frame

Frame: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Frame ID: 8218A2794B34CDF783347DDBB6012E86
Requests: 13 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Frame ID: 782E751EFEEA9E0ADE80EC4F4549485E
Requests: 1 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD01NjM1JnNpZD04OCZ2MT01NzI1YWVhZTk0MzAwODUzOTY4MDhmYzkzNDUxNDczNGVkNWE1YTVlYjdjY2M5ZWIxMDA4ZGZhNzRkOTJlMmVhZjcxMDdlODQwY2JjNDlmMDM5NmI2OTRhMjQ0Y2FiNDRkMDZjZDViOTAyODI3MDY5MmMwN2EzYzJlODdhNzgyMCZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Frame ID: 0B87DFDD0CA6E0E5DC982E25C647216F
Requests: 2 HTTP requests in this frame

Frame: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Frame ID: 7444B171458778E66613CD8A61F5223E
Requests: 19 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5635&sid=88
Frame ID: CDC909A749B33F52F5D917D655EF19E3
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Frame ID: A91F99BF43A54C0D81D0717AD4AE1470
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Frame ID: 1407E648CE0043E05162C7472FCC4506
Requests: 4 HTTP requests in this frame

Frame: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 45FED508D04FBEBFC0145A55739A582A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 79D03548FAB59D1EF4FFE05E4C2B37C2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

K-Bettel.de - Bettel dich reich!

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

163
Requests

97 %
HTTPS

38 %
IPv6

19
Domains

26
Subdomains

22
IPs

5
Countries

3128 kB
Transfer

5732 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.traffic-master.de/traffic.php HTTP 302
  • https://coin-farm.com/?en=pcfreak HTTP 302
  • https://coin-farm.com/?welcome
Request Chain 71
  • https://www.croxy.de/goo.php?ip=aHR0cHM6Ly9sZXNlemlya2VsLW9ubGluZXRleHRlLmRlL2RpZS1nZWlzdGVzaGFsdHVuZy8/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1kaWUuR2Vpc3Rlc2hhbHR1bmcmdXRtX3Rlcm09R2Vpc3Rlc2hhbHR1bmcmdXRtX2NvbnRlbnQ9YmFubmVyLWFk HTTP 301
  • https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Request Chain 78
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzMwNzh8ODc5MTJ8MTk5OTE0fDE2NTUxNjk2OTM= HTTP 302
  • https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
Request Chain 85
  • https://coin-farm.com/img/bonus/bonus-2.png?id=13 HTTP 302
  • https://coin-farm.com/404
Request Chain 108
  • https://vg08.met.vgwort.de/na/aad78ba4be0e48bba23570d7c1fb78ba HTTP 302
  • https://vg08.met.vgwort.de/blank.gif

163 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.k-bettel.de/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
7dbc2239636885288b86af0d7328393f858a332e11a8081d9b96d75497a05b98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3662
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Jun 2022 01:21:32 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
main.css
www.k-bettel.de/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.k-bettel.de/css/main.css
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 11:15:05 GMT
Server
Apache
ETag
"1aa8-5a26107816040-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1361
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 20:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 20:50:40 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1588523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECfhmEtfHQ9l%2BQDQOWKPpKH7KLjF3rSfbHL9XOYuGraIMR8PJAmc7WCZWlHaboXbCGGEP7GWFt7y%2FyTEBUUGwP308dUmPSuGOqWagH9PFY93JieaqC7LalYaJsE4VViLXQJIV8F%2BDPcuPHyqI2OunyCP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71af3ff32fc39054-FRA
expires
Sun, 04 Jun 2023 01:21:32 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
457187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFThbiCL5gETwBXWCANY9r1KxVDTUdMOMMgMZt%2BRE5hRhKQCycLdLOfc0BchJV3CIA6MwLJ6uM12L3XIzu2qmKGBbsTMG4Eei8d94%2BmAIPrZVla7myWz7W4DSVD0i3vWhHRZXsfhbUcxuZvUHiMrT2Q4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71af3ff32fc29054-FRA
expires
Sun, 04 Jun 2023 01:21:32 GMT
view.php
www.traffic-master.de/adsadmin/arlight/ 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.traffic-master.de/adsadmin/arlight/view.php?get=image&cid=1&rid=DDDCC6
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
b0738d8100aef0cd30110de15bf0ab9a1480172778f96af9f3c3e4014c2f3270

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Jun 2022 01:21:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
23872
Expires
Thu, 19 Nov 1981 08:52:00 GMT
script.js
s3.amazonaws.com/valao-cloud/cookie-hinweis/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.36.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:34 GMT
Last-Modified
Fri, 25 Nov 2016 10:04:09 GMT
Server
AmazonS3
x-amz-request-id
WM73HFN62EVYCRNW
ETag
"9f90654a8f604d63de9dd294259e6eff"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
4605
x-amz-id-2
VMrDBRRxh6UVqnxahPJRcaMytYwbao0+Cz4ZWoD5s9mSUcwzHeAJEcvhtPINHCpFpJAXK3VjKmg=
1663200
ad.a-ads.com/ Frame 9AB9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1663200?size=160x600
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.147.233.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
df5dcf7298ff954fcfc3d01b4328075b4b2c11a99461fcc5bcdc8b48d312c88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 14 Jun 2022 01:21:32 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
https://www.k-bettel.de/
X-Powered-By
Phusion Passenger(R)
X-XSS-Protection
1; mode=block
bg.png
www.k-bettel.de/images/ 		288 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/bg.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"120-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
288
header.png
www.k-bettel.de/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/header.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 25 May 2020 11:36:45 GMT
Server
Apache
ETag
"8d1b-5a67764bd4d40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
36123
topLoginBg.png
www.k-bettel.de/images/ 		704 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/topLoginBg.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"2c0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
704
topButton.png
www.k-bettel.de/images/ 		215 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/topButton.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"d7-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
215
mainBg.gif
www.k-bettel.de/images/ 		98 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/mainBg.gif
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"62-4ca767b64d500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
98
navTop.png
www.k-bettel.de/images/ 		208 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navTop.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"d0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
208
navMid.png
www.k-bettel.de/images/ 		192 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navMid.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"c0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
192
navFoot.png
www.k-bettel.de/images/ 		236 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navFoot.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"ec-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
236
623c55576a92bc002503d00b.js
cdn.bmcdn3.com/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/623c55576a92bc002503d00b.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b449fe0f0fa1864f35250494d31aae81b0085fef39e8606338756edb1dba33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTKSwNLqHEPjTGQWhaetCzkFLJ%2BfToCqjZU5aqXmjZUhISsm8e5AXSgMXDj7%2FXZ2tIuDcav5SYuu%2BIOtjjXuDiaZrjVaVDbdcFjIXC739xf9TdFEExTwnivSa%2BE%2B61zpKKjd7pfZMba6Ydue"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800, public
cf-ray
71af3ff48e0b916b-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Tue, 14 Jun 2022 01:51:32 GMT
/
coin-farm.com/ Frame 4102
Redirect Chain
  • https://www.traffic-master.de/traffic.php
  • https://coin-farm.com/?en=pcfreak
  • https://coin-farm.com/?welcome
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/?welcome
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e39135f6abd7809884556625bae49b9d2507f130e1c001817e0e9b8e3658eeb

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
71af3ff65a2b901c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7STEl3JSyJ3G3BKnKsFao5HwtBA0i4JLjRYzlJeUsfrOwP1KjiK7z1ejH%2BiYVqnX2XV1%2FdGbrKIGU4UHZU8exqVLAzKlpt%2FTVD36QKrJ1Uq2iJi9%2FL%2FbplT%2FQ7a%2BIWS3nJ4PMQDUZksK5Tf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
71af3ff59b9e91f3-FRA
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/?welcome
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqvKrVy4IMDNxMrdKMMZq4kNEKO9QnX2bsgYFdkmLOFr2BMGpMaOgV0uTtV5fBpBETElqKemmrIl7IFAU7OCcz8BJcEsAY%2FPdrKkdYCm4miofDN5PW7Zpbb5%2F0%2BF62wXYHOercrQ3MoZ0%2BUY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
ptp-1-1675-30-48-sh
www.shimly.net/public/ Frame 8218 		65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shimly.net/public/ptp-1-1675-30-48-sh
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.68.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dserv01.lightningsoft.de
Software
nginx / PHP/7.3.33 PleskLin
Resource Hash
d38a1d0566c19f8fb6958bd6929acfc85706c7dab9d2c29b76ecdcb798ed0507

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
25675
content-type
text/html; charset=utf-8
date
Tue, 14 Jun 2022 01:21:32 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.33 PleskLin
pop.php
www.k-bettel.de/popup/ 		0
0
623c565afdbfc7001a590989.js
cdn.bmcdn3.com/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f099b2d7ba33ba10d648ec3aafad64501c8d243d87011636aa4f690d66228b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BNsPpKYAnoxnzFM1QRNZKRdTuwlyeUVj45HMM6i8a7drD820Z33OqRkUhyFIKiHEo06ittPxtGwfjj4Y6CB7JieMJSa%2BPtrEPRl4FyQ8lQA5WhTcwjz4ph%2FtfGSZDRj5zgAZse3Jy6yJNjR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800, public
cf-ray
71af3ff48e0c916b-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Tue, 14 Jun 2022 01:51:32 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:11:37 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
687735880
contentTop.png
www.k-bettel.de/images/ 		237 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentTop.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"ed-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
237
contentMid.gif
www.k-bettel.de/images/ 		81 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentMid.gif
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"51-4ca767b64d500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
81
contentFoot.png
www.k-bettel.de/images/ 		101 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentFoot.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"65-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
101
countmid.png
www.k-bettel.de/images/ 		94 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/countmid.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"5e-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
94
footer.png
www.k-bettel.de/images/ 		467 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/footer.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:32 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"1d3-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
467
160x600
static.a-ads.com/a-ads-banners/393781/ Frame 9AB9 		663 KB
664 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393781/160x600?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1663200?size=160x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.147.233.251.148.clients.your-server.de
Software
nginx /
Resource Hash
657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:33 GMT
Last-Modified
Tue, 31 May 2022 13:36:40 GMT
Server
nginx
x-amz-request-id
3W9K0XQRPT8ERZ11
ETag
"be74ac110e715286295dca6083c0d2a7"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
679079
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
IqF_AcCFiT4rzay4H.z3QpoKMh_R2ZHV
x-amz-id-2
IThIpnbCHJ9dW7FCFu0CxsVE/Uq5MVE4beb9+2Bei63mDoeq5d7imBov3nQn6QSW4nODVaxDbcU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 9AB9 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
4631295.php
s4.histats.com/stats/ 		96 B
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4631295.php?4631295&@f16&@g1&@h1&@i1&@j1655169692947&@k0&@l1&@mK-Bettel.de%20-%20Bettel%20dich%20reich!&@n0&@o1000&@q0&@r0&@s328&@ten-US&@u1600&@b1:-34792890&@b3:1655169693&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
d8ce29375f2e197ddd1af6516d5e095a52e967fdb269bf0b2e5e97186e9b09d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:33 GMT
Connection
close
Content-Length
96
Content-Type
text/html;charset=UTF-8
ziel.php
www.lcmmedia.de/kamp/ Frame 782E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
3c44616ee04256954435878845d570cb49c923bf525c01870b33e3377e8ee919
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.shimly.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
799
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
truncated
/ Frame 8218 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8218 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 09:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 09:09:38 GMT
lay.php
l.adcocktail.com/ Frame 8218 		262 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Jun 2022 01:21:33 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
71af3ff5c8ec9bee-FRA
content-length
174
expires
Wed, 11 Jan 1984 05:00:00 GMT
layer.css
l.adcocktail.com/ Frame 8218 		2 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/layer.css?id=2
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2018 13:34:28 GMT
server
cloudflare
etag
"684-565180dcd5f3b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
cf-ray
71af3ff639979bee-FRA
content-length
586
layerhead.js
l.adcocktail.com/ Frame 8218 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/layerhead.js?id=2
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2018 09:26:46 GMT
server
cloudflare
etag
"d67-5651497f64282-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
cf-ray
71af3ff649999bee-FRA
content-length
1300
l_rota_v.php
l.adcocktail.com/ Frame 8218 		2 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cdb01b5f388efed2c99da1615e989bcac726fc3b293f8afd8028523de094da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Jun 2022 01:21:33 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
71af3ff6499d9bee-FRA
content-length
726
expires
Wed, 11 Jan 1984 05:00:00 GMT
frame_forced.php
www.lcmmedia.de/kamp/ Frame 0B87 		373 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD01NjM1JnNpZD04OCZ2MT01NzI1YWVhZTk0MzAwODUzOTY4MDhmYzkzNDUxNDczNGVkNWE1YTVlYjdjY2M5ZWIxMDA4ZGZhNzRkOTJlMmVhZjcxMDdlODQwY2JjNDlmMDM5NmI2OTRhMjQ0Y2FiNDRkMDZjZDViOTAyODI3MDY5MmMwN2EzYzJlODdhNzgyMCZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
794c8c7da3fcba0087b7926e8242a817ef5d124b4ad616c9475fc0eb2fef2aaf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
327
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
go.php
www.croxy.de/ Frame 7444 		943 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.croxy.de/go.php?id=5635&sid=aHR0cHM6Ly9sZXNlemlya2VsLW9ubGluZXRleHRlLmRlL2RpZS1nZWlzdGVzaGFsdHVuZy8/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1kaWUuR2Vpc3Rlc2hhbHR1bmcmdXRtX3Rlcm09R2Vpc3Rlc2hhbHR1bmcmdXRtX2NvbnRlbnQ9YmFubmVyLWFk
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.163.148.251 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.croxy.de
Software
nginx / PHP/7.3.20 PleskLin
Resource Hash
8d807bfd3a301876631d6ab0e8e3ce5419b01ca31dac4cbdc069a48fc3f82fc5

Request headers

Referer
https://www.lcmmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
442
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
ms-author-via
DAV
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.20 PleskLin
kamp_m_lcm.php
www.lcmmedia.de/kamp/ Frame CDC9 		1 KB
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5635&sid=88
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
024e0da3603f17238365b579fa8ea89dca386892c60075d5ca80000271050e34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
559
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
api.js
hcaptcha.com/1/ Frame 4102 		279 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?explicit&hl=en
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a94f6bcdf495fce5a1141eda3aba48ac0047bbac66243493c95ad276ec031f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 20:19:11 GMT
server
cloudflare
etag
W/"2413cfc6019c7153955667aa5628c3d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
FRA56-C1
cf-ray
71af3ff87d8169a3-FRA
x-amz-cf-id
X15dXFzobef3TVkPpeAOrVQ0PuF9XKJOUMm8l_g4BC1cAbomHUC0PQ==
progress.css
coin-farm.com/style/ Frame 4102 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/style/progress.css?id=189
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec5ce97cc52dfaa2a994e3a7f17211f68c7b46c622d4f62095f44152aca3925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91749
cf-polished
origSize=3048
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 08 May 2022 22:07:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jwtdHCAom8C%2B%2Bh1Y34zsyV%2FWJLp078hXOBMqVLKxMj4HVfruSUoSRKszJ96fOQqRE4kJiq%2BVfVvlTm6EZlqzRS0sOHykBoi%2Bv4k5M7QtNFQHKo%2BrQHOtIYvJnREO0jIDlZfWUa5ILjxeVYH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff7eb6e901c-FRA
expires
Sun, 19 Jun 2022 22:32:13 GMT
nprogress.js
coin-farm.com/js/ Frame 4102 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/js/nprogress.js
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3e0ab2ba8a45b128b61df37949996c95a860867caf7dbb356025f820612630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554250
cf-polished
origSize=12100
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6oVoSt09ZijDLskGXbRGvaENoN0hm%2BgxM4joNG0KbZL3czzpoHVTvHw0F7ne1Y75kiajuExwxzSHgA5Ta2edv0IBmtrHmW%2Fpt5YrY7c0HbnTFOGPbTU%2F7KTIZocutDlxUaqpGj%2F7EcLHmaZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff7eb70901c-FRA
expires
Sun, 12 Jun 2022 12:28:31 GMT
style.css
coin-farm.com/style/ Frame 4102 		61 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/style/style.css?id=190
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb35f00ae2d40b4252204018950636962e135b676c8a9ea976758b8c4a99c809

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 23 May 2022 12:54:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3TxCKJZ5F6hFHhm7Yj6sWV1GOz3Jj%2BH85YJNc0ugSCwtCtBsOnXisFhMrRtb8IphjcvpUbrrMpolgMJwWkzRpSQRfzX402qWNiGoZHhQWPkF4MjdGMRFP%2FFcKjDhN8M9q1Kn305TwJDBTzB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff7eb71901c-FRA
expires
Fri, 17 Jun 2022 00:50:35 GMT
mobile.css
coin-farm.com/style/ Frame 4102 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/style/mobile.css?id=190
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb64c3d2047b1df3efd0d1b4f66eaea0c570ecc0add64cb8fc9bc3788aeeac8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 08 May 2022 22:07:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaYGyZfe9kK2IR1mwHBKeS7uL3J2Ta2tAPy1UYE7dXa0ruA5kwSoeHcVqiN%2FOUEHACOBt6KUnRE6T5suR%2BuCMCeHmynNoyRv9brScZZKqBMXiD3iiv5Nr0ghYRBr25akaMss5rH58NF0SrgI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff7eb73901c-FRA
expires
Mon, 20 Jun 2022 13:00:24 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 4102 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 09:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 09:16:20 GMT
functions.js
coin-farm.com/js/ Frame 4102 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/js/functions.js
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8411c24d7ab3c43849189dc4ec2219f0bc0b4fbcade16bbfd4afa0e009a2402e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554249
cf-polished
origSize=2887
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIzdld27EEAWyLcMl8s5%2FhH%2FNchkreUAN%2F%2BVk49Mz4Rl5FlwyjlC9IicNo9TT3hfwwdQw4X6WOUtAXL6lAi84nFqFclNCGV%2BMjiT3YLXE57BDNQ2HUCbpKfXIL0CjYuJTowemYgxvkcbom0h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff7fb76901c-FRA
expires
Sun, 12 Jun 2022 12:28:31 GMT
js
www.googletagmanager.com/gtag/ Frame 4102 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RY0K3CZX1R
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c869fc8da9ac835d6fde00bbd3af92e57ea0a1d93e97bfbeff50444df171036d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67106
x-xss-protection
0
expires
Tue, 14 Jun 2022 01:21:33 GMT
js
www.googletagmanager.com/gtag/ Frame 4102 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2XHBTJ95RE
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1739b5331e84abb5018dfa9724ff0e308719c3dfd230952d5e9a33181136a0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67199
x-xss-protection
0
expires
Tue, 14 Jun 2022 01:21:33 GMT
style_tour.css
coin-farm.com/style/ Frame 4102 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/style/style_tour.css?id=1
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5cf6b90561d9b895288488a21f92923dec8067eae9d718f503426dd315e535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
466415
cf-polished
origSize=20498
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Mar 2022 15:25:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Svawn3SJGqDwz3H%2F2WH4t9RknCKck1v9UKONKs6AKXrfKPrSf6DXKRj1G70D6C0%2B8aPCnAsNN7XJy%2F8iGxd9MNQVYh%2BbWXZCl96F2HJhdp7tXQoReAmcE3ZM0Hup2wd7duWw4J2MpqFPmh0X"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff7fb77901c-FRA
expires
Wed, 15 Jun 2022 07:21:39 GMT
step-1.png
coin-farm.com/img/intro/ Frame 4102 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/intro/step-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8a02b236d13792ee4bef18c9966e8a7e7334f66157fd8004ce74f4dac114e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554242
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11825
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gu%2FwnvfDuXxTgv6%2FIWyXheeOywaOY5NKvOvdPL5F1jhHf42urn8Ah3N3%2FgtujZ86mcblF2kdleJwZJNZivfG2pCjcWFRdTqO5%2BvgBsvg3uf9zgoO9fbN6%2BrwuueClRzCfeEL4P1A8TeTh%2FK8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89bdc901c-FRA
expires
Tue, 14 Jun 2022 08:53:33 GMT
step-2.png
coin-farm.com/img/intro/ Frame 4102 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/intro/step-2.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18942dc5cf55f6da8dbddb03c2b42a0077e528b1e2fdae3dd672e8014b938952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6222
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=re92uu972C%2F9pcDG0pW8COJME0rGJmTWPSMfFbKvj44Yo8mFVpcxdMjDNjADELT9gwCOLib%2BkXowWdJEzCgHwqjqAYUWMj3XgSpZnKzoPiWmBOCZJYJ7f%2BLpJnzslp%2BlQM%2BGIrPRhbO1t6CC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89bdd901c-FRA
expires
Sun, 12 Jun 2022 12:28:31 GMT
step-3.png
coin-farm.com/img/intro/ Frame 4102 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/intro/step-3.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23301722b8fd058b3d89a8ed7348cf2ea36c27f8625d1b2282f79d2811f16c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
557193
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9396
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Fka1TyRHqg833gOuwXd4vdh4re8i%2BSzxoAz0VGhzw7OL38snhQeQcCUCxKSjwwAS3A9d7Ohep3Rg8UKtCZejt2gsAXG70yl%2BDOjqzO7YnuYHFWamE%2F0C%2FBHrYTDn5LroeUttFo3YkQYSafl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be0901c-FRA
expires
Sun, 12 Jun 2022 12:50:57 GMT
step-4.png
coin-farm.com/img/intro/ Frame 4102 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/intro/step-4.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9849c7382d5beea6f9531dc06cdcbc4f6c6ac846fa1c9b4ec17063925cd2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8699
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VxWXGKyTZr5i%2FC68Ldb100KZTx0xjhBbw%2FZzRVmLXfWMQSKWfPpINqh0RPp8B9RQzZoJRJrYQdf0Mn7T3tUFAfabqC9M5IOVQctVfxK9v9%2FaHVoMouO2xQOD8biiDzezvgDUHDFW7fvPFRv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be1901c-FRA
expires
Tue, 14 Jun 2022 05:30:06 GMT
gift-gold.png
coin-farm.com/img/ Frame 4102 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/gift-gold.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a249c3bd33fec9a5f1ed7c3f9587481d79ebab3dce6401774d6adc6f811450b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19710
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6Jun0ypA7uetB%2Bvm5dd3Af%2B7eMIWMMjd1HErK6C7h3m384krL%2Fvpei9B1m2nqhGzqvEoUKg%2B6Wf35inwXMvfkUhTIi2CZtxekUM6BcwXV%2FL6QnVjJUfNuEex8mmyCe6oXGdm4OdAzqIjZf6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be2901c-FRA
expires
Tue, 14 Jun 2022 08:53:34 GMT
1.png
coin-farm.com/img/benefits/ Frame 4102 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/benefits/1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4086bdbc78a76d4fda5c06784ef87f1820e37cb77075f2b1114ab26ab4f395d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11802
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJIPgpi6iEskeT7W1n4vOUPWWZzPvOGc8HduOiIF691QGjAQmvFICmQnri3z9EAJI361QyJ49wtHKZCUL5mhrgMtIoaNYohp6KjnK899k9hSfWB88XjS92ZzKtwqrJerCx%2FoW94HQ55e6nWl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be3901c-FRA
expires
Tue, 14 Jun 2022 08:42:05 GMT
2.png
coin-farm.com/img/benefits/ Frame 4102 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/benefits/2.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ded7400fcf884602b9d12c1d644895895f6da012e254008208a058f4cfea3b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17128
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nVC97y5HBYw7q%2F0G%2F%2FsMeXqFl0s4QJsQ1ZMdKwd1c8nuYlXhEHKFA91oZkeb4x%2FGtU2qCbyzboc68n6%2B0aL%2BjPzFEQCwVQYzUYE3Z91apGj3ePQSXkEceDgME%2FBm5JrZrfvUWvhWbEBCRm3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be4901c-FRA
expires
Thu, 09 Jun 2022 07:10:20 GMT
3.png
coin-farm.com/img/benefits/ Frame 4102 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/benefits/3.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2ac83f095b960cdab2fc6f1b0f959d8bfdab49f09daedf7cdeb6ae2a1bb06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12719
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxE8b3lE5D8K%2BtVkiG5lCl8Imtmgj05aFDtA1g8Z4CX02xymguuXUJwH61AU9Eng8QfZR%2FTBVTrTugCg80IgYfVgFTahVrQIDs6wB%2BM979uzHLTrbIFdcHrV9DdPOZVI%2BImqgdqsCovhejU0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be5901c-FRA
expires
Tue, 14 Jun 2022 05:30:06 GMT
4.png
coin-farm.com/img/benefits/ Frame 4102 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/benefits/4.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16d73ea8661ac663f74a38a4c8603dec20edcff627487a6810c556e4477ab54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14025
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM%2F4lCAv7Ds3cwK8Q7fVnIlzZFgbeXBT0fmrtkn7ZKkCdVi4eCRIsFk%2BBzE7nVcZvINxs8MWQ3KsXjvw3wEfAFAjh02Ejo0%2BKBONOwU6xZKGWtLRryvNJCxhnGz381ija1ZVxkmBhidhjNhQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be6901c-FRA
expires
Sun, 12 Jun 2022 12:28:31 GMT
style_tour.css
coin-farm.com/style/ Frame 4102 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/style/style_tour.css?id=1057
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5cf6b90561d9b895288488a21f92923dec8067eae9d718f503426dd315e535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
558426
cf-polished
origSize=20498
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Mar 2022 15:25:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywMswy5ZGeePRNVXz%2Bq9hmu23%2FCmeab5X0NINv4e7VM%2FiQNVfuJgk%2BN4S8w26LxL730ysGtcs9S7w%2BWc7UdHoLdn3dn67WHK6Qg7VBBF%2BThwR%2Bq8msz7iN7wqswWT3Vu%2BmepFG3NdZLi3Fxw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff88bd0901c-FRA
expires
Tue, 14 Jun 2022 08:53:33 GMT
gold-coins-c.png
coin-farm.com/img/icons/ Frame 4102 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/icons/gold-coins-c.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19fce025a5ae4362be9dff1aeccf5fab7819dadd2c5312a534c284819d7596de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7922
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pvRzzJBeusLukCHmcEWxXDfgVVL0tZWGmchPcwF%2BeyyS2Hr8SiqMTAYaV9gx5skWyfFMXQUVAWzE2IpOL37Tr5lZ8bk3CU71t%2FIIkMluKG1E1M2ejjvNsNc6zt8mvRV8qitb6jBS2dHQoqp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff89be7901c-FRA
expires
Tue, 14 Jun 2022 08:54:05 GMT
scrollReveal.js
coin-farm.com/js/ Frame 4102 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coin-farm.com/js/scrollReveal.js
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6e55f4e55fb839246988b089dc05e54810ea59469382b9a31996bc554df093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8742
cf-polished
origSize=11219
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYsGeOBRDoY%2Bfu8aQf9%2BckxP5birte3z4TEom3IymwWmbgj9NmqlHSLuOgNMLZNeg2Cavf0mLOKpLskcxZAj486q8p8tLob1iUSScnDWBDs%2BmjcD1z6CAM1uAeSX1Vf0zt2yU96fd8hvIllS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff89bd9901c-FRA
expires
Mon, 20 Jun 2022 21:39:09 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVL985
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e3a60c479fe403bb851e4da1637148f617a6425e904438d0fa7ef25bbc0c46a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44498
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 00:31:20 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Jun 2022 01:21:33 GMT
style.css
www.lcmmedia.de/kamp/ Frame CDC9 		486 B
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/style.css
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5635&sid=88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PleskLin
Resource Hash
f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5635&sid=88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 16:02:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"1e6-5c3deb3e84805-gzip"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-accel-version
0.01
date
Tue, 14 Jun 2022 01:21:33 GMT
accept-ranges
bytes
content-length
255
/
cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/ 		35 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=28bf090dfa4b43147d04731195158fad
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3Pwdp59ofqTjqOwbZL6KWSCdAphxEK9VthBQgicGlGFPj4RBH0tTjYtQL6MUhBFcDWFdxZVz14B7BEHAxDr3UaJkTu8fKY0RA0yPirz%2B5zD9pK2F7knomi6OGkPmzOlx5FMH6mbs9qiJRqa"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cf-ray
71af3ff82adf916b-FRA
content-length
35
bk_rota.php
bk.adcocktail.com/ Frame 8218 		279 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.adcocktail.com/bk_rota.php?format=468x60&uid=87912&wsid=199914
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4d4c1d729aece7ff34c80da40238dacf06551078ca7f761e2eede774623f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
71af3ff83c759bee-FRA
content-length
201
expires
Wed, 11 Jan 1984 05:00:00 GMT
adc_layer_logo.png
l.adcocktail.com/images/ Frame 8218 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_logo.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:13 GMT
server
cloudflare
age
306
etag
"1448-56502018ce55d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71af3ff83c5d9bee-FRA
content-length
5192
adc_layer_fav.png
l.adcocktail.com/images/ Frame 8218 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_fav.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:13 GMT
server
cloudflare
age
306
etag
"68b-56502018c397b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71af3ff83c5f9bee-FRA
content-length
1675
adc_layer_new.png
l.adcocktail.com/images/ Frame 8218 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_new.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:14 GMT
server
cloudflare
age
306
etag
"54c-56502018e6c02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71af3ff83c619bee-FRA
content-length
1356
adc_layer_stop.png
l.adcocktail.com/images/ Frame 8218 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_stop.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:14 GMT
server
cloudflare
age
306
etag
"4ea-56502018f0844"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71af3ff83c649bee-FRA
content-length
1258
cc_328.js
s10.histats.com/counters/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_328.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 00:59:03 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"853387749"
x-cacheable
Matched cache
content-type
text/javascript
x-grace
full
x-cdn-pop
sbg
accept-ranges
bytes
content-length
7129
x-request-id
559975075
frame_forced.php
www.lcmmedia.de/kamp/ Frame 0B87 		32 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD01NjM1JnNpZD04OCZ2MT01NzI1YWVhZTk0MzAwODUzOTY4MDhmYzkzNDUxNDczNGVkNWE1YTVlYjdjY2M5ZWIxMDA4ZGZhNzRkOTJlMmVhZjcxMDdlODQwY2JjNDlmMDM5NmI2OTRhMjQ0Y2FiNDRkMDZjZDViOTAyODI3MDY5MmMwN2EzYzJlODdhNzgyMCZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD01NjM1JnNpZD04OCZ2MT01NzI1YWVhZTk0MzAwODUzOTY4MDhmYzkzNDUxNDczNGVkNWE1YTVlYjdjY2M5ZWIxMDA4ZGZhNzRkOTJlMmVhZjcxMDdlODQwY2JjNDlmMDM5NmI2OTRhMjQ0Y2FiNDRkMDZjZDViOTAyODI3MDY5MmMwN2EzYzJlODdhNzgyMCZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
39
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
/
lesezirkel-onlinetexte.de/die-geisteshaltung/ Frame 7444
Redirect Chain
  • https://www.croxy.de/goo.php?ip=aHR0cHM6Ly9sZXNlemlya2VsLW9ubGluZXRleHRlLmRlL2RpZS1nZWlzdGVzaGFsdHVuZy8/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1kaWUuR2Vpc3Rlc2hhbHR1bmcmd...
  • https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
190 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5635&sid=88&v1=5725aeae9430085396808fc934514734ed5a5a5eb7ccc9eb1008dfa74d92e2eaf7107e840cbc49f0396b694a244cab44d06cd5b9028270692c07a3c2e87a7820&v2=p2p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ae4510ae2d2101fe918670e5c9dadcf8cd3203bff92d3c29a98add953778ae09

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.croxy.de
Referer
https://www.croxy.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 Jun 2022 01:21:33 GMT
location
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
ms-author-via
DAV
server
nginx
x-powered-by
PHP/7.3.20 PleskLin
nav.svg
coin-farm.com/img/icons/ Frame 4102 		202 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/icons/nav.svg
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998564b8650c4dd81696a6342eadf340086c2d74e8f4c634f20ba23174c84b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
239302
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 18 Mar 2022 22:24:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwME7uUG6d6AE7gkENSL54Ne0j2SnC457X7NlgSPbFz7Ygabur7FgPNAR1p%2BcF3HdJ9BqPLKcNhxKvqFbiGKxLzrPl8UJFvGCTlgX6ihLjfVsKr1jdPuq2nNJw%2FowRtXjMGEafCzR4iPOLwa"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff89be8901c-FRA
expires
Fri, 17 Jun 2022 01:26:28 GMT
tree-loop.jpg
coin-farm.com/img/bg/ Frame 4102 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/tree-loop.jpg
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f4567d0913f09993ec452d6e35012d4ce8569b452c9ed660991559d1a5b26f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438542
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7369
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8VCFhmlWNy2aMJUlITuHImekHvBsu9GlAuctzfqJhwxKaf8anRG9njmWaXp3S5%2BfFm4yFKPHk6TNzo%2FKmBmXkLvocA3B6Jk0BkpJPqSKm81yJsnmcB049h2U94AVrcCuWNLnwilau2qQOIc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8abf1901c-FRA
expires
Wed, 15 Jun 2022 07:21:39 GMT
wrap-back.png
coin-farm.com/img/bg/ Frame 4102 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/wrap-back.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab92e8657ff003bc98cd0a7da264ca1f3e21184bddcc30e0a0989c13e484f290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587854
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
159913
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuiKBv4h1lFmB6fst%2BMFppk%2BU7w9xu9JrX93ZvPDEVk7TSMwdJCRQR11LWhph63%2BkhZH5jVWVo8jQZl%2BGcAWJgWYdz61fyAKdoiG3%2BCozFIZeq6GxktG2SO%2BeS88hxnutKAQ4tFaEQTWN%2F%2Ba"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8abf2901c-FRA
expires
Tue, 14 Jun 2022 05:35:12 GMT
logo.png
coin-farm.com/images/logo/ Frame 4102 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/images/logo/logo.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d82c8fa3e348d868a22780e63331b66f7f5e2cf033cb40417ca1e04e410687d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553476
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20718
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qx5lhnYWcPUfUtA62UVYm%2F%2FPW%2FbAyEKulPRf7EEc%2BJJUmsR4CZYKwCfNjuMQz2fjeyig4ZFzKC06Ta8S0Xv4us%2B3SVNEOmOzZ0X3aT1I7gOkvodkt26x5pKldrdqNuMCu6kDiDWct1ryPc%2Fs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8abf4901c-FRA
expires
Tue, 14 Jun 2022 08:53:33 GMT
en.png
coin-farm.com/img/flags/ Frame 4102 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/flags/en.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fa579c09516c2e5c03d34d66e405d7a1613d34e6a6e3f146c5363956bff27f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425858
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3833
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P90fC9PIBLCNBH5VZ87wDZMNoXuDdq4O4wz%2F9zQZw76kxUDOG3X%2F3%2B1MkcQ3eUJeReYMKCYiG9i7YetvQa1RjfqrPdNkMoV9WQ96xUQ6Y0HEkV4R%2FBvbPPR6XBYDYs%2FGwfng6ScTO1l8xTaz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8abf7901c-FRA
expires
Thu, 16 Jun 2022 03:03:55 GMT
yellow.png
coin-farm.com/img/birds/ Frame 4102 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/yellow.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0977ef4ba806b6e3b380774136aab211846eedfac1212a8612035ca1e1d88e34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438542
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6781
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CRKiAJNwJui2%2BLRXtQu7glBkwgif2hGiUuFf8jeuOTSC2jk9OOKAWnIvUCODzhUdnpwmd1q0fKGtXno0DSLdz3jyBir%2BBTo2UD6nMU1st3e7xCK3NEOPpzAqObZE5k6DfhF%2FP73jX3Ad0Sb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8abf8901c-FRA
expires
Wed, 15 Jun 2022 07:21:39 GMT
klamm_468x60_rotate.gif
static.klamm.de/banner/o/468x60/ Frame 8218
Redirect Chain
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzMwNzh8ODc5MTJ8MTk5OTE0fDE2NTUxNjk2OTM=
  • https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Server
195.28.12.55 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
static.klamm.de
Software
Apache /
Resource Hash
c0071c650aca2615e49b7534434933e32e3619b9631a4167dbc71ec5d7c1592a
Security Headers
Name Value
Strict-Transport-Security max-age=15555555

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
last-modified
Sat, 10 Feb 2018 13:15:01 GMT
server
Apache
etag
"4132206250"
x-cache-status
MISS
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3024000
strict-transport-security
max-age=15555555
accept-ranges
bytes
content-length
17487
expires
Tue, 19 Jul 2022 01:21:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Jun 2022 01:21:33 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
note
CACHING IS DISABLED
cf-ray
71af3ff8bcfa9bee-FRA
content-length
20
expires
Wed, 11 Jan 1984 05:00:00 GMT
brown.png
coin-farm.com/img/birds/ Frame 4102 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/brown.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120903723057c9cb36caadc8514bea98059bdbf917fa69f13c2241b0978fce75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
558421
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5235
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf%2FARfseTDJ8XUJcWKdSZtDkYgt9ByOeCUCGJ90mUOXrmeGnAiXMVvzGAbUUQWsuHWQUYFRSh%2FJzN0XsyQmc%2Fq0ETTZhJLvkgAiypGp%2FwpUu6fL%2FtHk7vY7bARzOWycJcteEBGMBXsSUSDLa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc05901c-FRA
expires
Sun, 12 Jun 2022 12:28:32 GMT
green.png
coin-farm.com/img/birds/ Frame 4102 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/green.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f47b8a7469e5d32a9f806b15c1a238e974129ef9da2f50c6d69f15a2c1193f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554235
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8680
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FKEu1uae1DS7YClqvIp%2F1I00f1YbjtWEkNGlMPcews7J7xNm69hFQL75NyQ94rvQO80IcY%2FPGqv9pLCSbwQpSq9f8%2B9anjoExyiJRbGrHbS6IgYNQaJw6TdCCjp8njMXOJ7N5X4BLYYqD2L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc07901c-FRA
expires
Mon, 13 Jun 2022 13:42:29 GMT
beige.png
coin-farm.com/img/birds/ Frame 4102 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/beige.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5bc63df53adf039fa55f5066b9a3d0c4d1acfe39b67980badee54390e6ed408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7966
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGa9BCDANnJE1ZjWiwv8sQfX%2BjSiLjV5AwABIVWNxOY9hvcdxA1ZC9MzIvnuzm6I%2BtzSNqs%2BvkBQpI0LrYDEOnvBtJVXhk2emuBWWjGK2T56JigdL23nlN2SXFysUnV5RSnzIa89jPYNgQbL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc09901c-FRA
expires
Mon, 13 Jun 2022 13:42:29 GMT
blue.png
coin-farm.com/img/birds/ Frame 4102 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/blue.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b10662a382d760a900098dea7d1fa3c424fc94df002f7d3febf929c5cd1420fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6449
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvboKLVUItHt0sIu7wGVVNmMztr0%2F337z4bY1cgI%2FNnYU6QgqPI0QRQB0xH14B%2BAF%2FVKD7BJxJ6ed2hUfOw7zDaeL97f86KTFgUo1myQpQDZnBaRsnmbt9%2FvEAUYcmdb%2FrWt5KhbpODnuHmG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc0a901c-FRA
expires
Tue, 14 Jun 2022 11:29:16 GMT
king-bird.png
coin-farm.com/img/birds/ Frame 4102 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/king-bird.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc75f3d33643dd3b55da49371cb87c6d65bc37acab136ef39538bcbaa0b996b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
563245
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10059
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeAe1bg0P7gZu80hDeNEjRvLv2hpYEP7FTObwdX8c7mVfSpN7qgkp%2FrxtZzTqUbtYAFu9xa%2FAFnu8hzH%2Fp2%2FflGTjDnuU8ldJAsafI0kfda2RwecfQ9ZLuKnkJUrpvpkvosSVPSqK5n6ww8L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc0b901c-FRA
expires
Tue, 14 Jun 2022 05:30:04 GMT
faq.png
coin-farm.com/img/ Frame 4102 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/faq.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867f8670ea8bd9b4706172afb56727b812950adf58e862a4f92c69e0c4b043ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
465922
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11915
last-modified
Wed, 16 Mar 2022 13:25:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3EhdYaJDeQLuWSRlrTYeL0bJZmxmT5iBAZr0hUXH8KlvVR0YvuMzH9uQkLz8g%2FNNNfnETgGhB1JH47C89QxHbNMIn4uc2Qz5CFRIKnHw3XjGOgFjlCzXdkUQz9nBkwnZZD6D9IkShu3B%2FoB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc0c901c-FRA
expires
Wed, 15 Jun 2022 13:55:34 GMT
404
coin-farm.com/ Frame 4102
Redirect Chain
  • https://coin-farm.com/img/bonus/bonus-2.png?id=13
  • https://coin-farm.com/404
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/404
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7dwNHLZ6Qe3%2B0gusAlZ8sVqrOi2uFII1QmEJMfkSLm9JQW0%2BFryGqTEj5koDpwJZhmU%2BGdGrDUnvLhwU20LLrBs4hsQWlnTZqxSesKsFhVrADxsQNm4tEDoJyb1SR%2BgG0%2FNw6wgt8yYk4IF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ffa4db2901c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xR6mtmUA9ijqgd4FdO99Av6Nyc7wEbxDZwQCBVMPx9q%2FDn1ktjFKke%2FjZoNBKK46swjxwTl7BFa174W29F4A0LbrBlyEl85kpG2u%2Fa4%2BEfCV%2BHtXy2p3X3O83Pi2PaY2M1mTWIFUkCWx7nw9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
/404
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
71af3ff8bc0d901c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
page-header.png
coin-farm.com/img/ Frame 4102 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/page-header.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e06623a3fbfb56dda121f45b1fa7380a9c7eb396f92ea258054724fc127acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554237
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6304
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu604DAlps7y0y6QDY5RXnENdFiEd6Ljr8RvfdZcV9Uj%2BRLSF%2FQztnfiQERjeXNfJ4Uw7B0qxJbdW%2BZhR4elHmISUze%2B94AxjL95iZK9hXk00ACVQdAy7qdBdhLwTVRPSrJZfZXTAIivaDYe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc0e901c-FRA
expires
Mon, 13 Jun 2022 13:52:00 GMT
inpt.png
coin-farm.com/img/ Frame 4102 		100 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/inpt.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a12a274ad2c38c58fdd2c0ccca656cc05ce82e98789ab74cd35e8ceccf4162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553475
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTByPoomQLqC00dD2wcd0VgnSxdLZF5IAgDxTcMjZ1IhQLW0LUj%2BUKI9gNrbBhUso0twgaxCMHqbo8J56rwXgNfKpf9bMxpx2BiVEiC8ateebmlZ5qzQmuse%2B1qHLdoHoxMgOKIEHJyrFLxw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8bc0f901c-FRA
expires
Tue, 14 Jun 2022 08:53:33 GMT
main-header-1.png
coin-farm.com/img/ Frame 4102 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/main-header-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd44ae42d704a37da34b1e084104e9b7b340020e32a8b7c8436d316fbbf570b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12059
last-modified
Thu, 17 Mar 2022 14:34:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMBmSETU1XSYDgL3hTcoikiqVsgIRyQOZJcuyCaap13JuaRU0TpiSqxlgk4bJN6IYiRRR7Xumw05d3vc4%2BhRo%2FZVx6lYw4Vn3wFnNgONIpdaKqSscuUyjVUZ7te%2BNLLPWFYnSrR%2Bc5ccS5Va"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8cc23901c-FRA
expires
Wed, 15 Jun 2022 07:21:39 GMT
separator.png
coin-farm.com/img/ Frame 4102 		119 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/separator.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5300204baca6af51b52173ea7fa00c2a884d4205714a52c51f77e41921f856a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554234
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
119
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PT7ixCdBj0wdUY6hBbgCz%2FJCFNci2nVkQkarTK6WXEzOpqvFfisrJ3qlotvZ0PzHBDNsX27RyExNJzq0U2Zk1pJ1GdT8Bjw6Qm2cHgvPEYBdsIZxXB%2FN7XtyPpR2FTSRso7YswmFsIxINs9Y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8cc24901c-FRA
expires
Sun, 12 Jun 2022 12:17:16 GMT
btn-main.png
coin-farm.com/img/notify/ Frame 4102 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/notify/btn-main.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/?welcome
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46a01194c467e24b86a5ab58b6f3ad84ba193837ffff9d472243a98f29a9b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7659
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8tkkmEc1hVhOYGYEqYzBGGL6gHxy0%2F5wSGvOdb24KGLQfm0g7ScddFzPy%2F4izLK4ziNkqooSwF%2Fpqwtox5HhLbHZNo8pbO%2F%2FEfQpB6usDLdQwgxlB67wFKlDEwx88ODjSRukIV93j2GN6wa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff8cc26901c-FRA
expires
Sun, 12 Jun 2022 12:17:16 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/90ee353/static/ Frame A91F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dd05ae1257a0ae1a4c2929ea00ce1166619d40f3a3f9cf4b62d4e52f757906
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coin-farm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16826
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
71af3ff93e3969a3-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 14 Jun 2022 01:21:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 07 Jun 2022 20:19:10 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-id
DYHXTye09CPqVjUllQxAUUDwBUizJRxggKWGrJ1pH6zpODZo9b513Q==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/90ee353/static/ Frame 1407 		2 KB
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dd05ae1257a0ae1a4c2929ea00ce1166619d40f3a3f9cf4b62d4e52f757906
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coin-farm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16826
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
71af3ff93e3a69a3-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 14 Jun 2022 01:21:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 07 Jun 2022 20:19:10 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-id
DYHXTye09CPqVjUllQxAUUDwBUizJRxggKWGrJ1pH6zpODZo9b513Q==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
field.png
coin-farm.com/img/bg/ Frame 4102 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/field.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/mobile.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258caa566623c13d72c413ad68c4fb78a05a0c3370b4743f3b713eaf4710ee70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/mobile.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15349
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9fYuvRGtBbPxIcxBtXCEOS%2Bxyxj7SwIAT%2BzI9mj2B3bi%2F75ZdRgLnBKLvD41gx2TY%2FAiwqSaw8cGu2Kky2%2FVUlNkK0MFwCdAl%2F8SPHjRmMhVJrDyMBumvMXhFaJxDkbBMJ37OsxQAEQDPvx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af3ff93ce5901c-FRA
expires
Sun, 12 Jun 2022 12:28:32 GMT
js
www.googletagmanager.com/gtag/ Frame 4102 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RY0K3CZX1R&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2XHBTJ95RE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b122c8b62754998d57355a5707088078ae1be2f870068b6ebc87393348b0e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67114
x-xss-protection
0
expires
Tue, 14 Jun 2022 01:21:33 GMT
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/90ee353/ Frame A91F 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/90ee353/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a94f6bcdf495fce5a1141eda3aba48ac0047bbac66243493c95ad276ec031f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
16826
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79898
access-control-allow-origin
*
last-modified
Tue, 07 Jun 2022 20:19:11 GMT
server
cloudflare
etag
"2413cfc6019c7153955667aa5628c3d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
cf-ray
71af3ffa0c8b693f-FRA
x-amz-cf-id
Bg_iV9C7W2tIlHGg6RFxY0-X6aci8AVLVkp8T0xT5oBzajvHqX5EQQ==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/90ee353/ Frame 1407 		279 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/90ee353/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a94f6bcdf495fce5a1141eda3aba48ac0047bbac66243493c95ad276ec031f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
16826
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79898
access-control-allow-origin
*
last-modified
Tue, 07 Jun 2022 20:19:11 GMT
server
cloudflare
etag
"2413cfc6019c7153955667aa5628c3d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
cf-ray
71af3ffa0c8d693f-FRA
x-amz-cf-id
Bg_iV9C7W2tIlHGg6RFxY0-X6aci8AVLVkp8T0xT5oBzajvHqX5EQQ==
6iadc.css
lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/1ri9b495/ Frame 7444 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/1ri9b495/6iadc.css
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
abbf1a6b5079f3fa3ff765946cbe9b9274931ebfa45cdfb21459b5ed0a71eaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Fri, 04 Mar 2022 09:39:34 GMT
server
nginx
etag
W/"6221de56-b952"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000
expires
max-age=A10368000, public
css
fonts.googleapis.com/ Frame 7444 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla%3A300%2C%7CLibre+Baskerville%3A400&display=fallback&ver=3.7.10
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a50a3ed1db297a906435dff601ac62b3b96eefd186c5e3cda77e2fb6e7481e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 01:05:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Jun 2022 01:21:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Jun 2022 01:21:33 GMT
17w5.css
lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/drcvpz51/ Frame 7444 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/drcvpz51/17w5.css
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d5338f2ed1ee52d1502ce5a6f6666386b6bb60c2567ac2fe965a247b3acdd54a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Fri, 20 May 2022 00:40:45 GMT
server
nginx
etag
W/"6286e38d-1aa23"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000
expires
max-age=A10368000, public
6hqmp.css
lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/mp039atx/ Frame 7444 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/mp039atx/6hqmp.css
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a0b1554a525fc11caf3d1998e73b78cfc2ecbb3843c7481160f22a0826267e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 15:49:41 GMT
server
nginx
etag
W/"625eda15-cf57"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000
expires
max-age=A10368000, public
jquery.min.js
lesezirkel-onlinetexte.de/wp-includes/js/jquery/ Frame 7444 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Mon, 27 Sep 2021 12:38:07 GMT
server
nginx
etag
W/"6151bb2f-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
jquery-migrate.min.js
lesezirkel-onlinetexte.de/wp-includes/js/jquery/ Frame 7444 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Mon, 27 Sep 2021 12:38:07 GMT
server
nginx
etag
W/"6151bb2f-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
cropped-Grau-Blumen-Modern-Einrichtungsgegenstaende-Logo-212x212.png
lesezirkel-onlinetexte.de/wp-content/uploads/2021/10/ Frame 7444 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/uploads/2021/10/cropped-Grau-Blumen-Modern-Einrichtungsgegenstaende-Logo-212x212.png
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e74e221757e7a8f1814d43e1c2a970bfa0fe65c0d01ac2db07d45924a1bb459e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
last-modified
Fri, 06 May 2022 09:38:46 GMT
server
nginx
etag
"6274eca6-1057e"
content-type
image/png
cache-control
max-age=10368000
accept-ranges
bytes
content-length
66942
expires
max-age=A10368000, public
frontend.min.js
lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/js/minified/ Frame 7444 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.10
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Thu, 21 Apr 2022 16:27:46 GMT
server
nginx
etag
W/"62618602-402c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
sassy-social-share-public.js
lesezirkel-onlinetexte.de/wp-content/plugins/sassy-social-share/public/js/ Frame 7444 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.42
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 00:35:34 GMT
server
nginx
etag
W/"628c2856-1dbb3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
borlabs-cookie.min.js
lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/javascript/ Frame 7444 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.51
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:33 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 12:23:04 GMT
server
nginx
etag
W/"6299fd28-618b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
blank.gif
vg08.met.vgwort.de/ Frame 7444
Redirect Chain
  • https://vg08.met.vgwort.de/na/aad78ba4be0e48bba23570d7c1fb78ba
  • https://vg08.met.vgwort.de/blank.gif
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vg08.met.vgwort.de/blank.gif
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
HTTP/1.1
Server
161.156.47.58 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
3a.2f.9ca1.ip4.static.sl-reverse.com
Software
keen /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Jun 2022 01:21:34 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
keen
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Tue, 14 Jun 2022 01:21:34 GMT
Last-Modified
Tue, 14 Jun 2022 01:21:34 GMT
Server
keen
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html
Location
/blank.gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 22 Aug 2000 15:05:01 GMT
/
cdn.bmcdn3.com/p/623c565afdbfc7001a590989/ Frame 45FE 		1 KB
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9fe102c7a482087db788435fd01bd42314e4fa42168dfe08344b678c446de1

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
71af3fface6b916b-FRA
content-encoding
br
content-type
text/html
date
Tue, 14 Jun 2022 01:21:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C61ojvj8hPLx8437oCTi7MuqIgalTa8%2Fhqf7a2Ivte%2FiBlkB3XfeL3EIaNwl6PQUFEeZ5RViODkU8XbmZ51BxMGiEORfpQwF1M44xpoF2J60%2F%2Fc9PSrcYrPu6ASxM7ZwbwGrArsBR%2B9X%2F%2Fwo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
qkBIXvYC6trAT55ZBi1ueQVIjQTDppqaE0lK.woff2
fonts.gstatic.com/s/karla/v22/ Frame 7444 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v22/qkBIXvYC6trAT55ZBi1ueQVIjQTDppqaE0lK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A300%2C%7CLibre+Baskerville%3A400&display=fallback&ver=3.7.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c251dff3ea42abeee2bbefeb368d59feeee0a858c861c5fd8df8eedba4c942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lesezirkel-onlinetexte.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:05:19 GMT
x-content-type-options
nosniff
age
544575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11412
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:27:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:05:19 GMT
truncated
/ Frame 1407 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 1407 		530 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=90ee353&host=coin-farm.com&sitekey=99b78ad2-949f-4620-a479-abbee3b3c4ce&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/90ee353/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d712ed1608cefad8c5e2e508b2928a0eaccb46e55d1b8c767b5703603554c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71af3ffb8e1c693f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
default.png
lesezirkel-onlinetexte.de/wp-content/plugins/related-posts-thumbnails/img/ Frame 7444 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/related-posts-thumbnails/img/default.png
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c6d7605e49f3024a18fbc5a4c5a020108d1b24c91f6fe467ec79548554dbbd9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
last-modified
Tue, 19 Apr 2022 15:49:03 GMT
server
nginx
etag
"625ed9ef-11e1"
content-type
image/png
cache-control
max-age=10368000
accept-ranges
bytes
content-length
4577
expires
max-age=A10368000, public
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 7444 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A300%2C%7CLibre+Baskerville%3A400&display=fallback&ver=3.7.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lesezirkel-onlinetexte.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:01:54 GMT
x-content-type-options
nosniff
age
544780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:01:54 GMT
astra.woff
lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/fonts/ Frame 7444 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Origin
https://lesezirkel-onlinetexte.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
last-modified
Thu, 21 Apr 2022 16:27:46 GMT
server
nginx
etag
"62618602-ce8"
content-type
font/woff
cache-control
max-age=0
accept-ranges
bytes
content-length
3304
expires
max-age=A10368000, public
borlabs-cookie-logo.svg
lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/ Frame 7444 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-logo.svg
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
2165e2c26c55abda30802c47b96c0299eed7de988ab2ef405b35036b4fbdeb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
last-modified
Fri, 03 Jun 2022 12:23:04 GMT
server
nginx
etag
"6299fd28-215a"
content-type
image/svg+xml
cache-control
max-age=10368000
accept-ranges
bytes
content-length
8538
expires
max-age=A10368000, public
borlabs-cookie-icon-black.svg
lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/ Frame 7444 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/die-geisteshaltung/?utm_source=google&utm_medium=organic&utm_campaign=die.Geisteshaltung&utm_term=Geisteshaltung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
last-modified
Fri, 03 Jun 2022 12:23:04 GMT
server
nginx
etag
"6299fd28-105e"
content-type
image/svg+xml
cache-control
max-age=10368000
accept-ranges
bytes
content-length
4190
expires
max-age=A10368000, public
post_load_info.js
static.bmcdn3.com/js/ Frame 45FE 		706 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/js/post_load_info.js?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b434054a6be065acfc38ab163590b92c370d560540a2a0ab518d10e289cd2dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
320
cf-polished
origSize=932
last-modified
Wed, 08 Sep 2021 10:16:41 GMT
server
cloudflare
etag
W/"61388d89-3a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmRaU83UkBzwZ%2FUtzk%2B9jID0w1DX3Dkz1rmrhMdrnaUPf6O8TiCsU%2BGtUKXSq1MWbslNKFLSrQIcfgx9gwKgwxpGEeS5MNa2YyVR9vm62tdyrNK8nuqcZUFBPMPi4OOScTNBMq9uYFDDOveqjEJS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
71af3ffbf82b916b-FRA
cf-bgj
minify
basic.css
static.bmcdn3.com/css/ Frame 45FE 		3 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84dfd0883135e8d52e90873b82f56e58b094edeba836252fbead61f4f88c4be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5464
cf-polished
status=cannot_optimize
last-modified
Thu, 30 Sep 2021 08:48:04 GMT
server
cloudflare
etag
W/"615579c4-d7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOtWz%2BVFqLlvk74jB9j9v%2FZMvl8EBG%2F3I27ifQ11FdzjZiWuyJwdILIvNPXjEYyrc3julKfj%2FTRRN%2FjreaZoCbnMmxgZMmSiobRQykiY%2F%2FDO%2F2wQrmH51457OtIimzlQ4qNbpa7s70qndi9pK5zS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
71af3ffbf829916b-FRA
cf-bgj
minify
img.css
static.bmcdn3.com/css/ Frame 45FE 		317 B
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/img.css?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d9174b2c70c32d1556f151d409daf5efb467a56abac707403beb8ff1e35a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5047
cf-polished
origSize=401
last-modified
Tue, 03 Nov 2020 15:55:58 GMT
server
cloudflare
etag
W/"5fa17d8e-191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1kQVYXvURGDjlHVrOktZ64AiVqy55lkw%2FsbzrxtJF8KjafR13S6dU5gpehEgzBgFNo1Na4UsDsaGYYnOlhoB04oeAm3TSyFLHvZi%2BftzqnWDJg0QLSDNuBdtL7W4vO8kg5iy6HBtgA2kNgBmTzP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
71af3ffbf828916b-FRA
cf-bgj
minify
8ffcc890-d042-11ec-bd60-8dbe4508d3d849a151ef-7504-43c4-9c22-d014d897d7ce.png
media.bmcdn3.com/static/ Frame 45FE 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bmcdn3.com/static/8ffcc890-d042-11ec-bd60-8dbe4508d3d849a151ef-7504-43c4-9c22-d014d897d7ce.png
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46668b76331d1eac0e1f8e038c6aab2ad3137c3a2d2d9f08c4a4c04939fcc169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1890
cf-polished
origSize=80534
content-length
70324
last-modified
Tue, 10 May 2022 09:21:24 GMT
server
cloudflare
etag
"627a2e94-13a96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCdIe0EP5eRxhdhWDTXAYoxykhlvvT8KEr8Y9I308Aez52lXZpqvgtRlZx92W0mmXR8GLbLWEOFuniAzQk2vwiK0S1jas2o3xOKTCmKlOlBp6x0%2BcNNGw9vPRlv0%2FPXG2aflGCEDKM%2BMC70B6sA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
71af3ffc68d1916b-FRA
cf-bgj
imgq:100,h2pri
hsw.js
newassets.hcaptcha.com/c/3d3f91e0/ Frame A91F 		965 KB
363 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/3d3f91e0/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/90ee353/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4129fd5ee37b6529d6c18eed45f87e353c0b1faffa8abe027fd6969f23e6a18c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
10161
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 22:30:28 GMT
server
cloudflare
etag
W/"615855e8986c85e5c245bc665f41a913"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA56-C1
cf-ray
71af3ffbee80693f-FRA
x-amz-cf-id
MFFCXsDjSf9DBpUahcyf3a2mXDFP9Q_spodbQdtmzgA4OpdNJEMZEw==
new_bm_logo_v2.svg
static.bmcdn3.com/img/ Frame 45FE 		675 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/new_bm_logo_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Jan 2019 10:06:54 GMT
server
cloudflare
age
6052
etag
W/"5c4053be-2a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYCCup9QENqjrzJ7PntHMlZGrg0npdXiVQa9Bf5hJFISbKNtUuA6dHCNCs8w5wDgec2SMWfE5yajsT5Oy8Xt6WQUFxd7kTvCFgbHS6XF70qwYh5yv0rZ95CGvuuPoWKgYJuKzgyF%2BS6HkyvbumSd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3ffc3898916b-FRA
by_bm_v2.svg
static.bmcdn3.com/img/ Frame 45FE 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/by_bm_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:45:28 GMT
server
cloudflare
age
7187
etag
W/"5f883658-e03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cORuWTZjDmagcrFRrPU5PUDgBtOgbnvCxVIjbggvaBNaJAOXH0%2F5VSM35JjMt087CkNDcH%2FvYvFPT0oig5ygYiLLdFz%2FDLBhWR8qL42NtfoYrCLcwmWl88cbyvI6dRSpVRic72hMOva%2BdPFljLMD"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3ffc3899916b-FRA
choice_v2.svg
static.bmcdn3.com/img/ Frame 45FE 		351 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/choice_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:44:30 GMT
server
cloudflare
age
6043
etag
W/"5f88361e-15f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVYe3bC4AUp7AEPaQSK7gIPVrcFNYV%2FCkZWBQLIQZQAg0wlxZeSMyEeJ0I4Nggwv1ubYv8dz7xrvY58nlA4TtB5m1jUXVdRo9hJ%2FTAFMo13JmRrRHMakf7H6zQPL6%2FE31EPX56GJXMpBu0PYvcQV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3ffc389a916b-FRA
choices_v2.svg
static.bmcdn3.com/img/ Frame 45FE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/choices_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:45:54 GMT
server
cloudflare
age
6496
etag
W/"5f883672-892"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzacwNbLRIRuEPgMPsOV%2B2eHQQL1R2HF%2FqQg%2Fy8YIZctPSHC2lJsCC%2BQqvaJuhNXVeZkgaOkwgt3dGgH80ORcS3cEsayiWf9aAviiGB6BTArRbDWifB5ABwvdaNm2IHrZh3g73Zg%2F4%2F%2FADH4NfSq"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3ffc389b916b-FRA
dark-bottom.css
s3.amazonaws.com/valao-cloud/cookie-hinweis/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/dark-bottom.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.36.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 14 Jun 2022 01:21:35 GMT
Last-Modified
Thu, 13 Jun 2019 19:15:46 GMT
Server
AmazonS3
x-amz-request-id
XAREXEHJSNHFVRDC
ETag
"5bf7ee25dfc531a650cadc3770723438"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3341
x-amz-id-2
8xoD1OA/7DNyI5ZMswJ+FlJSFKvsQYGvGu0OC74OWlJj52Fa7Hyy5IXPCM3pmf7HO8fYWssgcg8=
/
cdn.bmcdn3.com/p/623c55576a92bc002503d00b/ Frame 79D0 		1 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/js/623c55576a92bc002503d00b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e033333384096670f6411493b5792e1a093b2f8e3a051a430bb80883777f991

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
71af3ffd4a11916b-FRA
content-encoding
br
content-type
text/html
date
Tue, 14 Jun 2022 01:21:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbXvIg%2Fo1jq8wHHAGL6R5Hg7fOangskOuP7%2Fgruzf%2FazFzgO1ca7GC%2BVCHz6SZ5yObkHR1rfikkHZI6v13DlMHzqJs5pdbHBfB1%2F0hlKrQnBRxhN84UyvLo%2FZbwAcqEQxi4zPvAFEe0hTWkS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
e
newassets.hcaptcha.com/i/b78be28/ Frame A91F 		49 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/i/b78be28/e
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/c/3d3f91e0/hsw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a5a262d25a17fd648b358f8e19891ab18dde68651c78bffb89267f768398fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/90ee353/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
via
1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
37189
x-cache
Hit from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 May 2022 13:24:29 GMT
server
cloudflare
etag
W/"5465553815894ce997d7c14d0b823797"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
cf-ray
71af3ffda842693f-FRA
x-amz-cf-id
38lWwLWTlVTKVhDStiSJUM1f2uJio7bGooCeNo4O4N-c57K8CuJuLg==
post_load_info.js
static.bmcdn3.com/js/ Frame 79D0 		706 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/js/post_load_info.js?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b434054a6be065acfc38ab163590b92c370d560540a2a0ab518d10e289cd2dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
320
cf-polished
origSize=932
last-modified
Wed, 08 Sep 2021 10:16:41 GMT
server
cloudflare
etag
W/"61388d89-3a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5ARUzKkxYOgxLxCX%2BY0vanuz56rMjEGFrec0URuf9qpAle8TVjoil0rb2wNjzZAQuYfte48ET6jc6PemCQXfVgxt8Y%2FhB3BR%2F8qNYQ1b%2FcNoHL%2BIqwxEAMc5vUu0Ms7eoOXTieE7oKyudFyQ%2Fkj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
71af3fff1cf6916b-FRA
cf-bgj
minify
basic.css
static.bmcdn3.com/css/ Frame 79D0 		3 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84dfd0883135e8d52e90873b82f56e58b094edeba836252fbead61f4f88c4be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5464
cf-polished
status=cannot_optimize
last-modified
Thu, 30 Sep 2021 08:48:04 GMT
server
cloudflare
etag
W/"615579c4-d7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBPWoxcgspbIjKcj%2BuXDLHyLmoT9bCPCbGhxg%2FDUld3JxT4gkzJAcVyQ1dZpQ335VQlYK%2BXvHUAOY96H25hCbieCZEerlUBgy%2F6CUgYgj40xMCjUigFd1iFB19YkUGU2irgcT1emmSXc6FQ41s%2Fg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
71af3fff1cf7916b-FRA
cf-bgj
minify
img.css
static.bmcdn3.com/css/ Frame 79D0 		317 B
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/img.css?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d9174b2c70c32d1556f151d409daf5efb467a56abac707403beb8ff1e35a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5047
cf-polished
origSize=401
last-modified
Tue, 03 Nov 2020 15:55:58 GMT
server
cloudflare
etag
W/"5fa17d8e-191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLm5p1D8hnRdfzeuIjt%2BNMOX315iiY%2BUmiBDImhayo4lRgSLEoTykMN3M6kn%2FGWcaSz98E168jwQhJht7RYXdwneG68WNxPQVz3Oau8biFk7ManRkUSK8CgASqW7fWuVwnMhd9hCkTT2JdRWSiUM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
71af3fff1cf8916b-FRA
cf-bgj
minify
8ffcc894-d042-11ec-bd60-8dbe4508d3d83341b129-8670-4888-9cea-c3b7e9e84e63.jpeg
media.bmcdn3.com/static/ Frame 79D0 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bmcdn3.com/static/8ffcc894-d042-11ec-bd60-8dbe4508d3d83341b129-8670-4888-9cea-c3b7e9e84e63.jpeg
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D96d5b289883dcf7b161b9a3cb326f31e%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=28bf090dfa4b43147d04731195158fad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb8db62b674148e490834152f0cf6d89b624b59db3fd40c39218db54cdccdfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4225
cf-polished
origSize=33327
content-length
27667
last-modified
Tue, 10 May 2022 09:21:24 GMT
server
cloudflare
etag
"627a2e94-822f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddVvxxx530DpoZVCvQ0uzhvwVLF2G92EUDUFRS%2B%2FF1CoEG7IZg2xYGydrgcFqP4S5J8lPQJnxOCI9aZSPOyRjI4eZe8T1YgwfHt5HZT4%2Fc8LJ76UoKgdOObcKAXOCZbCNqaOC%2BNYnvag6KfA1sI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
71af3fff6d63916b-FRA
cf-bgj
imgq:100,h2pri
new_bm_logo_v2.svg
static.bmcdn3.com/img/ Frame 79D0 		675 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/new_bm_logo_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Jan 2019 10:06:54 GMT
server
cloudflare
age
6052
etag
W/"5c4053be-2a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBRg4SdGPjkWHzfe7oRXWzyBKng2pjd7Twy3%2BH8BBZjaTU2ssk5CatoUp%2FuJWgoWYLarU56gblHtQfC%2Fvfmw9x7EjAwUETi6%2Ffx%2BaI%2BQC1x1YSC0kICrS5XHanQGfb5Twbp8EYmtLEJXGZTQMTnU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3fff6d74916b-FRA
by_bm_v2.svg
static.bmcdn3.com/img/ Frame 79D0 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/by_bm_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:45:28 GMT
server
cloudflare
age
7187
etag
W/"5f883658-e03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWAGwFufUdkz7LZFRWr%2BkAB1NZGBcdSQqciq%2FPPaYp1xCg3J1COLV5XTEGkej%2BsSWaiDkPmbDj9oiYVDtuS7MZi2SaUiFOwbvRj2zw6qRorZjzUVwExQJ0Ic2DnNtzV8HbNHtH%2FcNQKzqV%2BJWwa0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3fff6d76916b-FRA
choice_v2.svg
static.bmcdn3.com/img/ Frame 79D0 		351 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/choice_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:44:30 GMT
server
cloudflare
age
6043
etag
W/"5f88361e-15f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTNv23fqVueXvmLv03%2BAMKTLOVh2jzM8DGBh7s8Qi4T0b1TMVJ8PWS7v9R%2BCw5n5xZq5f9HjWDvhpS0hIGqefWy05BbjNl%2FXnvpo1aKM%2B13w6x05Upvnm9UuW%2BNi02tuz%2FfnW0aMwweyUN8qBcE2"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3fff6d77916b-FRA
choices_v2.svg
static.bmcdn3.com/img/ Frame 79D0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/choices_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:45:54 GMT
server
cloudflare
age
6496
etag
W/"5f883672-892"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wnEOYYfjcg%2BedXYOMIc8KRjQUW8KM7%2BhGhz2%2BIMiS7tD8yLwqGLGC9gLW8YHVkIq95w3UHRZe8O9XfQMZb7WcdbOzsKPZ69oiRjIzF97JSB9oOTQQq2vBM9IKu30mVAEtgOz1EPa89O1hyY1Apd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71af3fff6d78916b-FRA
tree-loop.jpg
coin-farm.com/img/bg/ Frame 4102 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/tree-loop.jpg
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f4567d0913f09993ec452d6e35012d4ce8569b452c9ed660991559d1a5b26f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438544
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7369
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2d3hIK1mwhaWRx4o2nJlmZT1YCJ7h6AURqT9BA%2Bt%2F7GHoDV%2Bp6GoAIS61pMBqX32n09Kp7UVabJY9fNLVNfCip0g4jDpgVb4uyQPizSOU%2BsfzGuw%2B2hmvDWdD5qP3BSkrZu%2F07VYv724snP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bec9901c-FRA
expires
Wed, 15 Jun 2022 07:21:39 GMT
wrap-tree.png
coin-farm.com/img/bg/ Frame 4102 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/wrap-tree.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e71743ee51a895199215d48c77f7cbaaf649c9b97d47a87f1dbdc3998d08cb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
170715
last-modified
Thu, 17 Mar 2022 14:38:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBmxKiZ28eP5pzGsBvz9OHiVtab1Wdx0nudNns8uJRpvUfNpqDEwMlYrq0xdW2536VitKvC9L2kb2w218Enjt2RiYYzSpEZzF6ipZwT8cmmD4FoW%2BKmbIFvcaSjDh0fD5vYZfbgR6z7XNeV2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005beca901c-FRA
expires
Wed, 15 Jun 2022 07:21:42 GMT
cloud-1.png
coin-farm.com/img/bg/ Frame 4102 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/cloud-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d975473d8c7c600b12b24fb8eddec2348ca3eebdcded343d43258e306930cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77626
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13694
last-modified
Sun, 08 May 2022 23:09:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKbgXg4syH%2BQfB7L53qkIhhmPUTB7XGycLjsrdqItoxYUCrajtpGphBApNtt42VzPBilLIWFLSN7Vi5%2F334xz8RHu%2FwTRAJUeOuXJsEX0ZNn8HwpWuNCl9wv5MTcrBZhQhXFzUNi%2F7pQfybi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005becb901c-FRA
expires
Mon, 20 Jun 2022 03:47:49 GMT
cloud-2.png
coin-farm.com/img/bg/ Frame 4102 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/cloud-2.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1726fea4fa2bc1a315134031b9100bf2c11eaada3d0df9618a8577a8f5cf4f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85881
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11136
last-modified
Sun, 08 May 2022 23:09:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv8m7%2BmPYXN5AB%2B1PLH%2FdUQcqLf3lINtzjyAb7tFSwc2E3nmCBuLBMIZNkFH9Nod4Pja2P5W5HUCYXxNQsV%2BRSI54gpS7nflk6j4PtrVJWvQOHRL7KbfcR38GjjX51IuJ9NyYf7efpbQMDC5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005becc901c-FRA
expires
Mon, 20 Jun 2022 01:30:13 GMT
logo.png
coin-farm.com/images/logo/ Frame 4102 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/images/logo/logo.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d82c8fa3e348d868a22780e63331b66f7f5e2cf033cb40417ca1e04e410687d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553478
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20718
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Felk8zDweQXl2TrVgQV4N0y4mcy6p9b0Qnhg6qfHbYu87hw9cqafXonidDjDeDElAOwVQlHn3RKNcGuKUNfvSjB2CUOpZg%2F7TNKdua6O6jOUGM1Ztv%2FNaj9qFlIYRGqgTivJ95NH9IbGPpv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005becd901c-FRA
expires
Tue, 14 Jun 2022 08:53:33 GMT
nest.png
coin-farm.com/img/birds/ Frame 4102 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/nest.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c196ea4768a850a5ff06215fb00f748a3642b721e315267d300451d8fab86571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18204
last-modified
Thu, 17 Mar 2022 14:35:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFpSNMcHqaTSnC%2BsKc39Q9MdQhD2OMGQ5XSebdZEvoKLdt74JLtOJe%2B8MU7LsNDaTXsO72T9CIoLShdU5CbeOAPyGZDaC9A0%2FXAsLdJSftrnk%2FviXsLkOzofzRb8gQv9%2FaeQcdICNI1l7qNy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bece901c-FRA
expires
Wed, 15 Jun 2022 21:49:53 GMT
yellow.png
coin-farm.com/img/birds/ Frame 4102 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/yellow.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0977ef4ba806b6e3b380774136aab211846eedfac1212a8612035ca1e1d88e34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438544
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6781
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FqYhr17JrB4EUXTL98eCjkL0Md1ciIA1Vdq2GvADPK78pu9EKkPqeNO3%2BnQwYjU4upNOsupUfCBrnEQ1492rE%2F4gZCcsULCO%2BTepQvRnVP4eDfrwL3xJzKNOd999iy6HzFi0EfmjsToYnlp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005becf901c-FRA
expires
Wed, 15 Jun 2022 07:21:39 GMT
nest-cover.png
coin-farm.com/img/birds/ Frame 4102 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/nest-cover.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38db63fbb5d7ae5c0b9ab5cd30dce7cda7db2b1da354e2d99ffbdaed01ef08a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3003
last-modified
Thu, 17 Mar 2022 14:35:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13Hy7dl9pHRNVp1H7gmG0l3rvFUY%2Fr8N7%2FY%2BlMMd%2FKCQSXKe6ILGPDlWTCnHS2rNAKM5jy7owz3lB1XVLyI%2BTPGoooQk%2BYxuNCOMrLQ0rNTyIXuDDn5CJ13u%2B6Zvy2FaECaU3iz%2F0%2BNuatKr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bed0901c-FRA
expires
Thu, 16 Jun 2022 15:24:12 GMT
brown.png
coin-farm.com/img/birds/ Frame 4102 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/brown.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120903723057c9cb36caadc8514bea98059bdbf917fa69f13c2241b0978fce75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
558423
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5235
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3lo%2B0zU1PSdNWipBpHbksaCaCVdC8PGkJEYWy%2FSu1Ur5PXa3Cr9Y6%2BeoboRFh3mcEKD6%2B8o7evmF%2FPLuiuaqhINjxjie%2FXYbkZTugyykxK%2BCsMydOZw8MSbF60NICrq%2FpE3QCgfUdi0n4El"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bed1901c-FRA
expires
Sun, 12 Jun 2022 12:28:32 GMT
new_icon.png
coin-farm.com/img/ Frame 4102 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/new_icon.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789f8f8ec25b47c29b788686e9606f639e601a2950c3548e9aa1f54c0ea77ec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
553477
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1960
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4mzZ%2F6typNMD%2BAHoHYmlTh3lLuLIyVU60pywHkTtzWmDF1Cyl%2Fjlpsdy3X%2Bm7JuUa3qiprOAdI2MsOssWqwqNn4NQFRCIV5Z47F8sAHTr9r7vqk7NR4TBURlt5XqkADYZn%2BPA3XS55icNti"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bed2901c-FRA
expires
Fri, 10 Jun 2022 17:46:36 GMT
green.png
coin-farm.com/img/birds/ Frame 4102 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/green.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f47b8a7469e5d32a9f806b15c1a238e974129ef9da2f50c6d69f15a2c1193f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554237
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8680
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQU7ZWZO%2BFpfw1iouMtEinMaCqo0ij5XFai760oxpdPLLYh5YeUQ9PhVjvBuyo%2BXXfawLw01DZLaeuP0V2%2B3BhqNy%2FrFcs8ZKs%2Fcy68RTHBHafTdt4c9CzoFG3jmEqt3GrcUPk7SHQR2YIqi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bed5901c-FRA
expires
Mon, 13 Jun 2022 13:42:29 GMT
beige.png
coin-farm.com/img/birds/ Frame 4102 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/beige.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5bc63df53adf039fa55f5066b9a3d0c4d1acfe39b67980badee54390e6ed408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554236
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7966
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=befACL0cok0k6MV2WrhvkWVMU%2BNHfu77JkxVG54HUKXH2T34Rpp%2BNszIb2Fgg0%2BRx9ygWTVNueCSp2Afhc%2FrmShwXOYol2VhPIA5Z7T193jrsIROfQJ3TrjRoeSmSxj4WsEaprT8SSRbPH7Q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bed6901c-FRA
expires
Mon, 13 Jun 2022 13:42:29 GMT
blue.png
coin-farm.com/img/birds/ Frame 4102 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/blue.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b10662a382d760a900098dea7d1fa3c424fc94df002f7d3febf929c5cd1420fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554236
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6449
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUwCVD31MKhPl0yzckrAeLB8zafXtO3GReZrHMZ5V8%2B8H5QY7hg%2FfDrNjXaSzQP6c6Ailme0dZvuty7vlgug5X01Cw35uytvskGVOgUzi1JVploMzji%2FB2LMbamFJW4E1av3c6MJDcVKIg5q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bed8901c-FRA
expires
Tue, 14 Jun 2022 11:29:16 GMT
king-bird.png
coin-farm.com/img/birds/ Frame 4102 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/birds/king-bird.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc75f3d33643dd3b55da49371cb87c6d65bc37acab136ef39538bcbaa0b996b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
563247
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10059
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pitfee77XfaBOAeZflbM29qRcqLuxOPApFY8zCMYRRylCqbA8yVVX%2BNUHLJ7ECw%2BMrxyYf0Q7b%2BYeCApW0UTYPcQ7mXx6yauJl%2B%2BWDdDfo2iYUqugMB1NyVD65zd2DdRUxvBLshicGNagijg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005beda901c-FRA
expires
Tue, 14 Jun 2022 05:30:04 GMT
chest-bottom.png
coin-farm.com/img/bonus/ Frame 4102 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bonus/chest-bottom.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9835c2b5197969b1830dc4caff769e4c03fd4e9d65f407108a4bc6ed6c3b3de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425857
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12626
last-modified
Wed, 16 Mar 2022 13:26:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VyiNrgN94uMgUBU6YU9fDBevGgPJqAszXfql%2BjI6PzxTTqA8UiTG5SD%2Bs6B0jXXE8Tjq3IMOIs6RFRDhe5wqL28yNLfKngaN832MRh6NPFdzYn9cC9xvPbc8WlpDcpzn8Up1sJlP9VU%2Fx1l"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bedb901c-FRA
expires
Thu, 16 Jun 2022 03:03:58 GMT
chest-top.png
coin-farm.com/img/bonus/ Frame 4102 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bonus/chest-top.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21ac4f883e6f7e7acdf0c9d0d5c7d62db2e0dd133bf1a8b23e5bd8a73bde826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
460246
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11551
last-modified
Wed, 16 Mar 2022 13:26:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvjDn%2BO%2FdP%2BO8OH%2F5tABnj0sLpNmnezJJ0H%2Fj0QAwzvAdW6D5jBovY3ADBXRekCOVOGtwVKIqsA2EaIgnL3X4fWegE2UFWxOgkS%2F27JJjJOAV095kRnb7kIs0lpa3sobIz5Q9%2Bx4cS1CH%2Fi4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bedc901c-FRA
expires
Tue, 14 Jun 2022 05:30:04 GMT
dust.png
coin-farm.com/img/bonus/ Frame 4102 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bonus/dust.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d747aa4000192bc3f173aca03d31faea5308fa86e405a1c9189041f3afde2e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
460246
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22860
last-modified
Wed, 16 Mar 2022 13:26:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbe3J7lOIjLhyEoSf2JAW7TccVx1aRusTz3upBll9INhJaeU5hY%2BjnFuo1SKRmxqE6ZNxTPzuy5sZxMamKfU%2BbDMHMHCXM1pTm1lv1q8%2FPfOcVyCwSCaQdZUSgP8zNTbMcXiXO%2BUjL2VVCOJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bedd901c-FRA
expires
Tue, 14 Jun 2022 05:30:06 GMT
light-1.png
coin-farm.com/img/bonus/ Frame 4102 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bonus/light-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c77b9eb56bf6bd2d47732baa96ae73e42ab66ef7fd545a85d57c4189473d43a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459978
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6134
last-modified
Wed, 16 Mar 2022 13:26:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhZVrkDaPcoLKJn2jSV5VZgDwYaSlbgcuVIas78xW6y5wldVS17Bx07g9nSVNKarscUR3%2FCgAIGwqctrta8gvT0pZ6lyzDApEMXsyzllocVT5PXsDYNf1pRrS33963l17GmaTliky%2B%2F%2FIIx%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bede901c-FRA
expires
Wed, 15 Jun 2022 07:21:42 GMT
page-header.png
coin-farm.com/img/ Frame 4102 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/page-header.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e06623a3fbfb56dda121f45b1fa7380a9c7eb396f92ea258054724fc127acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554239
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6304
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGDrzZU5FhCk3oh0Dn1Iu1IUA8l8Hrh9aZbkZ2zB3aqF9TkWBTZ5NUMlJ8lJkkTEiAayz8xhn77Cz2alF0yq%2FTzbzMqv%2FRTE8nT%2BxINaYyk5bBr1%2FEz5GhiymDDqUrRn%2BvkhrSH9siLUeUfD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bedf901c-FRA
expires
Mon, 13 Jun 2022 13:52:00 GMT
payments.png
coin-farm.com/img/ Frame 4102 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/payments.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd8f44d34268e170f0b89194e7e886bd4f0f8277dc5686f7f694fd0e6b27c6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
350843
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7153
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffi%2FjVWMa59AcHa9BuNo2svLJxa10pZwJ8fe8EDe9nqIjutyYf7Ju3lZLNmxJSkKDN6Z5Re42lFzn3Y5iAQ0iSDdWRfRhWGJ20P%2FxbFJ1HPqqpm9UMy0c0OiPIiHGoI8P2SM9pJPyx7s21nr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee1901c-FRA
expires
Wed, 15 Jun 2022 07:21:42 GMT
en.png
coin-farm.com/img/flags/ Frame 4102 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/flags/en.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fa579c09516c2e5c03d34d66e405d7a1613d34e6a6e3f146c5363956bff27f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/?welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425860
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3833
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0srAQE1I7xhZ717dZtvcjQgy3kxvRr9J%2BQsGRNo5az5Oai57bkpgZUabDKhdlUradp%2B%2BEa3S2%2BxOwLYMIgR6YVWjEXVzwOAi9e7IceQW2hSXrtHf76HQ%2FeN3V1BxujLeFpTZaBIgYujl6t2L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee2901c-FRA
expires
Thu, 16 Jun 2022 03:03:55 GMT
king-1.png
coin-farm.com/img/notify/ Frame 4102 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/notify/king-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style_tour.css?id=1057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ffc9fd486e1cddb1d4315b6131bc4c153a8af1cb34eb7261616d68ad2af824

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style_tour.css?id=1057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347355
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20345
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVwYHhiAHvtSCejLMCF4w9NFKMpT7A7vdQqTbf0TmnqBEPYvSJiIM6h8WkWDfW7O0no%2Fepn6k6Aaa2tpe7l3NiCS8gwKLye1U%2BhtUGYFDBgqe37zaTF3SHcqMoXYzYly%2FZMm4H83JBr8XZMR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee3901c-FRA
expires
Wed, 15 Jun 2022 07:20:49 GMT
pad-1.png
coin-farm.com/img/notify/ Frame 4102 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/notify/pad-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style_tour.css?id=1057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c4e4eac1d5fcff45552a75e55ea5273a60c4d0322a4d02a1fd5053f46514da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style_tour.css?id=1057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12786
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FLUuu%2FLqzE5ZMSKeqi%2BRWGnZ7Bjrv2J3HD9VoxduxXwN38ORVPmUOQ%2BnPB9Gg8rVsKGtzIXkjXbIrHB5ZFB5yAZFqXXs4569XAg1ekCVDTw6Jn3nLf7qGrSHgy6CPaCYulWpq8TL%2FfHO6mr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee5901c-FRA
expires
Wed, 08 Jun 2022 02:44:11 GMT
exit.png
coin-farm.com/img/icons/ Frame 4102 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/icons/exit.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style_tour.css?id=1057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0127ba30363c136b15880c8287f9563a8ce5026d2dc336aa78d97da6d7259c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style_tour.css?id=1057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
419268
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2964
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AArekmbhXwByEfu78XUFEhNprDddPNKcG6VjVgmgc%2B2uY73nV9pnl%2BRoopAYinklZ%2FIm4iiM448assSnA84fbvjIctBFucjGfjLR9NGW3F%2BfKfrjKeleDkKq%2Fnfj0ONUe3dR%2B%2FBPPccnboYe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee6901c-FRA
expires
Thu, 16 Jun 2022 04:53:47 GMT
shine-pad.png
coin-farm.com/img/icons/ Frame 4102 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/icons/shine-pad.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style_tour.css?id=1057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca6864432f48fc37dc599359bc16c1f37a478f30735ec806293b46ef5b12b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style_tour.css?id=1057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7465
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltsTn%2FJBLrjeAleXW3lZcQuQQmopPjbJI57pRpqsqbxsrDsBjfYlRyL%2Fb7AhMD4sDKiLeBOAfB4Ojrs04ttZeyiEu4Y%2BqzikIq%2FXEiKAaBK0gS3By6hI7wFhC4eAssJI1L69ZNyikR3jOVm6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee8901c-FRA
expires
Sun, 12 Jun 2022 12:57:27 GMT
btn-1.png
coin-farm.com/img/notify/ Frame 4102 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/notify/btn-1.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style_tour.css?id=1057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e271f60ef4d4353b73c2d90ce9853369568514ba1a5151006a87856a58ff4695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style_tour.css?id=1057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2985
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiR%2FHUT5jza6GchE%2F7v%2FZ5Jw%2Fp3M8%2FvTkF7K7uyQ6BFJGUJ2WurqtN5RvT4soaOp4TmJQW77qqM4mnxf7LL2opZJnygo%2FM8cSM%2Be%2BaeeEy9HaO0TAzpb9BbOQk3dEajxICpF6k8H7tdok9rW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005bee9901c-FRA
expires
Tue, 14 Jun 2022 05:30:06 GMT
field.png
coin-farm.com/img/bg/ Frame 4102 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coin-farm.com/img/bg/field.png
Requested by
Host: coin-farm.com
URL: https://coin-farm.com/style/style.css?id=190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258caa566623c13d72c413ad68c4fb78a05a0c3370b4743f3b713eaf4710ee70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coin-farm.com/style/style.css?id=190
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 01:21:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554235
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15349
last-modified
Sat, 12 Mar 2022 15:16:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOnhhpGfpgSIxateZDXI1rTI1gKOaT%2Bb02pS2QBtiqv0%2FZ2bVOQP2M6e6H2faiF16epyYkRHVNdBm9%2B8fWljJDdbOJ6J%2BM96QsQI6jMMKbySOGaKfKtyZ%2BehwHMUwy37jiRRefjqBAfXklnu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
71af4005beea901c-FRA
expires
Sun, 12 Jun 2022 12:28:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.k-bettel.de
URL
http://www.k-bettel.de/popup/pop.php

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery number| auto_refresh object| _Hasync object| cookieconsent_options function| chfh function| chfh2 string| _HST_cntval object| Histats function| Fingerprint2 number| c2 number| c1 object| bmblocks boolean| hasCookieConsent object| dataLayer object| _HistatsCounterGraphics_328_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_328 function| histats_canvascounters_base.js object| google_tag_manager boolean| changed function| update_cookieconsent_options string| token

9 Cookies

Domain/Path Name / Value
www.k-bettel.de/ Name: PHPSESSID
Value: co9iass83lnmotjt5bndtde8c4
www.k-bettel.de/ Name: HstCfa4631295
Value: 1655169692947
www.k-bettel.de/ Name: HstCla4631295
Value: 1655169692947
www.k-bettel.de/ Name: HstCmu4631295
Value: 1655169692947
www.k-bettel.de/ Name: HstPn4631295
Value: 1
www.k-bettel.de/ Name: HstPt4631295
Value: 1
www.k-bettel.de/ Name: HstCnv4631295
Value: 1
www.k-bettel.de/ Name: HstCns4631295
Value: 1
www.k-bettel.de/ Name: bitmedia_fid
Value: eyJmaWQiOiJjN2EzMWYwMGEzNDNlODk2ZjhjOWI3ZDNjMDlhMDZkOSIsImZpZG5vdWEiOiJhYjUyMmNkMTAwMzJmMzc1ZDIzMDc2MDc1ZjM3M2NhZCJ9

5 Console Messages

Source Level URL
Text
security warning URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok' was loaded over HTTPS, but requested an insecure element 'http://www.traffic-master.de/adsadmin/arlight/view.php?get=image&cid=1&rid=DDDCC6'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok(Line 128)
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok' was loaded over HTTPS, but requested an insecure element 'http://www.traffic-master.de/adsadmin/arlight/view.php?get=image&cid=1&rid=DDDCC6'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok' was loaded over HTTPS, but requested an insecure script 'http://www.k-bettel.de/popup/pop.php'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=(Line 16)
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=96d5b289883dcf7b161b9a3cb326f31e&step2=ok' was loaded over HTTPS, but requested an insecure frame 'http://l.adcocktail.com/l_frame.php?uid=87912&kid=0&wid=0&wsid=199914'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Message:
Mixed Content: The page at 'https://www.shimly.net/public/ptp-1-1675-30-48-sh' was loaded over HTTPS, but requested an insecure element 'http://bk.adcocktail.com/bk_rota_v.php?tan=MzMwNzh8ODc5MTJ8MTk5OTE0fDE2NTUxNjk2OTM='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bk.adcocktail.com
cdn.bmcdn3.com
cdnjs.cloudflare.com
coin-farm.com
fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
l.adcocktail.com
lesezirkel-onlinetexte.de
media.bmcdn3.com
newassets.hcaptcha.com
s10.histats.com
s3.amazonaws.com
s4.histats.com
static.a-ads.com
static.bmcdn3.com
static.klamm.de
vg08.met.vgwort.de
www.croxy.de
www.googletagmanager.com
www.k-bettel.de
www.lcmmedia.de
www.shimly.net
www.traffic-master.de
www.k-bettel.de
104.16.168.131
104.16.169.131
104.20.46.59
148.251.233.147
159.69.68.169
161.156.47.58
192.99.8.34
195.201.125.43
195.28.12.55
213.202.218.154
2606:4700:20::681a:d6b
2606:4700::6811:180e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a03:4000:30:f0ad::16:2728
2a06:98c1:3121::3
46.105.201.240
52.216.36.160
89.163.148.251
0127ba30363c136b15880c8287f9563a8ce5026d2dc336aa78d97da6d7259c06
024e0da3603f17238365b579fa8ea89dca386892c60075d5ca80000271050e34
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199
0977ef4ba806b6e3b380774136aab211846eedfac1212a8612035ca1e1d88e34
0cdb01b5f388efed2c99da1615e989bcac726fc3b293f8afd8028523de094da4
0e71743ee51a895199215d48c77f7cbaaf649c9b97d47a87f1dbdc3998d08cb3
1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90
112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4
120903723057c9cb36caadc8514bea98059bdbf917fa69f13c2241b0978fce75
12f47b8a7469e5d32a9f806b15c1a238e974129ef9da2f50c6d69f15a2c1193f
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b
1726fea4fa2bc1a315134031b9100bf2c11eaada3d0df9618a8577a8f5cf4f2d
1739b5331e84abb5018dfa9724ff0e308719c3dfd230952d5e9a33181136a0b3
17b449fe0f0fa1864f35250494d31aae81b0085fef39e8606338756edb1dba33
1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979
18942dc5cf55f6da8dbddb03c2b42a0077e528b1e2fdae3dd672e8014b938952
19fce025a5ae4362be9dff1aeccf5fab7819dadd2c5312a534c284819d7596de
1c77b9eb56bf6bd2d47732baa96ae73e42ab66ef7fd545a85d57c4189473d43a
1d82c8fa3e348d868a22780e63331b66f7f5e2cf033cb40417ca1e04e410687d
1e4d4c1d729aece7ff34c80da40238dacf06551078ca7f761e2eede774623f63
2165e2c26c55abda30802c47b96c0299eed7de988ab2ef405b35036b4fbdeb6a
258caa566623c13d72c413ad68c4fb78a05a0c3370b4743f3b713eaf4710ee70
27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449
29a12a274ad2c38c58fdd2c0ccca656cc05ce82e98789ab74cd35e8ceccf4162
2c9fe102c7a482087db788435fd01bd42314e4fa42168dfe08344b678c446de1
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a
31c251dff3ea42abeee2bbefeb368d59feeee0a858c861c5fd8df8eedba4c942
31dd05ae1257a0ae1a4c2929ea00ce1166619d40f3a3f9cf4b62d4e52f757906
33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa
355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546
38db63fbb5d7ae5c0b9ab5cd30dce7cda7db2b1da354e2d99ffbdaed01ef08a3
3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035
3c44616ee04256954435878845d570cb49c923bf525c01870b33e3377e8ee919
3fb8db62b674148e490834152f0cf6d89b624b59db3fd40c39218db54cdccdfd
4086bdbc78a76d4fda5c06784ef87f1820e37cb77075f2b1114ab26ab4f395d0
4129fd5ee37b6529d6c18eed45f87e353c0b1faffa8abe027fd6969f23e6a18c
46668b76331d1eac0e1f8e038c6aab2ad3137c3a2d2d9f08c4a4c04939fcc169
48c4e4eac1d5fcff45552a75e55ea5273a60c4d0322a4d02a1fd5053f46514da
4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47
4fa579c09516c2e5c03d34d66e405d7a1613d34e6a6e3f146c5363956bff27f0
511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9
527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4
5300204baca6af51b52173ea7fa00c2a884d4205714a52c51f77e41921f856a2
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a
5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de
5e39135f6abd7809884556625bae49b9d2507f130e1c001817e0e9b8e3658eeb
63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171
657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68e06623a3fbfb56dda121f45b1fa7380a9c7eb396f92ea258054724fc127acd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b122c8b62754998d57355a5707088078ae1be2f870068b6ebc87393348b0e04
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69
6ded7400fcf884602b9d12c1d644895895f6da012e254008208a058f4cfea3b7
6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac
6e3a60c479fe403bb851e4da1637148f617a6425e904438d0fa7ef25bbc0c46a
6e9849c7382d5beea6f9531dc06cdcbc4f6c6ac846fa1c9b4ec17063925cd2f9
789f8f8ec25b47c29b788686e9606f639e601a2950c3548e9aa1f54c0ea77ec2
794c8c7da3fcba0087b7926e8242a817ef5d124b4ad616c9475fc0eb2fef2aaf
7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32
7dbc2239636885288b86af0d7328393f858a332e11a8081d9b96d75497a05b98
7e3e0ab2ba8a45b128b61df37949996c95a860867caf7dbb356025f820612630
83f4567d0913f09993ec452d6e35012d4ce8569b452c9ed660991559d1a5b26f
8411c24d7ab3c43849189dc4ec2219f0bc0b4fbcade16bbfd4afa0e009a2402e
84dfd0883135e8d52e90873b82f56e58b094edeba836252fbead61f4f88c4be8
85d9174b2c70c32d1556f151d409daf5efb467a56abac707403beb8ff1e35a28
867f8670ea8bd9b4706172afb56727b812950adf58e862a4f92c69e0c4b043ca
86f2ac83f095b960cdab2fc6f1b0f959d8bfdab49f09daedf7cdeb6ae2a1bb06
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0
8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e
8d807bfd3a301876631d6ab0e8e3ce5419b01ca31dac4cbdc069a48fc3f82fc5
8e5cf6b90561d9b895288488a21f92923dec8067eae9d718f503426dd315e535
8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48
97ffc9fd486e1cddb1d4315b6131bc4c153a8af1cb34eb7261616d68ad2af824
9835c2b5197969b1830dc4caff769e4c03fd4e9d65f407108a4bc6ed6c3b3de7
998564b8650c4dd81696a6342eadf340086c2d74e8f4c634f20ba23174c84b54
9a249c3bd33fec9a5f1ed7c3f9587481d79ebab3dce6401774d6adc6f811450b
9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c
9ca6864432f48fc37dc599359bc16c1f37a478f30735ec806293b46ef5b12b95
9e033333384096670f6411493b5792e1a093b2f8e3a051a430bb80883777f991
9ec5ce97cc52dfaa2a994e3a7f17211f68c7b46c622d4f62095f44152aca3925
9f6e55f4e55fb839246988b089dc05e54810ea59469382b9a31996bc554df093
a0b1554a525fc11caf3d1998e73b78cfc2ecbb3843c7481160f22a0826267e3d
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961
a50a3ed1db297a906435dff601ac62b3b96eefd186c5e3cda77e2fb6e7481e83
a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d
a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
ab92e8657ff003bc98cd0a7da264ca1f3e21184bddcc30e0a0989c13e484f290
abbf1a6b5079f3fa3ff765946cbe9b9274931ebfa45cdfb21459b5ed0a71eaa2
ae4510ae2d2101fe918670e5c9dadcf8cd3203bff92d3c29a98add953778ae09
afd8f44d34268e170f0b89194e7e886bd4f0f8277dc5686f7f694fd0e6b27c6a
b0738d8100aef0cd30110de15bf0ab9a1480172778f96af9f3c3e4014c2f3270
b0d712ed1608cefad8c5e2e508b2928a0eaccb46e55d1b8c767b5703603554c0
b0d975473d8c7c600b12b24fb8eddec2348ca3eebdcded343d43258e306930cd
b10662a382d760a900098dea7d1fa3c424fc94df002f7d3febf929c5cd1420fa
b16d73ea8661ac663f74a38a4c8603dec20edcff627487a6810c556e4477ab54
b434054a6be065acfc38ab163590b92c370d560540a2a0ab518d10e289cd2dde
b46a01194c467e24b86a5ab58b6f3ad84ba193837ffff9d472243a98f29a9b7d
bb64c3d2047b1df3efd0d1b4f66eaea0c570ecc0add64cb8fc9bc3788aeeac8f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc75f3d33643dd3b55da49371cb87c6d65bc37acab136ef39538bcbaa0b996b
bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c
c0071c650aca2615e49b7534434933e32e3619b9631a4167dbc71ec5d7c1592a
c196ea4768a850a5ff06215fb00f748a3642b721e315267d300451d8fab86571
c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7
c5bc63df53adf039fa55f5066b9a3d0c4d1acfe39b67980badee54390e6ed408
c6d7605e49f3024a18fbc5a4c5a020108d1b24c91f6fe467ec79548554dbbd9c
c869fc8da9ac835d6fde00bbd3af92e57ea0a1d93e97bfbeff50444df171036d
cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23301722b8fd058b3d89a8ed7348cf2ea36c27f8625d1b2282f79d2811f16c6
d38a1d0566c19f8fb6958bd6929acfc85706c7dab9d2c29b76ecdcb798ed0507
d5338f2ed1ee52d1502ce5a6f6666386b6bb60c2567ac2fe965a247b3acdd54a
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9
d6a94f6bcdf495fce5a1141eda3aba48ac0047bbac66243493c95ad276ec031f
d747aa4000192bc3f173aca03d31faea5308fa86e405a1c9189041f3afde2e2d
d8ce29375f2e197ddd1af6516d5e095a52e967fdb269bf0b2e5e97186e9b09d3
dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02
df5dcf7298ff954fcfc3d01b4328075b4b2c11a99461fcc5bcdc8b48d312c88b
e21ac4f883e6f7e7acdf0c9d0d5c7d62db2e0dd133bf1a8b23e5bd8a73bde826
e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4
e271f60ef4d4353b73c2d90ce9853369568514ba1a5151006a87856a58ff4695
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74e221757e7a8f1814d43e1c2a970bfa0fe65c0d01ac2db07d45924a1bb459e
eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
f099b2d7ba33ba10d648ec3aafad64501c8d243d87011636aa4f690d66228b2b
f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b
f7a5a262d25a17fd648b358f8e19891ab18dde68651c78bffb89267f768398fe
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb35f00ae2d40b4252204018950636962e135b676c8a9ea976758b8c4a99c809
fc8a02b236d13792ee4bef18c9966e8a7e7334f66157fd8004ce74f4dac114e6
fd44ae42d704a37da34b1e084104e9b7b340020e32a8b7c8436d316fbbf570b1