pronavigator.ru.xsph.ru Open in urlscan Pro
2a0a:2b47:c:6777:: Public Scan

URL: http://serfnets.ru/advertise.php?r=14269

URL: https://www.koiniom.com/affiliate/exUQRXRyml

URL: https://unitraffic.ru/reklama?uid=170
Title: UNITRAFFIC.RU🎅

URL: https://ve7.ru/adver/context?click=8&type=1&host=pronavigator.ru.xsph.ru&partner=5507&key=jAgtRBq5yt

URL: https://ru.wikipedia.org/wiki/%D0%94%D1%80%D0%B5%D0%B2%D0%BD%D0%B5%D0%B3%D1%80%D0%B5%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9_%D1%8F%D0%B7%D1%8B%D0%BA
Title: др.-греч.

URL: https://ru.wikipedia.org/wiki/%D0%A1%D0%B2%D0%B5%D1%80%D1%85%D1%8A%D0%B5%D1%81%D1%82%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5
Title: сверхъестественных

URL: https://ru.wikipedia.org/wiki/%D0%A0%D0%B5%D0%BB%D0%B8%D0%B3%D0%B8%D1%8F
Title: религиозная

URL: https://ru.wikipedia.org/wiki/%D0%91%D0%BE%D0%B3
Title: Богом

URL: https://ru.wikipedia.org/wiki/%D0%91%D0%BE%D0%B3%D0%BE%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D0%B5
Title: теологических

URL: https://ru.wikipedia.org/wiki/%D0%A4%D0%B8%D0%BB%D0%BE%D1%81%D0%BE%D1%84%D0%B8%D1%8F
Title: философских

URL: https://ru.wikipedia.org/wiki/%D0%94%D0%BE%D0%BA%D1%82%D1%80%D0%B8%D0%BD%D0%B0
Title: доктрин

URL: https://ru.wikipedia.org/wiki/%D0%9C%D0%B8%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B7%D0%BC
Title: мистицизмом

URL: https://ru.wikipedia.org/wiki/%D0%9C%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0#cite_note-1
Title: [1]

URL: http://netgaming.fun/click/tizer.php?idwm=42&idadv=10&hash=5fe37adf3447f811cf1367c4c85d78af
Title: Быстрые бонусыЛицензионные слоты

URL: http://wmlink.ru/?ref=332234
Title: Реклама WMlink.ru

URL: http://click.wmlink.ru/UHFAAUFFAANHZZFQFAAURARAU3HZZR?s=2bc9bfe90864c9396dbf309a0551edf4
Title: ОТ 7000 РУБЛЕЙ В ДЕНЬ

URL: http://click.wmlink.ru/UHFAAUFHQANHZZFQFAZZRANAUQN3FQ?s=23b8896322ade62a4968a6e1e0f84606
Title: Новые и старые анекдоты

URL: https://metrika.yandex.ru/stat/?id=84353464&from=informer

URL: https://wpastra.com/
Title: WordPress тема Astra

URL: https://dao.ad/

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.koiniom.com/affiliate/exUQRXRyml HTTP 301
https://koiniom.com/affiliate/exUQRXRyml

Request Chain 28

http://regionads.ru/js/banner.php?id=785&f=728x90 HTTP 301
https://regionads.ru/js/banner.php?id=785&f=728x90

Request Chain 31

https://r.adbtc.top/1359636 HTTP 301
http://adbtc.top/r/l/1359636 HTTP 301
https://adbtc.top/r/l/1359636

Request Chain 35

https://www.google.com/s2/favicons?domain=https://paidtomoney.com/?r=oke_i@mail.ru HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://paidtomoney.com/?r=oke_i@mail.ru&size=16

Request Chain 36

https://www.google.com/s2/favicons?domain=https://konstantinova.net/dogecoin/?r=D6c9jmNT1Fw8YkkaQUjMNVXVZsdJzfoEZX HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://konstantinova.net/dogecoin/?r=D6c9jmNT1Fw8YkkaQUjMNVXVZsdJzfoEZX&size=16

Request Chain 37

https://www.google.com/s2/favicons?domain=https://notimerfaucet.biz/doge/?r=bc1q3tyxkzu0nhfv4f0qqf7jceasv40c89y7xpl7t2 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notimerfaucet.biz/doge/?r=bc1q3tyxkzu0nhfv4f0qqf7jceasv40c89y7xpl7t2&size=16

Request Chain 38

https://www.google.com/s2/favicons?domain=https://freebitco.in/?r=1733706 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://freebitco.in/?r=1733706&size=16

Request Chain 39

https://www.google.com/s2/favicons?domain=https://payeer.com/01465804 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://payeer.com/01465804&size=16

Request Chain 40

https://www.google.com/s2/favicons?domain=https://faucetpay.io/?r=1430521 HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://faucetpay.io/?r=1430521&size=16

Request Chain 41

https://www.google.com/s2/favicons?domain=https://satoshihero.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshihero.com&size=16

Request Chain 42

https://www.google.com/s2/favicons?domain=https://iqfaucet.com?ref=79052 HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iqfaucet.com?ref=79052&size=16

Request Chain 43

https://www.google.com/s2/favicons?domain=https://bitfaucet.app/ref/6et2w HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitfaucet.app/ref/6et2w&size=16

Request Chain 44

https://www.google.com/s2/favicons?domain=https://www.bestchange.net HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.bestchange.net&size=16

Request Chain 45

https://www.google.com/s2/favicons?domain=https://tfbitcoin.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://tfbitcoin.com&size=16

Request Chain 46

https://www.google.com/s2/favicons?domain=https://satoshimonster.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshimonster.com&size=16

Request Chain 47

https://www.google.com/s2/favicons?domain=https://claimfreecoins.io HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://claimfreecoins.io&size=16

Request Chain 48

https://www.google.com/s2/favicons?domain=https://bitsfree.net HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitsfree.net&size=16

Request Chain 49

https://www.google.com/s2/favicons?domain=https://cointiply.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cointiply.com&size=16

Request Chain 50

https://www.google.com/s2/favicons?domain=https://cryptoscourge.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cryptoscourge.com&size=16

Request Chain 51

https://www.google.com/s2/favicons?domain=https://free-bcash.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-bcash.com&size=16

Request Chain 52

https://www.google.com/s2/favicons?domain=http://cryptounity.net HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptounity.net&size=16

Request Chain 53

https://www.google.com/s2/favicons?domain=https://free-dogecoin.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-dogecoin.com&size=16

Request Chain 54

https://www.google.com/s2/favicons?domain=https://dogecoinfree.info HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dogecoinfree.info&size=16

Request Chain 55

https://www.google.com/s2/favicons?domain=http://faucetlite.net HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://faucetlite.net&size=16

Request Chain 56

https://www.google.com/s2/favicons?domain=http://free-litecoin.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-litecoin.com&size=16

Request Chain 57

https://www.google.com/s2/favicons?domain=http://litecoinfree.info HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://litecoinfree.info&size=16

Request Chain 58

https://www.google.com/s2/favicons?domain=http://cryptoarea.net HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptoarea.net&size=16

Request Chain 59

https://www.google.com/s2/favicons?domain=http://free-ethereum.io HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-ethereum.io&size=16

Request Chain 60

https://www.google.com/s2/favicons?domain=http://ethereumfree.info HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ethereumfree.info&size=16

Request Chain 61

https://www.google.com/s2/favicons?domain=http://panel.bither.one HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://panel.bither.one&size=16

Request Chain 62

https://www.google.com/s2/favicons?domain=http://free-monero.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-monero.com&size=16

Request Chain 63

https://www.google.com/s2/favicons?domain=http://ripplefree.info HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ripplefree.info&size=16

Request Chain 154

https://mc.yandex.com/watch/54518020?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1380194332925%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A353224438%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1380194332925%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A353224438%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 155

https://mc.yandex.com/watch/54517903?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A2%3Adp%3A0%3Als%3A763739279492%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A522365553%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A2%3Adp%3A0%3Als%3A763739279492%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A522365553%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 179

http://koiniom.com/block HTTP 301
https://koiniom.com/block

Request Chain 202

http://regionads.ru/js/banner.php?id=785&f=300x250 HTTP 307
https://regionads.ru/js/banner.php?id=785&f=300x250

Request Chain 214

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9529.MxeaDPHr5ulxGW9toA7VOOjjjYUz2Q5XbsNjP2lRox39xaDVFTD-NvWE5N4E9gJv.H5QQSoxIXGY9RFEwt1LT1F2aogs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9529.P_Do6BjKSRYfN2ARF5Zaj546lchQQqfYa01YCbL0rmpTwVbzwZ1Ze18fQcKqbPw1ij46QMrTOcwA6y6EQn23pQ%2C%2C.VeN4GWg-EWgq0ZiT5oV7i0Scdp0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9529.2NGPnzYHB36C1wrUNMTpvYOHfdfWcD17OvEucPZFqWzhxBIkeVnUYcgh4wTjriZzCx3EuC4Van0Pw9ZkY-TIDQ%2C%2C.BxWUaNg0w2Y-u3_uK6L5L8mhn9k%2C

Request Chain 240

https://ntvpforever.com/in/show/?mid=1168249049&pid=0&site=native-push-mainstream&sc=DE&usage_type=COM&subid=2054508782&sid=2262476999&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=9e664a0eba41631ad7697a7366d487474838e60c&tcid=0&out_id=1&ver=5.3.0&ver_c=&refdom=pronavigator.ru.xsph.ru&hostname=auc-inpage-hz-0-a&site_id=3110150&spot_id=10150&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-01-25&is_native=4&auction_queue=0&burl=&pop_winurl=&ip=84.19.175.184&testab=0&px_id=0&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=pop-default&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FPH%2FPH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FPH%2FPH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp&skin_id=1&vertical_id=0&real_bid=0&mlc=1&format=compact-slide-b_r-body&mlf=1&cpa=d36ae213-6c9d-4a43-a3c8-a861f98ca7d3 HTTP 302
https://static.bookmsg.com/creatives/PH/PH_9e664a0eba41631ad7697a7366d487474838e60c_icon.webp

Request Chain 256

https://ntvpforever.com/in/show/?mid=1168249049&pid=0&site=native-push-mainstream&sc=DE&usage_type=COM&subid=2054508782&sid=2262476999&cid=11740&price=0.054&is_cpm=0&cpm=0&ecpm=0.26078035102295155&crid=&crtid=8231e53589d9a3396c01619abdc590b2&tcid=0&out_id=0&ver=5.3.0&ver_c=&refdom=pronavigator.ru.xsph.ru&hostname=auc-inpage-hz-0-a&site_id=3110150&spot_id=10150&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1643211780&created_at=2022-01-25&is_native=1&auction_queue=0&burl=&pop_winurl=&ip=84.19.175.184&testab=0&px_id=7310150&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&url=https%3A%2F%2Feu.doctorpost.net%2Fmetrics%2Fsave.img%3Fevent%3Dimpressions%26bid-id%3Dv2-1643139780272-7-4406-1074449-85886de1-6050-f508-9330-475f1b808aa3%26img%3Dhttps%253A%252F%252Fcdn.adx1.com%252F1c7c256a6c3eeb358b95f59d2fc26ac0.png&image_url=https%3A%2F%2Fcdn.adx1.com%2F1c7c256a6c3eeb358b95f59d2fc26ac0.png&skin_id=1&vertical_id=0&real_bid=0.048157200000000004&format=compact-slide-b_r-body&cpa=bf9c3c3e-c2d9-4f61-97d5-91b5849eb710 HTTP 302
https://eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1643139780272-7-4406-1074449-85886de1-6050-f508-9330-475f1b808aa3&img=https%3A%2F%2Fcdn.adx1.com%2F1c7c256a6c3eeb358b95f59d2fc26ac0.png HTTP 302
https://cdn.adx1.com/1c7c256a6c3eeb358b95f59d2fc26ac0.png

Request Chain 269

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 277

https://inpptouch.info/api/message-in-page/impression?id=i233563&time=1643139780&sig=6664426280466b84731c1dbd4a9e27&u=aHR0cHM6Ly9jLmFkc2tlZXBlci5jb20vYz9wdj0yJnY9MHwwfDB8X3FmdkVKbTBGbVlCTUx0VEJYMmpDbU9Qb2xjRG1PbGNzc0JndVpNMWY5N1JId1JkTEpfRzQtQkg1VEszT0RpTSZjaWQ9MTEzOTM1MCZmPTEmaDI9dmxKMFJkbk1ZRmxEMHBDUXk2YWRQdTczaEtEb29TTFZWLXVmZUxxQldVdyomcmlkPTAxMmIzODM4LTdlMTctMTFlYy04YmIyLWU0NDM0YjM3NGNiMiZwc2lkPTM3NDA4Jml1Yj1hSFIwY0hNNkx5OXpMV2x0Wnk1aFpITnJaV1Z3WlhJdVkyOXRMMmN2TmpJM016azVPUzh6TWpoNE16STRMemd5ZURCNE16STRlRE15T0M5aFNGSXdZMFJ2ZGt3eWJIUmFNbWgyWXpOU2VreHRUblppVXprd1RIcEpkMDFxUVhSTlJFVjJUa1JWTkUxVVFURk1lbWN4VGtkUmQwNVhWVEpOYWxac1dtcGplRnB0VlROT2FtY3hXbGRKZUZsVVJYaE5iVkUwV2tSbk0weHRjSGRhZHk1M1pXSndQM1k5TVRZME16RXpPVGM0TVMweWJIVlJhMTlGVDAxalNGbDRVMm80TUZoM2FqaHJWakpoVEhKSlNFZHBNVWd4UVdZNU1YUnpSSFpa&srv=1 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|_qfvEJm0FmYBMLtTBX2jCmOPolcDmOlcssBguZM1f97RHwRdLJ_G4-BH5TK3ODiM&cid=1139350&f=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=012b3838-7e17-11ec-8bb2-e4434b374cb2&psid=37408&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvNjI3Mzk5OS8zMjh4MzI4LzgyeDB4MzI4eDMyOC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qQXRNREV2TkRVNE1UQTFMemcxTkdRd05XVTJNalZsWmpjeFptVTNOamcxWldJeFlURXhNbVE0WkRnM0xtcHdady53ZWJwP3Y9MTY0MzEzOTc4MS0ybHVRa19FT01jSFl4U2o4MFh3ajhrVjJhTHJJSEdpMUgxQWY5MXRzRHZZ HTTP 301
https://s-img.adskeeper.com/g/6273999/328x328/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1Lzg1NGQwNWU2MjVlZjcxZmU3Njg1ZWIxYTExMmQ4ZDg3LmpwZw.webp?v=1643139781-2luQk_EOMcHYxSj80Xwj8kV2aLrIHGi1H1Af91tsDvY

Request Chain 289

https://inpptouch.info/api/message-in-page/impression?id=i233567&time=1643139784&sig=18c28cef743d9a72a49ed4f65b570b&u=aHR0cHM6Ly9jLmFkc2tlZXBlci5jb20vYz9wdj0yJnY9MHwwfDB8NFowS3JzZkhWZldWTnlZRzFpa1QxQXFaTEk5ZTFteWhFaE5XaTUtcno4MUJVT3NSTklWdVU4cXRmMEtUM3pBNyZjaWQ9MTEzOTM1MCZmPTEmaDI9dmxKMFJkbk1ZRmxEMHBDUXk2YWRQdTczaEtEb29TTFZWLXVmZUxxQldVdyomcmlkPTAzNWYzZWIwLTdlMTctMTFlYy04YmIyLWU0NDM0YjM3NGNiMiZwc2lkPTM3NDA4Jml1Yj1hSFIwY0hNNkx5OXpMV2x0Wnk1aFpITnJaV1Z3WlhJdVkyOXRMMmN2TmpRNU5EVXdNaTh6TWpoNE16STRMekUzTVhnd2VEWTRNM2cyT0RNdllVaFNNR05FYjNaTU1teDBXakpvZG1NelVucE1iVTUyWWxNNU1FeDZTWGROYWtGMFRVUm5kazE2VVRCT1ZFMDBUSHBuTUUweVZteE5hbFUxV2xSb2ExbHFRVFZPVkUxNlRsUkJlazR5VVRCTmFtZDVUVVJXYTA1cVNURk1iWEIzV2xkakxuZGxZbkFfZGoweE5qUXpNVE01TnpnMExXVTJaVVpIZHpodU9VMXNkRXR5WVdSMWEyZ3pXVmN5TnpOdFUwUXlWRVJpU25CRVdVYzFWbHB4Y1djPQ%3D%3D&srv=1 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|4Z0KrsfHVfWVNyYG1ikT1AqZLI9e1myhEhNWi5-rz81BUOsRNIVuU8qtf0KT3zA7&cid=1139350&f=1&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=035f3eb0-7e17-11ec-8bb2-e4434b374cb2&psid=37408&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvNjQ5NDUwMi8zMjh4MzI4LzE3MXgweDY4M3g2ODMvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakF0TURndk16UTBOVE00THpnME0yVmxNalU1WlRoa1lqQTVOVE16TlRBek4yUTBNamd5TURWa05qSTFMbXB3WldjLndlYnA_dj0xNjQzMTM5Nzg0LWU2ZUZHdzhuOU1sdEtyYWR1a2gzWVcyNzNtU0QyVERiSnBEWUc1VlpxcWc= HTTP 301
https://s-img.adskeeper.com/g/6494502/328x328/171x0x683x683/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMzQ0NTM4Lzg0M2VlMjU5ZThkYjA5NTMzNTAzN2Q0MjgyMDVkNjI1LmpwZWc.webp?v=1643139784-e6eFGw8n9MltKradukh3YW273mSD2TDbJpDYG5VZqqg

276 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pronavigator.ru.xsph.ru/ 67 KB
20 KB 256ms
199ms Document
text/html 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 43d95eff54982b9a69e0fde44e60cdfcca62bcd553079988b98b6e59bd14ddcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: openresty
Date: Tue, 25 Jan 2022 19:42:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <http://pronavigator.ru/index.php?rest_route=/>; rel="https://api.w.org/" <http://pronavigator.ru/index.php?rest_route=/wp/v2/pages/160>; rel="alternate"; type="application/json" <http://pronavigator.ru/>; rel=shortlink
Content-Encoding: gzip

GET
H/1.1 200
OK style.min.css
pronavigator.ru.xsph.ru/wp-content/themes/astra/assets/css/minified/ 71 KB
71 KB 83ms
51ms Stylesheet
text/css 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.7.3
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: a0249fdaeb656b4eeea4cb84701b2adee82ad121a8ee649502cfec65c30207e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
pronavigator.ru.xsph.ru/wp-includes/js/ 18 KB
18 KB 113ms
66ms Script
application/x-javascript 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK style.min.css
pronavigator.ru.xsph.ru/wp-includes/css/dist/block-library/ 79 KB
79 KB 72ms
56ms Stylesheet
text/css 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK 2021-09-30_101420.png
pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/ 286 KB
286 KB 109ms
65ms Image
image/png 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/2021-09-30_101420.png
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 4ce94de605c5452354d2cdfffa5e928af2db5e41941d53af4ce9eb9f3aa1e8e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK getjscode.php Show response
serfnets.ru/ 4 KB
2 KB 420ms
309ms Script
text/html 2606:4700:3034::6815:5c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://serfnets.ru/getjscode.php?r=14269
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: d3d1f89cf1a91c584a2d2e972849166d90521fe39b1841565855879e7adb0bae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTR9KhHf3vdnWTXKhcu8aDBb%2FFwpVxhuzsP8dhqk6jCXHnuthJqAG5xMAHX46pelO5iUdJ9ZejL3dPHLdBLeinwDG4MXHWMuAz6%2FEqcuYxbhNAfOdEwa3Ak8QcJQZGmz09D1f%2FbENfJtug%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=WINDOWS-1251
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d33fcd97d53e720-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK banner.php Show response
unitraffic.ru/ 4 KB
2 KB 328ms
72ms Script
text/html 194.61.53.41
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unitraffic.ru/banner.php?user=170

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.61.53.41 Muscat, Oman, ASN202302 (NETH-AS, UA),

Reverse DNS

Software

nginx /

Resource Hash

38ae66d1ecc954f964113b109f398062c88e6ae56874e08ec091a90f08f2ac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 19:42:57 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000;
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get Show response
ve7.ru/earn/partner/ 628 B
773 B 332ms
60ms Script
text/html 2a00:f940:2:2:1:1:0:51
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://ve7.ru/earn/partner/get?id=5507&type=1&code=1642109606

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f940:2:2:1:1:0:51 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

Software

nginx / PHP/7.3.33

Resource Hash

8b4c88f83e854bc7b8d73f83182853a7be7aaa760c1c527ec05c7990e33577d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:57 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000;
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 403
Forbidden invoke.js
reinstandpointdumbest.com/f7bc5ad70ec39bdc67792f295fcf0335/ 0
0 767ms
114ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://reinstandpointdumbest.com/f7bc5ad70ec39bdc67792f295fcf0335/invoke.js
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Jan 2022 19:42:58 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK / Show response
r1.wmlink.ru/ 667 B
868 B 218ms
66ms Script
text/javascript 185.15.208.118
MIRHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://r1.wmlink.ru/?id=470552
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 185.15.208.118 , Russian Federation, ASN52000 (MIRHOSTING, RU),
Reverse DNS: wmlink.ru
Software: nginx/1.12.2 / PHP/5.2.5
Resource Hash: 3492ee5a74d76e06a86fa10f3a31380ddec7486eb3f8ed0027c8db83d0e2c530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/5.2.5
Content-Length: 667
Content-Type: text/javascript; charset=windows-1251

GET
H2 200 get Show response
ve7.ru/earn/partner/ 0
283 B 330ms
59ms Script
text/html 2a00:f940:2:2:1:1:0:51
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://ve7.ru/earn/partner/get?id=5507&type=10&code=1642109916

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f940:2:2:1:1:0:51 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

Software

nginx / PHP/7.3.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:57 GMT
server: nginx
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=31536000;
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, private, must-revalidate
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 waWQiOjEwODMwODgsInNpZCI6MTEyMDIxMiwid2lkIjoyODM3NzAsInNyYyI6Mn0=eyJ.js Show response
dvypar.com/na/ 98 KB
37 KB 125ms
67ms Script
application/javascript 2606:4700:3036::ac43:8f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dvypar.com/na/waWQiOjEwODMwODgsInNpZCI6MTEyMDIxMiwid2lkIjoyODM3NzAsInNyYyI6Mn0=eyJ.js
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae6dd26592c83c036bc3da31fcba56f9c871a200d4f5dc24e131e3234e9c0b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jan 2022 19:42:57 GMT
server: cloudflare
e-tag: 067003bd2f8610809cebb15964199e3a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTSN9S5%2FVDks%2BQOoY5OjKkuvGPzGFA0cFT%2FZz4JJvizr45GdmC%2FHAz531QHhl9f7mBZljSmd0YES07nr6jcztFIDO%2BYsQt97%2F7qkXFHNIpN4rzDqLRDKn495mUeDJBO4NKXCMlqthIyC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://pronavigator.ru.xsph.ru
cache-control: public, max-age=14400, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcd9c85a5c14-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/84353464/ 1 KB
2 KB 204ms
43ms Image
image/png 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/84353464/3_1_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

374d91a04a786a1b8a019ea6cdac9393f905090f9353be21c913ec4a5991653d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Jan-2022 19:42:57 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1412
x-xss-protection: 1; mode=block
expires: Tue, 25-Jan-2022 19:42:57 GMT

GET js.js
smigro.info/ 0
0

GET
H2 200 in-page.js Show response
inpptouch.info/ 95 KB
27 KB 118ms
53ms Script
application/javascript 2606:4700:3033::ac43:a64b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inpptouch.info/in-page.js?b=10
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a64b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fab9fb6ba98e6bf5be3467155d282c38d16c39e2b30c72b6fc4f2f2f9f82d86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6007
cf-polished: origSize=106354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Aug 2021 08:34:08 GMT
server: cloudflare
etag: W/"611cc600-19f72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8X6r8nTV3jIS0XWKseBkiFPfHxkxFAe4YgXpNd7J1rZkPur6x66jWiqbd7TgRcfi7RxFEeRNZC45rMp4AdE4svvYx1%2FQ%2FjiZFPAXyWSgDZbj3x8db2djehP%2Bw3XwTFgHZzPiDhmb4z9tAR62pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d33fcd8ebb3902e-FRA
cf-bgj: minify

GET
H/1.1 404
Not Found daopush-init.js
pronavigator.ru.xsph.ru/ 0
0 54ms
53ms Script
text/html 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/daopush-init.js
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 d-video.js Show response
video.onetouch8.info/ 91 KB
13 KB 141ms
55ms Script
application/javascript 2606:4700:3033::6815:ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/d-video.js?b=15
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 10:57:09 GMT
server: cloudflare
age: 216
etag: W/"61c1b305-16d04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4Y5BkLUGaSN7qUSEAKe3et3UC4cwtJUFG7DQQu%2FoQMKAVPR4siICrBNe2wf5py6CI809ZozxUGy5Z%2Fjyc%2BASExXtmthnuHSeDGQunmWmEKOxgYEd8gAXZIRyRcDj9lueD8RSYeBTFISyBfh%2FlVqDcxgtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcd91d3f0c6d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 451 B
598 B 73ms
17ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:57 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 25 Jan 2022 20:42:57 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK style.min.js Show response
pronavigator.ru.xsph.ru/wp-content/themes/astra/assets/js/minified/ 10 KB
10 KB 51ms
51ms Script
application/x-javascript 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.7.3
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: ebb51a30ebffc3923af2d4c01b48fdb04dfbfc2ef2cab8d79049472b7a7ac3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
pronavigator.ru.xsph.ru/wp-includes/js/ 1 KB
2 KB 56ms
56ms Script
application/x-javascript 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H2

200

exUQRXRyml Show response
koiniom.com/affiliate/ Frame 75AF
Redirect Chain

https://www.koiniom.com/affiliate/exUQRXRyml
https://koiniom.com/affiliate/exUQRXRyml

18 KB
6 KB

178ms
150ms

Document
text/html

2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/affiliate/exUQRXRyml
Requested by: Host: unitraffic.ru
URL: https://unitraffic.ru/banner.php?user=170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7db76bafa79372e573e43c785a82eceef54c921d6dff6740edeffb0e2dffcada

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/

Response headers

date: Tue, 25 Jan 2022 19:42:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwBY%2BYvpKNxqYNInNjw%2BmlnVu4xC4xKQSRcjlCDBa3XAbaojD5l8%2FOnfOi8uM6W8ERiy%2BGnm6ilkFyiv9qfQP38BsEWDOsTgsz%2FgfWXqfwsKA621A3OH7TjKkl8DvjMPw%2BZQZiDWTRLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fcdb99fc929b-FRA
content-encoding: br

Redirect headers

date: Tue, 25 Jan 2022 19:42:57 GMT
content-type: text/html; charset=iso-8859-1
location: https://koiniom.com/affiliate/exUQRXRyml
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJ8TkTdS6%2FMkJC0DIyToH4cmsyiqCL%2FMiKYa7C4bftRkin2jn2hiOF5aG9ZbjWHKnpgKgNAGPac2wJ3HkKd6OoQtyKHr%2FbFjm%2FibetfywWiUAMAos9xOcWRpYOLu49niDNxsQattdds1jy1ONA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fcdae8a2929b-FRA

GET
H/1.1 200
OK 9f73748688a7554ad43da4c7aa932cf1.gif
unitraffic.ru/banners/ 8 KB
8 KB 70ms
69ms Image
image/gif 194.61.53.41
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unitraffic.ru/banners/9f73748688a7554ad43da4c7aa932cf1.gif

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.61.53.41 Muscat, Oman, ASN202302 (NETH-AS, UA),

Reverse DNS

Software

nginx /

Resource Hash

83b87363f0d9729f8345fe2754edc0cb73daf24e82f72b16b71a4115e1c390ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Last-Modified: Tue, 25 Jan 2022 10:55:54 GMT
Server: nginx
ETag: "61efd73a-1e7b"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7803
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo.png
unitraffic.ru/img/ 828 B
1 KB 137ms
68ms Image
image/png 194.61.53.41
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unitraffic.ru/img/logo.png

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

194.61.53.41 Muscat, Oman, ASN202302 (NETH-AS, UA),

Reverse DNS

Software

nginx /

Resource Hash

0cf9fb277578e649197b5ff942f81b45816f139a5bff53a7222d348a9b79da67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Last-Modified: Thu, 09 Dec 2021 13:30:05 GMT
Server: nginx
ETag: "61b204dd-33c"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 828
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 502 app.js
cloudfastads.ru/ 0
0 170ms
70ms Script
text/html 2606:4700:3037::ac43:c8ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudfastads.ru/app.js
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c8ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1 200
OK tizer.php Show response
netgaming.fun/js/ 2 KB
2 KB 1657ms
1121ms Script
text/html 195.62.53.232
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL

https://netgaming.fun/js/tizer.php?id=42&c=1&f=250&v=1

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.62.53.232 Moscow, Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.3.29

Resource Hash

4b535f8bec82cb333a96c52793c3edde48adc529d625a1084fe4c3bfd318d445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: http://pronavigator.ru.xsph.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.3.29
Strict-Transport-Security: max-age=31536000; preload
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK 2021-09-19_193910.png
pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/ 421 KB
421 KB 53ms
52ms Image
image/png 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/2021-09-19_193910.png
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 7d58e1b7573c886f08aae09def6a4912fd9c6a9c5ad243db9a771b7ab858e541

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK 2021-09-19_192506.png
pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/ 438 KB
439 KB 72ms
71ms Image
image/png 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/2021-09-19_192506.png
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 6656e3d8a83d42a73d64f4387e79412bc2980c87d4d78689c7dcba7d13b82f07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK 2021-09-19_110240.png
pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/ 163 KB
164 KB 91ms
90ms Image
image/png 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/2021-09-19_110240.png
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 8effca49167b29880429b8e2e411e6164f671307747d97afbf884927d040c086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1 200
OK 2021-09-19_062330.png
pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/ 526 KB
527 KB 120ms
119ms Image
image/png 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pronavigator.ru.xsph.ru/wp-content/uploads/2021/09/2021-09-19_062330.png
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 3fec1f057a14f978e9789d7a804564331166ec4a890f73d26eecb2dffe796654

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 01 Feb 2022 19:42:57 GMT

GET
H/1.1

200
OK

banner.php Show response
regionads.ru/js/ Frame 7EAC
Redirect Chain

http://regionads.ru/js/banner.php?id=785&f=728x90
https://regionads.ru/js/banner.php?id=785&f=728x90

2 KB
2 KB

246ms
71ms

Document
text/html

188.120.236.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://regionads.ru/js/banner.php?id=785&f=728x90

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.3.3

Resource Hash

77713847255224726ad2fa0a6f0cec968a2e93158d4b8bed8484193d6c7d53a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/

Response headers

Server: nginx/1.16.1
Date: Tue, 25 Jan 2022 19:42:58 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Strict-Transport-Security: max-age=31536000;

Redirect headers

Server: nginx/1.16.1
Date: Tue, 25 Jan 2022 19:42:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://regionads.ru:443/js/banner.php?id=785&f=728x90

GET
H/1.1 200
OK banner.php Show response
netgaming.fun/js/ Frame 3ED5 214 B
570 B 589ms
101ms Document
text/html 195.62.53.232
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL

https://netgaming.fun/js/banner.php?id=42&f=728x90

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.62.53.232 Moscow, Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.3.29

Resource Hash

1308dc88229ff056b6bc466e584c0d4a472d3c8ee8aec2479732e0dce98dae55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.3.29
Strict-Transport-Security: max-age=31536000; preload
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK 1zagluhka.php Show response
serfnets.ru/1/ Frame 38CD 14 KB
4 KB 204ms
203ms Document
text/html 2606:4700:3034::6815:5c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://serfnets.ru/1/1zagluhka.php
Requested by: Host: serfnets.ru
URL: http://serfnets.ru/getjscode.php?r=14269
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:5c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: 828e0333fcde027de199ae82246a934441d732e25e90c55d50e13b0cce538aa9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/

Response headers

Date: Tue, 25 Jan 2022 19:42:57 GMT
Content-Type: text/html; charset=WINDOWS-1251
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cs5fCLMZYDD01Tq2kT88uOFRxauiIfgjkq39hQaVn3Cysi9H599ReyzITDKfurbvsUeeUt%2FHnbAqvb2Bb1O77JoNNZfupj7jgMoEpi%2FUaYdYsnGvkyPYQgbLsh1%2FVBN1TPll7HwXDCCzJw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6d33fcdb781be720-EWR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

1359636 Show response
adbtc.top/r/l/ Frame 4892
Redirect Chain

https://r.adbtc.top/1359636
http://adbtc.top/r/l/1359636
https://adbtc.top/r/l/1359636

11 KB
5 KB

285ms
285ms

Document
text/html

2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/r/l/1359636

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/getjscode.php?r=14269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33828c84f61310692c9cf1471f27348d15b4c56068e901095b5d9bdbe071fafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oR1qnoNhTBVu9rYCNLTihqoegNIyVuPd2wQMe3jzNukJOUxB9Aadp6s6jL%2BEfC5XmWL5RFZlC%2BC76OGEo2z6%2FcFJeXHbsG4ieVHoQLL%2FjxzTRmwzlD06WDZf%2BBP5mfSRsYsRscyK80g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fcdd8c18191b-EWR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 25 Jan 2022 20:42:58 GMT
Location: https://adbtc.top/r/l/1359636
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qt1j%2FWds8xz9NX82AatO30Yit90L3WGhXCVqhfyQT4zX%2FWWg49qcOzJ%2FUPCn99LZfJx%2BsA3xMVhl8Wp%2BP%2FzwSThCnPV5tc51sckWuqJ86dYZnlTIKfmb1YfVO%2FD4ePu86Ig0d%2BDbhI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d33fcdcbbe991ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 468x60.gif
adbtc.top/promo/ru/ 200 KB
201 KB 351ms
119ms Image
image/gif 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/promo/ru/468x60.gif

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df24b0156c9d20107af8d71f7d507d70bf5e60d6d834b781de08b681e18d203

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 708
cf-polished: origSize=214921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 204513
last-modified: Tue, 24 Aug 2021 10:42:25 GMT
server: cloudflare
etag: "6124cd11-34789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBF6A6h1tM8kSvYQkvBhBu3vw8yP%2BWNc%2FoHTjfqqhwWvrn7yrE%2BPNrUlHnK1ZmVjq2gaufcnoxBSsze9ve%2Fc%2FOX3jqkZ8cZwfA7XLOlYRO09Y9CzUvLYw7jZTV5moa7P00oOT8DBzm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdcea56191b-EWR
cf-bgj: imgq:100,h2pri

GET
H2 200 sn.png
serfnets.ru/img/banners/ 1 KB
2 KB 105ms
51ms Image
image/png 2606:4700:3034::6815:5c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serfnets.ru/img/banners/sn.png
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5c26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e794145991dfe574aaec2d04e70490e3cadca529c8d3dbfc8092f5271b769e2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1190
last-modified: Fri, 09 Aug 2019 04:24:28 GMT
server: cloudflare
etag: "5d4cf57c-4a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QKtRTx5BljjeemZ01T6txKCW%2B8ieiaEq88WhHh3ib0nqWeIXBcS4wcE5uHrCN3%2Bqg6RTVMxqzr5xfO6ZsmE1UHwOuIm7b1Xvnrfq6LRVp7xp0Srms60VvmUuKI%2FtNISoljTXKWriKlU2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d33fcdb8ad5690d-FRA

GET
H2 200 OEV7O.gif
i.yapx.ru/ Frame 38CD 14 KB
15 KB 386ms
126ms Image
image/gif 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.yapx.ru/OEV7O.gif
Requested by: Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecfe440eacf8ad1cd0330000b3a801dbf60ea39bb95ff80a322da7639557526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020619
content-length: 14316
last-modified: Sun, 05 Sep 2021 20:27:39 GMT
server: cloudflare
etag: "6135283b-37ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7uvvWLgOjcyLjEThnL5BjM0VoFXxTJaNif%2F4HQtT8KV8ZZ7k9mDt0jMc0ru%2FJO3EkeWq6qzGB%2BktDt88sYMEDcZvbwV%2FbntU0FFX5eGzKbUJ%2F9vGwlAnY43DMNGhjyqKjIphOOxy%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcde7c400cd1-EWR
expires: Fri, 25 Feb 2022 16:12:39 GMT

GET
H2

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://paidtomoney.com/?r=oke_i@mail.ru
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://paidtomoney.com/?r=oke_i@mail.ru&size=16

441 B
1 KB

79ms
20ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://paidtomoney.com/?r=oke_i@mail.ru&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e289b4805f96410ffbe20237cdec3f73795f4ea3d46dbdd58eac5a3d6565c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 11:52:35 GMT
x-content-type-options: nosniff
age: 114623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 441
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 10:40:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://paidtomoney.com/assets/favicon/favicon-16x16.png
expires: Mon, 31 Jan 2022 11:52:35 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:31:33 GMT
x-content-type-options: nosniff
server: sffe
age: 685
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://paidtomoney.com/?r=oke_i@mail.ru&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 353
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:01:33 GMT

GET
H2

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://konstantinova.net/dogecoin/?r=D6c9jmNT1Fw8YkkaQUjMNVXVZsdJzfoEZX
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://konstantinova.net/dogecoin/?r=D6c9jmNT1Fw8YkkaQUjMNVXVZsdJzfoEZX&size=16

281 B
919 B

80ms
20ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://konstantinova.net/dogecoin/?r=D6c9jmNT1Fw8YkkaQUjMNVXVZsdJzfoEZX&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bcde6506cace78339df3937a5c823b04315428925f1a259e8c1e995a8ad677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 17:34:27 GMT
x-content-type-options: nosniff
age: 94111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 02:14:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://konstantinova.net/images/favicon.png
expires: Mon, 31 Jan 2022 17:34:27 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:35:01 GMT
x-content-type-options: nosniff
server: sffe
age: 477
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://konstantinova.net/dogecoin/?r=D6c9jmNT1Fw8YkkaQUjMNVXVZsdJzfoEZX&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 385
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:05:01 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://notimerfaucet.biz/doge/?r=bc1q3tyxkzu0nhfv4f0qqf7jceasv40c89y7xpl7t2
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notimerfaucet.biz/doge/?r=bc1q3tyxkzu0nhfv4f0qqf7jceasv40c89y7xpl7t2&size=16

512 B
1 KB

170ms
51ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notimerfaucet.biz/doge/?r=bc1q3tyxkzu0nhfv4f0qqf7jceasv40c89y7xpl7t2&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ff0c7a7c6d0a23e181ffbf669f8ccfbe885853c5786a0aa43e25f305a57583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 07:00:31 GMT
x-content-type-options: nosniff
age: 477747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 512
x-xss-protection: 0
last-modified: Sun, 06 Jun 2021 13:21:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://notimerfaucet.biz/images/favicon.ico
expires: Thu, 27 Jan 2022 07:00:31 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
age: 1012
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notimerfaucet.biz/doge/?r=bc1q3tyxkzu0nhfv4f0qqf7jceasv40c89y7xpl7t2&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 389
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:56:06 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://freebitco.in/?r=1733706
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://freebitco.in/?r=1733706&size=16

344 B
489 B

171ms
51ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://freebitco.in/?r=1733706&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caff971b82a1504ee3d93f8ac0e9127b5ea23083ba7057fc11af2a62ca4c537d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 18:27:55 GMT
x-content-type-options: nosniff
age: 522903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
last-modified: Thu, 16 Apr 2020 15:12:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://static1.freebitco.in/favicon.png
expires: Wed, 26 Jan 2022 18:27:55 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:15:18 GMT
x-content-type-options: nosniff
server: sffe
age: 1660
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://freebitco.in/?r=1733706&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:45:18 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://payeer.com/01465804
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://payeer.com/01465804&size=16

225 B
376 B

171ms
52ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://payeer.com/01465804&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f067b1e2ac0d717f68a735d260043bfa66fc9ec3da7e66dc4b84c5900bd5f7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 07:21:59 GMT
x-content-type-options: nosniff
age: 476459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
last-modified: Mon, 10 May 2021 10:48:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://payeer.com/static/icons/favicon-16x16.png
expires: Thu, 27 Jan 2022 07:21:59 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:29:50 GMT
x-content-type-options: nosniff
server: sffe
age: 788
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://payeer.com/01465804&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:59:50 GMT

GET
H2

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://faucetpay.io/?r=1430521
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://faucetpay.io/?r=1430521&size=16

312 B
449 B

80ms
20ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://faucetpay.io/?r=1430521&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2739f132ae00aaa3bdacd67ce1d3bb10751096b9c30c143a1dc3f1b4ac946932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:34:20 GMT
x-content-type-options: nosniff
age: 7718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
last-modified: Thu, 19 Dec 2019 08:48:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://faucetpay.io/favicon.png
expires: Tue, 01 Feb 2022 17:34:20 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:26:44 GMT
x-content-type-options: nosniff
server: sffe
age: 974
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://faucetpay.io/?r=1430521&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:56:44 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://satoshihero.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshihero.com&size=16

528 B
685 B

66ms
54ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshihero.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2cebb810f27d003af893d14b81efb9028c6f6f01e1bac16f3688b3affbe09c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 05:25:06 GMT
x-content-type-options: nosniff
age: 51472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 528
x-xss-protection: 0
last-modified: Mon, 12 Oct 2020 10:56:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://satoshihero.com/_nuxt/icons/icon_64x64.6aa4a5.png
expires: Tue, 01 Feb 2022 05:25:06 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:32:57 GMT
x-content-type-options: nosniff
server: sffe
age: 601
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshihero.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:02:57 GMT

GET
H2

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://iqfaucet.com?ref=79052
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iqfaucet.com?ref=79052&size=16

614 B
756 B

24ms
21ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iqfaucet.com?ref=79052&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f20dc3130552095a8548e4e25de6aaeea058a00b813d023be861a52bc9bc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 19:49:08 GMT
x-content-type-options: nosniff
age: 172430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 614
x-xss-protection: 0
last-modified: Tue, 17 Mar 2020 10:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.google.com/favicon.ico
expires: Sun, 30 Jan 2022 19:49:08 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:29:50 GMT
x-content-type-options: nosniff
server: sffe
age: 788
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iqfaucet.com?ref=79052&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:59:50 GMT

GET
H2

404

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://bitfaucet.app/ref/6et2w
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitfaucet.app/ref/6et2w&size=16

726 B
790 B

55ms
50ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitfaucet.app/ref/6et2w&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Tue, 25 Jan 2022 19:40:40 GMT
x-content-type-options: nosniff
server: sffe
age: 138
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitfaucet.app/ref/6et2w&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:10:40 GMT

GET
H3

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://www.bestchange.net
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.bestchange.net&size=16

712 B
737 B

50ms
22ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.bestchange.net&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c856c8ddcc4bdd24a9cb63b4a0675a26cd64e4ebabddf8e9d1ab8505d09fbc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 17:59:11 GMT
x-content-type-options: nosniff
age: 179027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 712
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.bestchange.net/favicon.ico
expires: Sun, 30 Jan 2022 17:59:11 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:29:50 GMT
x-content-type-options: nosniff
server: sffe
age: 788
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.bestchange.net&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:59:50 GMT

GET
H2

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://tfbitcoin.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://tfbitcoin.com&size=16

311 B
480 B

24ms
22ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://tfbitcoin.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463cb5cbe0711dce2b6e29902dbd3121fbd929ecc6fa9443f199a75b3fd82ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 18:56:51 GMT
x-content-type-options: nosniff
age: 175567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
last-modified: Thu, 07 Nov 2019 16:15:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://i6cdnimg-a.akamaihd.net/__media__/pics/468/netsol-favicon-2020.jpg
expires: Sun, 30 Jan 2022 18:56:51 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:24:25 GMT
x-content-type-options: nosniff
server: sffe
age: 1113
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://tfbitcoin.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:54:25 GMT

GET
H3

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://satoshimonster.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshimonster.com&size=16

505 B
530 B

50ms
22ms

Image
image/jpeg

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshimonster.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b7d11fec49123e2e112f602f7e9446eae6f44a49ef7f9d4ba083de38da2d921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 07:17:00 GMT
x-content-type-options: nosniff
age: 44758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505
x-xss-protection: 0
last-modified: Sat, 10 Oct 2020 02:15:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://satoshimonster.com/_nuxt/icons/icon_64x64.84a3f9.png
expires: Tue, 01 Feb 2022 07:17:00 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:23:20 GMT
x-content-type-options: nosniff
server: sffe
age: 1178
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://satoshimonster.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:53:20 GMT

GET
H2

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://claimfreecoins.io
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://claimfreecoins.io&size=16

264 B
414 B

23ms
20ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://claimfreecoins.io&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0ed18bcff661176dd7b5a8e602412192232ee40e4678fa8533e0df041d72e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:41:21 GMT
x-content-type-options: nosniff
age: 244897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
last-modified: Mon, 28 Dec 2020 15:24:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://claimfreecoins.io/assets/img/favicon.ico
expires: Sat, 29 Jan 2022 23:41:21 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:32:41 GMT
x-content-type-options: nosniff
server: sffe
age: 617
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://claimfreecoins.io&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:02:41 GMT

GET
H2

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://bitsfree.net
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitsfree.net&size=16

603 B
750 B

22ms
21ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitsfree.net&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fd7eb863f06c174b29103d540b29c0277bb55dee4bbd066f6dfb61d7ed88bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:01:34 GMT
x-content-type-options: nosniff
age: 2484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 06:02:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://bitsfree.net/assets/images/favicon.ico
expires: Tue, 01 Feb 2022 19:01:34 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:22:37 GMT
x-content-type-options: nosniff
server: sffe
age: 1221
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitsfree.net&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:52:37 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://cointiply.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cointiply.com&size=16

622 B
766 B

65ms
55ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cointiply.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a91b9fd2d87709dccef0c0e9f6826ba9542419d0cc097edcc346c32953b4cb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 16:53:13 GMT
x-content-type-options: nosniff
age: 528585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Tue, 13 Mar 2018 16:31:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cointiply.com/favicon-16x16.png
expires: Wed, 26 Jan 2022 16:53:13 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:33:49 GMT
x-content-type-options: nosniff
server: sffe
age: 549
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cointiply.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:03:49 GMT

GET
H2

404

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://cryptoscourge.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cryptoscourge.com&size=16

726 B
790 B

69ms
59ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cryptoscourge.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Tue, 25 Jan 2022 19:33:45 GMT
x-content-type-options: nosniff
server: sffe
age: 553
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cryptoscourge.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:03:45 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://free-bcash.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-bcash.com&size=16

479 B
633 B

62ms
53ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-bcash.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f4bafe9ddf3dc331e194e0ed1644f5d6b8c6a69207d62ae6f8ce14c9e5dd31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 11:39:05 GMT
x-content-type-options: nosniff
age: 374633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 479
x-xss-protection: 0
last-modified: Mon, 13 Aug 2018 08:34:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://free-bcash.com/img/favicon/favicon-16x16.png
expires: Fri, 28 Jan 2022 11:39:05 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:35:03 GMT
x-content-type-options: nosniff
server: sffe
age: 475
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-bcash.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:05:03 GMT

GET
H2

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://cryptounity.net
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptounity.net&size=16

288 B
435 B

25ms
23ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptounity.net&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6887f039dad2c09604efa22327e65f39a4f7a6266688367600248cfd94b1fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 18:24:13 GMT
x-content-type-options: nosniff
age: 177525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
last-modified: Mon, 26 Aug 2019 14:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cryptounity.net/images/favicon.png
expires: Sun, 30 Jan 2022 18:24:13 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:22:37 GMT
x-content-type-options: nosniff
server: sffe
age: 1221
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptounity.net&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:52:37 GMT

GET
H2

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://free-dogecoin.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-dogecoin.com&size=16

410 B
568 B

24ms
21ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-dogecoin.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9284569ca66fddba174d704cd65d1bfac788589ff05319fb36283c0261b15bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 13:04:28 GMT
x-content-type-options: nosniff
age: 110310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 410
x-xss-protection: 0
last-modified: Mon, 01 Apr 2019 14:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.free-dogecoin.com/img/favicon/favicon-32x32.png
expires: Mon, 31 Jan 2022 13:04:28 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:22:37 GMT
x-content-type-options: nosniff
server: sffe
age: 1221
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://free-dogecoin.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:52:37 GMT

GET
H2

404

faviconV2
t3.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=https://dogecoinfree.info
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dogecoinfree.info&size=16

726 B
786 B

111ms
70ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dogecoinfree.info&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Tue, 25 Jan 2022 19:14:46 GMT
x-content-type-options: nosniff
server: sffe
age: 1692
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dogecoinfree.info&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:44:46 GMT

GET
H2

404

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://faucetlite.net
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://faucetlite.net&size=16

726 B
790 B

55ms
53ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://faucetlite.net&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Tue, 25 Jan 2022 19:16:22 GMT
x-content-type-options: nosniff
server: sffe
age: 1596
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://faucetlite.net&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:46:22 GMT

GET
H2

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://free-litecoin.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-litecoin.com&size=16

331 B
482 B

25ms
22ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-litecoin.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585afee12b1f454ed160df91b41195e638d3611d50e49452d563cbdf611b4b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 05:49:15 GMT
x-content-type-options: nosniff
age: 309223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 331
x-xss-protection: 0
last-modified: Wed, 11 Apr 2018 00:43:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://free-litecoin.com/icon/favicon-96x96.png
expires: Sat, 29 Jan 2022 05:49:15 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:35:44 GMT
x-content-type-options: nosniff
server: sffe
age: 434
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-litecoin.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:05:44 GMT

GET
H2

200

faviconV2
t1.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://litecoinfree.info
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://litecoinfree.info&size=16

525 B
682 B

64ms
54ms

Image
image/png

2a00:1450:400f:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://litecoinfree.info&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:400f:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3528057ed6f6e5ef6d921c1eda6c1f2ca0524c33c83619143967a8bb6c7e4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 12:23:53 GMT
x-content-type-options: nosniff
age: 458345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 525
x-xss-protection: 0
last-modified: Mon, 26 Nov 2018 03:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: http://img.sedoparking.com/templates/logos/sedo_logo.png
expires: Thu, 27 Jan 2022 12:23:53 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:38:17 GMT
x-content-type-options: nosniff
server: sffe
age: 281
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://litecoinfree.info&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:08:17 GMT

GET
H2

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://cryptoarea.net
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptoarea.net&size=16

348 B
493 B

24ms
22ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptoarea.net&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c24ce8f607863ff5da50f2b78980620e2167efdacc67966aefa32687a59473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:55:47 GMT
x-content-type-options: nosniff
age: 35231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348
x-xss-protection: 0
last-modified: Wed, 24 Apr 2019 22:20:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cryptoarea.net/images/favicon.png
expires: Tue, 01 Feb 2022 09:55:47 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:16:22 GMT
x-content-type-options: nosniff
server: sffe
age: 1596
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cryptoarea.net&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:46:22 GMT

GET
H3

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://free-ethereum.io
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-ethereum.io&size=16

636 B
661 B

30ms
19ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-ethereum.io&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b383a3cbcabeeab544d3edc3c5627201fab79393bbf21ed8b9501e07f9cb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:34:20 GMT
x-content-type-options: nosniff
age: 468518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 636
x-xss-protection: 0
last-modified: Fri, 12 Jul 2019 11:53:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.free-ethereum.io/img/favicon/favicon-16x16.png
expires: Thu, 27 Jan 2022 09:34:20 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:33:49 GMT
x-content-type-options: nosniff
server: sffe
age: 549
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-ethereum.io&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:03:49 GMT

GET
H3

404

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://ethereumfree.info
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ethereumfree.info&size=16

726 B
742 B

66ms
54ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ethereumfree.info&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Tue, 25 Jan 2022 19:39:36 GMT
x-content-type-options: nosniff
server: sffe
age: 202
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ethereumfree.info&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:09:36 GMT

GET
H3

200

faviconV2
t2.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://panel.bither.one
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://panel.bither.one&size=16

277 B
302 B

32ms
21ms

Image
image/png

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://panel.bither.one&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc65023d4deb88baecbbdb120eba46e1fbc212166e4f5d1b88d1202195e31dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 10:59:05 GMT
x-content-type-options: nosniff
age: 31433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 277
x-xss-protection: 0
last-modified: Sat, 01 Sep 2018 04:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://panel.bither.one/themes/vendors/images/favicon.png
expires: Tue, 01 Feb 2022 10:59:05 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:28:43 GMT
x-content-type-options: nosniff
server: sffe
age: 855
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://panel.bither.one&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:58:43 GMT

GET
H3

200

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://free-monero.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-monero.com&size=16

520 B
545 B

31ms
20ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-monero.com&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6278df87642b01807265db5f83352ef922dfd458727b7972af0389ca1a5718af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 10:46:20 GMT
x-content-type-options: nosniff
age: 32198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520
x-xss-protection: 0
last-modified: Thu, 12 Sep 2019 23:17:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: http://free-monero.com/img/favicon/favicon-16x16.png
expires: Tue, 01 Feb 2022 10:46:20 GMT

Redirect headers

date: Tue, 25 Jan 2022 19:15:22 GMT
x-content-type-options: nosniff
server: sffe
age: 1656
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://free-monero.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Tue, 25 Jan 2022 19:45:22 GMT

GET
H3

404

faviconV2
t0.gstatic.com/ Frame 38CD
Redirect Chain

https://www.google.com/s2/favicons?domain=http://ripplefree.info
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ripplefree.info&size=16

726 B
742 B

63ms
51ms

Image
image/png

2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ripplefree.info&size=16

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Tue, 25 Jan 2022 19:39:36 GMT
x-content-type-options: nosniff
server: sffe
age: 202
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://ripplefree.info&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Tue, 25 Jan 2022 20:09:36 GMT

GET
H/1.1 200
OK 1559674 Show response
ad.a-ads.com/ Frame D8E1 6 KB
2 KB 58ms
25ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1559674?size=320x100

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

HTTP/1.1

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

node-9.1-208.17.202.149.vistnet.net

Software

nginx / Phusion Passenger(R)

Resource Hash

55cde2db7340f6e61b1080f59fb88cb842482e9c529d830332b3537f1112df6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/

Response headers

Server: nginx
Date: Tue, 25 Jan 2022 19:42:58 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://serfnets.ru/
Content-Encoding: gzip

GET
H/1.1 200
OK 01224350
payeer.com/ Frame 3723 0
0 156ms
53ms Document
text/html 149.202.17.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payeer.com/01224350

Requested by

Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.202.17.208 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

iCore Proxy Module /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/

Response headers

Server: iCore Proxy Module
Date: Tue, 25 Jan 2022 19:42:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

GET
H2 200 / Show response
faucetpay.io/ Frame 3FD5 17 KB
5 KB 202ms
153ms Document
text/html 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/?r=1569530
Requested by: Host: serfnets.ru
URL: http://serfnets.ru/1/1zagluhka.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 603e6f6a3f90e3444e3e84e033b73e51c1885991d9f0c613dbeee1dddb2b8e9f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://serfnets.ru/

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
allow: GET, POST, HEAD
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut5afAaM0NZKftsmF9lc2%2BTg2WmmV4u%2BNYbSxegE8TePjKVP6zPBJ1sl829qrv18qTWt7MAqfJSmTRfcQh5JhOHrH2vJNOG8XdFlf3qbITgZF%2BwPh1tX%2B3jY1A%2FmB2mVop2nFr%2FrhEV7gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fcdced4c92a7-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bundle.min.css
koiniom.com/assets/css/ Frame 75AF 176 KB
34 KB 78ms
78ms Stylesheet
text/css 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/assets/css/bundle.min.css?v4
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fd3ed45e15e847cd52fa11e4da051f19e0e10cebbf7a558dcdb202752f0bec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 15:07:21 GMT
server: cloudflare
age: 2060
etag: W/"2c0c4-5d669711a1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F3eRSuUJ6Wa9ZsiQmSFvi80xurRUQodulMPO11vwULqtXTLRUuP0Z4cPwDWmXzfyAVUGMBXPkEk9SEKGHroeqXVd5%2BjWV69Aw%2Fi8h12uyk5aVQ4%2FkWdBoZKMZNlq8g1HRWfmxaubc8U"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcdcbd11929b-FRA

GET
H2 200 style.min.css
koiniom.com/assets/css/ Frame 75AF 43 KB
11 KB 71ms
71ms Stylesheet
text/css 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/assets/css/style.min.css?v4
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0238140ce401844c7d80e58c49be7c3ef7d6baa5a2fe4fd6eab1072922616bc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Dec 2021 17:32:20 GMT
server: cloudflare
age: 6754
etag: W/"abfa-5d3bf80ff9100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK%2BEVMUrSDRoOkoYHSsEuofqtng2RMxpOJJowFZCista71R27Dx6cTYZeAEZ1OcIXIQ7A6OlPpMEi51QdVH1OSO8y8Zjd7TIh%2FVjdZvfORSyytH%2BI4QPYmlSYhv7tZcKmjg69qL6d%2FPh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcdcbd19929b-FRA

GET
H2 200 api.js Show response
koiniom.com/cdn-cgi/bm/cv/669835187/ Frame 75AF 35 KB
9 KB 27ms
24ms Script
text/javascript 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://koiniom.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ncihis74D972Vta3kCAcHe%2FfPltZRvwlomENAEgQvueQurHlAKY877fiKpdDXufirUA620rJVWH57R3veDI0oFnJ5gLRRZswKujEjHjFJ1akgtIXvtJTuk1X9ue8NG8I9MXwV2kEia3%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6d33fcde7932929b-FRA

GET
H2 200 language.png
koiniom.com/assets/img/ Frame 75AF 1 KB
2 KB 34ms
31ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/language.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872f094374975a5f210553abf38400e189bc2ea7a27c8f6ee927274803f2faea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6754
cf-polished: origSize=1893
content-length: 1338
last-modified: Fri, 05 Feb 2021 07:39:21 GMT
server: cloudflare
etag: "765-5ba91eb1b1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShtqTgzhzcNC6Xi1qSz%2Fbp%2FkRLqo2rzXQYkhB%2BUMDK%2Bq7D6QuMCtM4m6lYaHl94bNAVWdsKgvlEmtjeLrL%2Bdv8oP4YhkmfhenUvIg5M1AEoQvL86kl1S5WS4%2BUp%2BD%2FJ1rezWvoa08dum"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcde7934929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 koiniom-logo.png
koiniom.com/assets/img/ Frame 75AF 7 KB
7 KB 57ms
54ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/koiniom-logo.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a44ed9e4ff95154780299df75d9e4aa8a2b8c18e6b5bcdbb0aa0976091afd0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6754
cf-polished: origSize=10666
content-length: 6957
last-modified: Fri, 05 Feb 2021 07:39:06 GMT
server: cloudflare
etag: "29aa-5ba91ea363a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMrPbykunSYQ5RKUkXlY1H9BwTf25KKSEuiZ7WKgS%2FQnYARpkWzd62xbwqi2koNuDKej3Dlvei86lLHbmTpXzxVcgkN%2FalTdcmmJG4CwE4eYT%2BsqBlWHbOoQyVia7Bu2FPYl4IYt4jew"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcde7937929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 btc.png
koiniom.com/assets/img/ Frame 75AF 1 KB
2 KB 31ms
31ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/btc.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7064a1ad075624b6733908622c50c4b0fe2df87b37c920bf624ef967d6b39b40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6750
cf-polished: status=not_needed
content-length: 1429
last-modified: Fri, 05 Feb 2021 07:38:57 GMT
server: cloudflare
etag: "595-5ba91e9ace640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueAm%2FcO8pio3iHksMM3X6A4Zcki12jsutveYX4%2Bm8uVHya7s6ROjFDKE1KfHiO6pPty1odZOutxVyMgnRFg7pfRJ%2FYlP8aN0ePU0xTRF6DaswSKeYv12BkUnU4YtBR3IyDluh30auvtQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcde9984929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dash.png
koiniom.com/assets/img/ Frame 75AF 9 KB
9 KB 30ms
30ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/dash.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a85663606dd6023f65796d989f65853ed3d45b4072b9c405bfd7a9aa0981c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6750
cf-polished: origSize=15955
content-length: 9345
last-modified: Fri, 05 Feb 2021 07:39:18 GMT
server: cloudflare
etag: "3e53-5ba91eaed5580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi9Ju3G1AvV0cs51qwlgUfkGNAVM6OUyN01SNA8dM7OfL5vrx0ARpAiOVQOrbW8wrggee%2FnMeKbYmsfebFwolQcXv80%2FyYOha26dQluJWatQXJpYCF1mKKTaXmHWykDLgvn2WX9EA8u9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdea9a2929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 doge.png
koiniom.com/assets/img/ Frame 75AF 14 KB
14 KB 40ms
34ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/doge.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0ac537bc5b296b19a3755c9edf9e149c87db95a3fa749062eeff7b79989f9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6750
cf-polished: origSize=13912
content-length: 13900
last-modified: Fri, 05 Feb 2021 07:39:00 GMT
server: cloudflare
etag: "3658-5ba91e9daad00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAXvYvAn7oUZMYw0Bc2EdfMLJATsqjIe1Vrw4%2FVJ85mtMI9IvUM4SjK20bCY6dsrAeHQZdjUpCuX2EAo0gLYJ4hYQCqk9cZYCCJ4xdftVmeCRUmrNAqaTVaJcRH0ZYH3K5U1K2eCj3l1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcded9f1929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 eth.png
koiniom.com/assets/img/ Frame 75AF 1 KB
2 KB 45ms
43ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/eth.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9d39cb9d0907bd8af74af43f2cf3657715b39746f93e0dcb686958af90341b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6754
cf-polished: origSize=2291
content-length: 1350
last-modified: Fri, 05 Feb 2021 07:39:03 GMT
server: cloudflare
etag: "8f3-5ba91ea0873c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSi6wL3w0tYQk2pRdOodhhShYFmx%2FimN7%2BWdzccgTPSS4ALIZgLzykbmPSeW9OKUH9nnbenQe0Hs0Pe0anYjj2zqmfHQNkqLccoFxTkf8Rf478MIO3PgTlCu%2B4lGobbkV1cE7A6C4jO4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcded9f2929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bch.png
koiniom.com/assets/img/ Frame 75AF 1 KB
2 KB 30ms
28ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/bch.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e85bcf287b5fa0317dc16038e69e43c87f31a091a1cdce55ddf4260c8539faa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6754
cf-polished: status=not_needed
content-length: 1392
last-modified: Fri, 05 Feb 2021 07:39:11 GMT
server: cloudflare
etag: "570-5ba91ea8285c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuJ91o6afVRupdKIt1u0U4XDp%2FMD3nLA9L65tq08xG9RJabRGRvR5iljgdNV8%2Fk51JjqFH4lnVKm2iEcdvJ7LRyieIBau4wRq85Sv%2By%2BhddNzX38j3oguFZH7fbBS5Q1DASPecA9pEnm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcded9f3929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ Frame 75AF 83 KB
27 KB 91ms
31ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js

Requested by

Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88aa3cf929b662819d8d97c645e03bec71afe08c3f03de10ce42cad969736f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 14:36:49 GMT
server: cloudflare
etag: W/"7ca4acc37220306a2f029796dea9c45e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: FRA56-P4
cf-ray: 6d33fcdedc9e90b5-FRA
x-amz-cf-id: F8IHIGExnhqg-jgkohs8yuVyb0M2HllbgOLRvGuGFrSTQsb2kAL0xg==

GET
H2 200 challenge.script Show response
api-secure.solvemedia.com/papi/ Frame 75AF 728 B
727 B 356ms
113ms Script
text/javascript 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-secure.solvemedia.com/papi/challenge.script?k=oGt2xSE2v9M-aQ7F-51-VxfxBMJxsXeQ
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 84297dcf3e34bbdd246307dc049eb8b3dafaf0ce09810f376c01cf1fe74a53e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-ac-origin: aws-us-east-2-prod-57
cache-control: public,max-age=86400
expires: Wed, 26 Jan 2022 19:42:58 GMT

GET
H2 200 footer_icon_01.png
koiniom.com/assets/img/ Frame 75AF 2 KB
3 KB 44ms
42ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/footer_icon_01.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285e3e36490c28d9025f176daafc979c447fea38fc1334bebb78e40063f235c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6750
cf-polished: status=not_needed
content-length: 2398
last-modified: Fri, 05 Feb 2021 07:39:13 GMT
server: cloudflare
etag: "95e-5ba91eaa10a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQ6qBTezkAiREBi7RJo83zfUjnUNYFSf%2FieqkhdqhgIJBoyIaoazN8CNx4e1nYyIqkztf5N1LlisXwl4DILEjqEKUM9x6Rhk%2BzMmCze1UFJk5SKNrK6yWubjzw5BC364J%2BPI%2BVfS5HHf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcded9f6929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer_icon_02.png
koiniom.com/assets/img/ Frame 75AF 3 KB
4 KB 49ms
48ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/footer_icon_02.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ed2aadb69b5b54bf79f4584fee18b526bbd89fae4fb36b8a4c704a100b929c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6749
cf-polished: status=not_needed
content-length: 3156
last-modified: Fri, 05 Feb 2021 07:39:12 GMT
server: cloudflare
etag: "c54-5ba91ea91c800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn2YyzMsColesaEmfQGka%2BGaZ7YpJBSc1rzIflKslayGP6lfqegTb%2BE1VwhpmFeUciQwG%2BniXE%2B9nnhOXH6HfAPc%2BdZasycW9ZA%2BCmghv%2Bh8b9NywCc81Av2%2B5mZsaqs867M7ufE830E"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdeea10929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dmca-badge-w150-5x1-10.png
images.dmca.com/Badges/ Frame 75AF 5 KB
5 KB 54ms
16ms Image
image/png 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca-badge-w150-5x1-10.png?ID=4f8abc00-406e-4027-a60e-6f273f4f8cae
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: c175377a88f43eee8d84655fa584dd98fd87abbbb608e124e89e62b4e57b28ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
server: nginx
x-powered-by: ASP.NET
etag: "51f8af3aace6d11:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/dmca-badge-w150-5x1-10.png>; rel="canonical"
content-length: 5088
expires: Thu, 24 Feb 2022 19:42:21 GMT

GET
H2 200 email-decode.min.js Show response
koiniom.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 75AF 1 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://koiniom.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:58:45 GMT
server: cloudflare
etag: W/"61e83535-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQiFKhwXSXI0Wo4RnzHnIrc55PqB85ncyP7FQD0cuUIBDaMyP18%2FNfwF%2FlBZXrtQBPB2jOERFijuK8FM6VNSKnHaPFC81Z0vmjMXOEaMJz%2Fmlrjn9M6wVI7XfoJ05t7v1WGYWDaHVDPD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcde7920929b-FRA
vary: Accept-Encoding
expires: Thu, 27 Jan 2022 19:42:58 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 75AF 465 B
633 B 57ms
17ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Thu, 24 Feb 2022 19:42:45 GMT

GET
H2 200 cookie.png
koiniom.com/assets/img/ Frame 75AF 2 KB
2 KB 40ms
40ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/cookie.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a163777b9826fe324b6ff188d0fbc58103df0f44fe297d326bb876c730e219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7062
cf-polished: origSize=2211
content-length: 2162
last-modified: Wed, 22 Dec 2021 17:02:01 GMT
server: cloudflare
etag: "8a3-5d3bf1493d440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ8ySluL0p5oDztQpaCGUbKCz%2BeCUWodbmVd%2FQR4WtRFLFfOgHYyvxWij2OCEDGLgOVsawx4Z7sX5kQYhftWoIAdSnQpoCa6Fo19YuMSc2r9TheubghAFfqUo1%2BvHrFjldwY5Ubs60he"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdeea12929b-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 vendor.min.js Show response
koiniom.com/assets/js/ Frame 75AF 206 KB
69 KB 41ms
38ms Script
application/javascript 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/assets/js/vendor.min.js
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3059766c91fa56722c4421c1d59c542dd28d454241797483f0f437e6e10f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 Nov 2021 16:45:22 GMT
server: cloudflare
age: 6759
etag: W/"33854-5d20448860c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g%2FKuASKULJqW9c1pj7GmBRRFPwy3xEmNLOsnofmplF%2BwF19tTGOsGAOUB5NklK0h%2BG8qxTtl0HyzucslFq8RXg6kYUyHZtCKWsAHUuG2dnn4dnkSvHR36%2FBLyl%2FcaUl3PY87xqUMcQh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcde792c929b-FRA

GET
H2 200 script.min.js Show response
koiniom.com/assets/js/ Frame 75AF 13 KB
4 KB 58ms
55ms Script
application/javascript 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/assets/js/script.min.js
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc802a608e162626bcea59db90f1d49cde7515df7d98cc1a8d91d0aa5e55ce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 12 Dec 2021 00:20:19 GMT
server: cloudflare
age: 6749
etag: W/"32b3-5d2e7ebce56c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwE5P8Q4thmdwHD2IR6yB5o%2BXZ%2FL3Y5u6bNydZwBGBoCf74J%2B9VfM%2FBuepA8OlSro%2BzPELe7A2XT0TKnrfSv8TA6wZDeYSriX2uGGnkGUM3YK3jEM9qfG98tpAOUZYWIEshLG4NkDn2j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcde7930929b-FRA

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/118228/ Frame D8E1 626 KB
627 KB 50ms
20ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/118228/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/1559674?size=320x100
Protocol: HTTP/1.1
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7bb595354c4eec14edc4f055dfb292f2c01fc8fa70c7ce2b2605839db60f8da6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx
x-amz-request-id: NHVGDM6HFBKSPDZV
ETag: "b37082cc6f79951ba28516389669c591"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 641048
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 2KGpwIvAcGtXpId2eTrjogxq09OOI0B.
x-amz-id-2: e6JwWULl+JKwic/F5iDd8v7e2IwFqjnKNdRS58iPMpKOzwiT7uN4/ttE+23NrE1oLv1XLwe4Ea8=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 75AF 12 KB
1 KB 186ms
70ms Stylesheet
text/css 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Requested by

Host: koiniom.com
URL: https://koiniom.com/assets/css/style.min.css?v4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7970e02328278a9b2a3238b99033d8a7d06f64d1d9830b56b250e5a7571a7f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://koiniom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:20:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 19:42:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 19:42:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 75AF 8 KB
713 B 205ms
89ms Stylesheet
text/css 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;700;800;900&display=swap

Requested by

Host: koiniom.com
URL: https://koiniom.com/assets/css/style.min.css?v4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bde3616f323e23d28d4d6d10c02507a4d9a4f27da71739b08ecc1c662705a0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://koiniom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:25:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 19:42:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 19:42:58 GMT

GET
H3 200 tEFaMMSDDYP9m-Nej7N5D7nr8i8.js Show response
faucetpay.io/cdn-cgi/apps/head/ Frame 3FD5 6 KB
3 KB 164ms
132ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/cdn-cgi/apps/head/tEFaMMSDDYP9m-Nej7N5D7nr8i8.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea51e396f58dedd56bf3d3620e93ebfd28bed0bbce9cc3f4b81eca29165c599d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1774348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EJ31Y6D33080ESN5
x-amz-id-2: /c+EnvFHym6fy4Dy6E1ezqr+llL1GNJI3GQ6/lFFZqJXhu+10Gh9DzSHMt7U3FPTNE5y0TvjhXk=
last-modified: Thu, 26 Mar 2020 17:21:57 GMT
server: cloudflare
etag: W/"0f8ce954ee376feac07b058cfe7f81e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDyKRFokja2KlEtD0VCSBTtYaHgcM6PeJcjw5Y9UkGMg6hiLNeRTC7JdXgtpVbK0IYu%2FHJsIY6an2HZy%2BwO8mTapzrwpu3QE%2F3VF%2FTG%2FtR2AA5eARvahqCrbC3pbG3mBojARcoURBWWAmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tpx0P01JqG4vx095fQsWjCSqIcAl.0HC
cf-ray: 6d33fcde2871698f-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 3FD5 10 KB
829 B 94ms
93ms Stylesheet
text/css 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Requested by

Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:20:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 19:42:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 19:42:58 GMT

GET
H3 200 all.min.css
faucetpay.io/dash/lib/@fortawesome/fontawesome-free/css/ Frame 3FD5 54 KB
12 KB 162ms
130ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/@fortawesome/fontawesome-free/css/all.min.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
age: 775
etag: W/"5edd86e6-d747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seO8kncGYv8Qhm%2FIHIbhVl5pnj8IxwEZrx4a7JozViowazpgppBznCzROsAN28ciJE9kmjQaefsCh2bcwDHgONjcoBIcuMpMDzGjGqdEmOwHcxDfEBEne3kynEr%2FhLY88KksmzhvKIZ0Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcde286d698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ionicons.min.css
faucetpay.io/dash/lib/ionicons/css/ Frame 3FD5 45 KB
8 KB 86ms
54ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/ionicons/css/ionicons.min.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 301f107374438c9df0fa7a66c742925ec4fd223483649c8877294b4cdf52cab5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-b5fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCdKI7OPkJCyBNAtuKuFUTxc1l9UPGk5A53b6WcKGsTNXhtTODkPG%2FY0fyBTytqeaRrPbaZuj4w1Puhj6Zm5aSTTlchU1ag8b%2BDAR0aYywtNkxA4oZb4cfc5MyuSbDHVeCVObBApjh9J8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde2869698f-FRA

GET
H3 200 jqvmap.min.css
faucetpay.io/dash/lib/jqvmap/ Frame 3FD5 613 B
811 B 160ms
129ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/jqvmap/jqvmap.min.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d26b3f38f5adcf544dcb92bd5ef604d67ac7300a28f7f8b072ae0e9f555a3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-265"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIW2R3nvZGSGmrbJeL6xGgq111WMxoO9X%2BSlz3RHF19m%2BjKaQHB4bgnLBz9e%2Bpq%2B1F04qVWaHtFVbtKRkogiunSTcfpDp1BwNGjSfUkL5uuc5RMWGNv754CVIMgTQV49Z7sX4H2w%2Br7wEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde285c698f-FRA

GET
H3 200 cryptofont.css
faucetpay.io/Assets/cryptofont-1.2.0/ Frame 3FD5 42 KB
6 KB 84ms
53ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/Assets/cryptofont-1.2.0/cryptofont.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3352b88711d68ef9814b9a5622007661cdace3ac14e2401cafd6fb3c967d146a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Jul 2020 01:41:46 GMT
server: cloudflare
etag: W/"5f07c75a-a911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9sFvUbylBFNVr%2BetWT4Z0yP%2F3gbwPh%2BLq1pEp0niMmCmMv8rrhkVn0%2BNXkdw2obWATm166lWc7eDUq3MlI8lGgUzMctQeQ1IjmYfWVe6AsAmrY40uT7f6y5LLxZGEFhUXq1Eh3CScQVcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde2862698f-FRA

GET
H3 200 jquery.dataTables.min.css
faucetpay.io/dash/lib/datatables.net-dt/css/ Frame 3FD5 14 KB
3 KB 158ms
128ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/datatables.net-dt/css/jquery.dataTables.min.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f272d63ccd69f5a7c736fa4c04ce5b0006f8435f2503c771c0539a94a4b0039

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-3671"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9uByf05DleaNzYqvyjO2CvOFMyE452TmqW8%2FV9BhIzcF3tW19%2Fc1VZ4ERAwOEPF207tlOTw9UoJD7K6D0KHl5jf1p5VyUnNfwzmt6Hu%2BmmdLTja8OTZ9ZYMr36I56u2hJtzLhD5YE0DGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde2859698f-FRA

GET
H3 200 responsive.dataTables.min.css
faucetpay.io/dash/lib/datatables.net-responsive-dt/css/ Frame 3FD5 4 KB
1 KB 160ms
129ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/datatables.net-responsive-dt/css/responsive.dataTables.min.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec1d2032daf47da420abf0f0e67ab2654648aabdda55e89e6da392b6158c382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-f59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d8ifAx10X6P9KYMNPJCRmWksZbXV8Ozr7dYp6ufAohJtRRoCDGcIkWjpe9XOdgDGzF9jR3KoOKk9%2ByKNwDbYikeHdD9tzOzN3gS8AF6nW9vg6W1GTe2tGIzcXAqlCVGcTsJHjrJRhfV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde285f698f-FRA

GET
H3 200 dashforge.css
faucetpay.io/dash/assets/css/ Frame 3FD5 1 MB
103 KB 103ms
73ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/css/dashforge.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc8fcd19a30247f495287a54677b9cad4399290ee49996fb3eed74124744ab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
age: 775
etag: W/"5edd86e6-10e3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryBv%2BsDVBL1pd8eBmcPPUMfAeO0FV9iV8A7fx2I4CelNpf%2Bbi%2BEuWJtIohVz62gVY25O0KKawdGfQuj5vyDzHlJPZClpwxlVZs3d4WunRyFnlgh8o0HRjD0ilqCe4t%2BVr1NErYYpPZAHGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcde2857698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dashforge.dashboard.css
faucetpay.io/dash/assets/css/ Frame 3FD5 10 KB
2 KB 82ms
53ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/css/dashforge.dashboard.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74fabab9aa073e8686526c0cd9c5b6667a754d31b072c2fa87fe987524a6e2be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-2607"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzRW6Htc2%2BF0WcTXc1nqR6pkZTDXaG41UxQBXl2Jt2jaQCVwyn%2BsvjZmmCoKFv%2B%2BbK7PzrShWkoCAqiaTOzJ7XPp2mvZsEiWUgzN7VstMr%2FQ11%2BKiDboCXY46U5suvarjTSjU726BLh5Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde2845698f-FRA

GET
H3 200 dashforge.demo.css
faucetpay.io/dash/assets/css/ Frame 3FD5 9 KB
3 KB 127ms
98ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/css/dashforge.demo.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b741c90a1cc0910266d8a13e0199c871bbe42b71d84802fc7b236cf388f127d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-2249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YshX2%2BNW3llPsrMvS%2Bs3nDYh6%2FeqXN%2B7%2FNvZkoQWbNoShrpdCQgCWjDUxjP%2FDX%2FOKM45geVcDYoMhHy22PzpDBJNmOQFZqb%2FgKKIFvxsthi23jsoRq%2BUAmF1r%2B3TcRiTtijsokXVVcUPGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde284e698f-FRA

GET
H3 200 skin.cool.css
faucetpay.io/dash/assets/css/ Frame 3FD5 1 KB
919 B 83ms
53ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/css/skin.cool.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b2a6efecfbb4a892d5a132aa7abe9dde12d7e722ba5d584ca869247d1cc845

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbzJT8M1e9H4JVmK47h0qPq47i6qqhMc86ixRkRftE5TNLeZo%2Fyn1tkONhOiUqnLsMnXNhkbvpfBiLTHMEow4nesIVLrCT76Jb7UkcTCctQeJkH60b2fpQvfUCuQqwO%2BwLAXal0BiGoKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde2855698f-FRA

GET
H3 200 custom.css
faucetpay.io/dash/assets/css/ Frame 3FD5 10 KB
3 KB 168ms
138ms Stylesheet
text/css 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/css/custom.css
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4135a6a9f533e8fc47f5a2084e1faf439e4153916e8ceadbdbbf2ce67d70515c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 Nov 2020 05:47:28 GMT
server: cloudflare
etag: W/"5fb21270-2803"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28VIgli6P%2B6x3zFLlCDULXS%2BPsQAIKKN77g7w1Tf2T8wzIb1VrKJAB7sMF1HkqVEsF9w0SWQAP6MivCBNWQweHlg7bXsoZDE6NU1GAfaEn9F5SXTy8u3P5uCb6jo%2ByVb9qWb%2Fl3ZpUbB8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d33fcde2873698f-FRA

GET
H3 200 faucetpay-screen.png
faucetpay.io/dash/assets/img/ Frame 3FD5 234 KB
234 KB 108ms
106ms Image
image/png 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://faucetpay.io/dash/assets/img/faucetpay-screen.png
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5e9af893a48200ab8085f9229c50a13c8d0961586e24638ce68bf3b9736396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
allow: GET, POST, HEAD
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
age: 806
etag: W/"5edd86e6-3a621"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZhnnnUcGEDGwwQVotEPyGHsv8FAW0uCXR4R7LvOmqtlvnMELXJaqoMKGF6GfAKDssQXJWroBJ%2B0LznoQGXbGhbUvvyZCRQadZ6THgpfx5pJht7Nrkq5Hk56WmoqEPqnkepxG8PLTDm78g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcdf2ab1698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
faucetpay.io/dash/lib/jquery/ Frame 3FD5 85 KB
31 KB 104ms
104ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/jquery/jquery.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
age: 775
etag: W/"5edd86e6-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udNjiLZrckG4fbwRpd%2Bq4MyIRe%2F5B1x0PDD97jsgcD29ACk%2FI0VOiDDYsbolSA9D15fMRaY1N%2Fp%2FtBvD7vIGMvW73OEw0aiK9AljfXodfXfDBgCOhWdajGXIbhvegtxd7WhDKFuMCBD8mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcdf1a7a698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap.bundle.min.js Show response
faucetpay.io/dash/lib/bootstrap/js/ Frame 3FD5 77 KB
23 KB 39ms
37ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-1332b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mbd%2B0s3ljqPxz3zhkxbgjUUa3GxHu%2BQHtVcLbmUq199EMySMxeCvMY1WrfUnJopmeYq6RCaIR4p%2FllOynn%2Bt9pkv0wsQremYoxqOyRTVU1QHnbYZ%2BcYj8sB%2BCG1rjhgOrj0NJlyZLGHseA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2a96698f-FRA

GET
H3 200 perfect-scrollbar.min.js Show response
faucetpay.io/dash/lib/perfect-scrollbar/ Frame 3FD5 18 KB
6 KB 58ms
55ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/perfect-scrollbar/perfect-scrollbar.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-4773"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkOuKba3CgzN77%2FUvgBxOo0yxvsTj0sggMLGhLACKGVhF%2BIo03QyHXFFiZxy1sRx0%2BDsvqqr7TZSUDzJESVnxfw4E6AgyfW%2F0ARp9s1YSFpOeD3oGdWVwcjCe5n4OL%2BAlSwdLWgTg9e2XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2a9a698f-FRA

GET
H3 200 feather.min.js Show response
faucetpay.io/dash/lib/feather-icons/ Frame 3FD5 64 KB
17 KB 56ms
52ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/feather-icons/feather.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90582369e8cfed7b41dca4758e2fbe09fccf55b89f0cd0b7d46efd0745db831

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
age: 775
etag: W/"5edd86e6-101aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ho4A%2BonBR5wbLGBIxSKAezu8g8rOMmnRAjFsBz4KxDQpknDZMn6ZgFEZurW3lEpqes0F2Y3CShe%2BCEiW1ATPTZ48CJB97nUe6X14RvwThBRzGzZgvsrLG89m78fYQGvs4m3PSMhpfIsxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d33fcdf2a9c698f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 prism.js Show response
faucetpay.io/dash/lib/prismjs/ Frame 3FD5 21 KB
8 KB 45ms
42ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/prismjs/prism.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a99e2c0e6424981a819e0bd0dbf6217964d7b5186b569093b1f50b238061b5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-55f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd%2FkBRSI9uIzYaK26fAhAbC7QLWwX5l4yZ4lJhYrJLeuufKisfHZIQ2401Xfm6FKn9y%2FbqtP14njADN8Xlx8%2F20BzEYyz3V0XQbgcMbIX6i7cYCX8TLErnK%2FzfDkTxUURkorjLm7neyOgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2a9f698f-FRA

GET
H3 200 dashforge.js Show response
faucetpay.io/dash/assets/js/ Frame 3FD5 3 KB
1 KB 43ms
40ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/js/dashforge.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d65466592dfaca8556a23d05f50a45089e072dbcac3b74a3b65ac8afba603f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-d2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfjozOpKG05fC6B0nUMd2JX4IGKfr%2BMWDpqcFejin8fFVcgRRrLDXTyK0eS77XgmO9elnMonHVALcTzw6gmVnNXI9v6IalLkLG19cJNO%2BS2dp%2BTY6q0Fhja7OYJlW7JaVgjcJfvqSOe39w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2aa1698f-FRA

GET
H3 200 jquery.dataTables.min.js Show response
faucetpay.io/dash/lib/datatables.net/js/ Frame 3FD5 80 KB
29 KB 47ms
43ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/datatables.net/js/jquery.dataTables.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-141eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PP8pQQL1XZc%2B%2BXL4GHUwqLU02q8XA%2B%2Bx%2B%2FoGjwnKCdUf8bwtFQlNqrkXshoePH%2B0bGbaNlj%2BI5ZWAGTaCYq%2F%2FuO050tjzQgG4gy9gw14EDIM%2Fuj0jFg6A349ZrDAyhHBFpa7dOC%2BsWiW6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2aa3698f-FRA

GET
H3 200 dataTables.dataTables.min.js Show response
faucetpay.io/dash/lib/datatables.net-dt/js/ Frame 3FD5 433 B
826 B 50ms
47ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/datatables.net-dt/js/dataTables.dataTables.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c034ef1a96139e169ef2fd05586196885460e6255b98a358507386c048af508

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI%2BvnDdvULOyQRufsJOdbYBmX92uh3u1ObdKUgMwlNX9RBL235UyL%2FrNDbuLOCSBw8GpVEU4%2B%2B751CvsGPMyIsbm%2F99JZ9SNjdHC1SPkAL0yBuchbHpAgWFikb2M%2BR7xm56%2FgJuhx2UPpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2aa5698f-FRA

GET
H3 200 dataTables.responsive.min.js Show response
faucetpay.io/dash/lib/datatables.net-responsive/js/ Frame 3FD5 13 KB
5 KB 71ms
68ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/datatables.net-responsive/js/dataTables.responsive.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed36e2939292383b8688e2c83857e13f8ee9e542ba875c33c3c085488fd32a17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-32e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSo88bCRIStJWGpgieYPZHgr1SViBxy%2B6CqD4kGXpKikwVgGhmskqRHFtriktZP0K8TLGB6DJn6Wy%2BK0gMqAxfiqUkTkzB8MoIyvqJ9Zq6Mf900zc%2BygMlcIH9uyVJL97dB8iuZseimZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2aa7698f-FRA

GET
H3 200 responsive.dataTables.min.js Show response
faucetpay.io/dash/lib/datatables.net-responsive-dt/js/ Frame 3FD5 547 B
851 B 44ms
41ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/lib/datatables.net-responsive-dt/js/responsive.dataTables.min.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 282ff2f545a8bbae4f79f36ec867b4141edd64c1c3ff5d8f808b87a88cbc7351

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Jun 2020 00:31:34 GMT
server: cloudflare
etag: W/"5edd86e6-223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B20hZtuK54RRFvQeqKdI2RCYdTUpmE52leP5LKUxDuWFyO1q35%2BlIyeI6TNf5xkQeKjTUYkNVoRR0o0v7DRt%2F7wStKUwRb88vaAWsVVCbgi9FZy9hdI97DUiWcn7okrul%2F1CGnoJ5NzVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2aaa698f-FRA

GET
H3 200 champ.js Show response
faucetpay.io/dash/assets/js/ Frame 3FD5 18 KB
3 KB 50ms
47ms Script
application/javascript 2606:4700:20::681a:e02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/dash/assets/js/champ.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e304a6e50c66bea87023f56df7b9f8b1557678611d33f10fe685d7ce963133c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/?r=1569530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Feb 2021 05:29:15 GMT
server: cloudflare
etag: W/"601b862b-4815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf%2BXYhK8ZIcozA6RATqYsDHVKZCvr%2BPzl63bY9miQCNVt5r2pxYp9svHb7awvtadaBGlUfS3lMH2db98BVjeWlyy0Kydk2jS0cgnXIfY6xYU2ivjLsnctW%2FZOxtLC0ujo6EW1JKo09H%2BkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6d33fcdf2aae698f-FRA

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ Frame 3FD5 41 KB
14 KB 124ms
74ms Script
application/x-javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef611ad4de1c9e9163e3eded32893ae7c662ae768858780cae1850c3a558552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jan 2022 09:26:06 GMT
server: cloudflare
age: 857
etag: W/"61ee70ae-a335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6d33fcdf7c809048-FRA
expires: Wed, 26 Jan 2022 07:28:41 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ Frame 3FD5 4 KB
2 KB 67ms
22ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 402474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEgYC3jl3Tf%2FgfpTzsqJUujdWvXvrYW0gm0turT0QBlDUN%2Fvrsb%2BkBQWJfemSgyrMK5r0%2BsHkgRDwfdNiANcJ4C3UgyEgpy9OHvAE4STzlBKsJpK4ZVEQ6ufwbrolJyIcoJvOY8qkmejwiUW58nFqtn2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d33fcdf7c695b6e-FRA
expires: Sun, 15 Jan 2023 19:42:58 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ Frame 3FD5 20 KB
6 KB 83ms
39ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1605901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF1t7aAzyVdr3mhCtNPjIz6gE2qL6qU1VoOvyl7OcIFm7sTYTZMkSyS081dC%2BJwgntMPtfrw3voEui50lVoy3nGLYZsQyuH5Jj4sPJ3vsS8u8t%2F2SxHRgxC3izGa8PrUPR3a08vvbj%2FMN1iC4lSBG%2Ftb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d33fcdf7c6d5b6e-FRA
expires: Sun, 15 Jan 2023 19:42:58 GMT

GET
H2 200 matomo.js Show response
stats.koiniom.com/ Frame 75AF 62 KB
21 KB 80ms
44ms Script
application/javascript 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.koiniom.com/matomo.js
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df484cfc21687f580befe921e01d4e8b27e68474820ba1f87b234ec2c2fa9c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6749
cf-polished: origSize=63804
last-modified: Fri, 10 Dec 2021 10:56:58 GMT
server: cloudflare
etag: W/"f93c-5d2c894fafb60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYK6fbYILRJMYsCg4DYCBE%2BO%2Bkwwr5UMJIsA1yHz766%2FHnvHewB7OnYLyc%2Bc3d7ml5ua1YMEsAzaDy%2BuzUpTuFvZe80M17QZkY%2FAtxKFs%2BBWx6iaUO19FHKnAKULDNU9NZpp6BgcUBNZFu1JTusB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6d33fcdec9df929b-FRA
cf-bgj: minify

GET fa-solid-900.woff2
koiniom.com/assets/webfonts/ Frame 75AF 0
0

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 75AF 13 KB
13 KB 70ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 548421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 11:22:37 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 75AF 13 KB
13 KB 95ms
43ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 03:54:20 GMT
x-content-type-options: nosniff
age: 56918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12936
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 03:54:20 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 75AF 12 KB
12 KB 85ms
33ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 05:46:32 GMT
x-content-type-options: nosniff
age: 568586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:18:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 05:46:32 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 75AF 13 KB
13 KB 73ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:17:49 GMT
x-content-type-options: nosniff
age: 602709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 20:17:49 GMT

GET
H/1.1 404
Not Found 728x90.gif
netgaming.fun/images/banners/ Frame 3ED5 808 B
808 B 58ms
52ms Image
text/html 195.62.53.232
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netgaming.fun/images/banners/728x90.gif

Requested by

Host: netgaming.fun
URL: https://netgaming.fun/js/banner.php?id=42&f=728x90

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.62.53.232 Moscow, Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),

Reverse DNS

node-9.1-208.17.202.149.vistnet.net

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.3.29

Resource Hash

18264a137afbfb9a51ffca03e53aba16a1b7b781f75c37eb08714084fc70d476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://netgaming.fun/js/banner.php?id=42&f=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.3.29
Strict-Transport-Security: max-age=31536000; preload
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3FD5 90 KB
36 KB 80ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154633790-1

Requested by

Host: faucetpay.io
URL: https://faucetpay.io/cdn-cgi/apps/head/tEFaMMSDDYP9m-Nej7N5D7nr8i8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f5ec985d6f1ca7c977d605134be4dce1e5d28958a48a9eea24e4b5182ba4501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36040
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jan 2022 19:42:58 GMT

GET fa-solid-900.woff
koiniom.com/assets/webfonts/ Frame 75AF 0
0

GET
H3 200 materialize-1.min.css
adbtc.top/css/ Frame 4892 139 KB
22 KB 152ms
115ms Stylesheet
text/css 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/css/materialize-1.min.css

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1722909f2115ebb1795cc3085bdce9396073b8b378debe7dc9c42fc34f5dbf64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2183
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 24 Aug 2021 10:41:30 GMT
server: cloudflare
etag: W/"6124ccda-22a05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vWPgN6G1RwS8ZDLBM1E%2B6XxJkskbmm5QnlppowGn6l9JJ8ZgZ4dGqfgdoWk%2BVql2WoNCAy9qplip%2B%2BJ2XJ3WYfTszWFJ7lPy7dL8XM%2BnJpnWU4PSq0LFnAf4nbTVsf8h%2Fj1Rpr81g8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6d33fcdfbefb0bfd-AMS

GET
H3 200 css2
fonts.googleapis.com/ Frame 4892 2 KB
549 B 110ms
55ms Stylesheet
text/css 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:21:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 19:42:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 19:42:58 GMT

GET
H3 200 invisible.js Show response
adbtc.top/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4892 48 KB
17 KB 123ms
95ms Script
text/javascript 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/cdn-cgi/challenge-platform/h/b/scripts/invisible.js

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04a96709097d5467ec918922c0fae907d4da03077d4a3c8d500825121c816ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YmIIM0A8XLoubBs4M3nM8a8yBgs5Fi8JF3LxGutfUH8WGpYhQZPvhGUOb73oRx%2F47VCHU2UsMtgKWC9cNYK7FQ8VipyKL6ZcDhYlcJYIb9y3GcWFtC3EFxlRh0Kyx98cfiGwCn00RE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d33fcdfbef90bfd-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 4892 52 KB
21 KB 98ms
45ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SAxYpfdhmQF5WpP8LHmJYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "9e73b2cd9b08c6b34a7273789934d4e5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-SAxYpfdhmQF5WpP8LHmJYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 25 Jan 2022 19:42:58 GMT

GET
H3 503 marketing.png
adbtc.top/img/icons/ Frame 4892 0
0 96ms
68ms Image
text/html 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adbtc.top/img/icons/marketing.png
Requested by: Host: adbtc.top
URL: https://adbtc.top/r/l/1359636
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 bitcoin.png
adbtc.top/img/icons/ Frame 4892 3 KB
3 KB 145ms
117ms Image
image/png 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/img/icons/bitcoin.png

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

378c0dc503b7a65f9b2cb34b252be80e5e4333b9bb844525687f7be1e8c5011a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 864
cf-polished: origSize=3212
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2580
last-modified: Tue, 24 Aug 2021 10:41:45 GMT
server: cloudflare
etag: "6124cce9-c8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu%2FRxsBbIZTJ3TX8mt1BHNrZHygD7eWXeHKPRBaklpgOuGJ9YsHlEj8gcrXWcTQilxtJctaIofs5OOD9jmIYo%2B9yxzhNPumtgWvWMKLzL8k%2FCuj25%2BEsZG07AWvdGS8Ob0omKwkfGmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdfbeff0bfd-AMS
cf-bgj: imgq:100,h2pri

GET
H3 200 accepted.png
adbtc.top/img/ Frame 4892 18 KB
18 KB 146ms
118ms Image
image/png 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/img/accepted.png

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6015e821150715a40dfc3b7009fa441cf857d93be499e713a7f754c2f6128b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2179
cf-polished: origSize=38699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18337
last-modified: Tue, 24 Aug 2021 10:41:45 GMT
server: cloudflare
etag: "6124cce9-972b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4wgIKj0PFxTh1il%2F1K1TBlWLX0EWHfC4XQyFo1xCjVs1yl2yMHpzKqS5qEtt74jsn%2F%2BhWAo0sjwDtSZqSmubhOD9ZaeblgSwPvWnITJNY87hlYzwh7TSn8SrPgWytU28%2B41KptJ%2BRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdfbf010bfd-AMS
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK payeer.png
payeer.com/style/images/content/ Frame 4892 2 KB
2 KB 29ms
28ms Image
image/png 149.202.17.208
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payeer.com/style/images/content/payeer.png

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.202.17.208 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

iCore Proxy Module /

Resource Hash

a0da32e32711263f5ba33e48d4287a7cbad23440ca606af00ddeb77a23e19fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Aug 2016 12:09:15 GMT
Server: iCore Proxy Module
ETag: "57a1deeb-7ff"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2047
X-XSS-Protection: 1; mode=block

GET
H3 200 ssl.png
adbtc.top/img/ Frame 4892 28 KB
29 KB 68ms
41ms Image
image/png 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/img/ssl.png

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc5a40843d3686525b135eb7c47e689317913f58b92dfb4d970e98b541187e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2234
cf-polished: origSize=32837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28573
last-modified: Tue, 24 Aug 2021 10:41:45 GMT
server: cloudflare
etag: "6124cce9-8045"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bLnQf2UhFlPwMKjvz5RR8qM94RZlf0n3svBhRnF16RapGDaYdD7I0CmEZDJrChkXgVC7oxb%2BbPf%2FdCyoAJ%2BmJrY%2FJ%2BCOiDp%2FD%2Bz%2BSHk5PaQR8L1ofgRXIKQ2aauFgE5iGeheQxGjZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdfbf100bfd-AMS
cf-bgj: imgq:100,h2pri

GET
H3 200 twitter.png
adbtc.top/img/icons/ Frame 4892 2 KB
3 KB 85ms
58ms Image
image/png 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/img/icons/twitter.png

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0420bd5d6e28a63ad32a75b5827a51aa35349309e1e4de0da275459fd3dccb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 864
cf-polished: origSize=2340
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2266
last-modified: Tue, 24 Aug 2021 10:41:45 GMT
server: cloudflare
etag: "6124cce9-924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J61O%2BWJGvd0kiWhrCxgpwufnUgpLVQpIFoV1i%2Fpgp5hi4%2FoQH0B8kRsz8JuJSCYN3Mrz2PsK40%2BmZZD2RLtoQzeyeBykHkg6XPJ7DFWinxJZ7KCv95%2F5eDV57C0PGrMy5o7z4FNb6NI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdfbf170bfd-AMS
cf-bgj: imgq:100,h2pri

GET
H3 200 telegram.png
adbtc.top/img/icons/ Frame 4892 3 KB
4 KB 160ms
132ms Image
image/png 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/img/icons/telegram.png

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7adb9250261d7618f7e241ae3ce24e94a39a521255ed0a2c447d2f6836c98aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 863
cf-polished: origSize=4868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3282
last-modified: Tue, 24 Aug 2021 10:41:45 GMT
server: cloudflare
etag: "6124cce9-1304"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHVUGaJlw931w9GadiDTrSPDJ7mFh3BWhvykNA0%2Fbo507NykkXXebEaZNUUT563rLTgOyUkAanQiZm%2FgLftX8HQeI3VQWhDs9awhX9X6a3MUsgfCVomiQJ4RWViJeSvwCAj7IXZ6aeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fcdfbf180bfd-AMS
cf-bgj: imgq:100,h2pri

GET
H3 200 email-decode.min.js Show response
adbtc.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 4892 1 KB
1 KB 61ms
34ms Script
application/javascript 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61e833a6-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bkd32%2BmamY02EsDCoF%2BCyj9GRuW7f%2B%2Fmc%2FAal%2B8J5NsODm4r2aLSshORLNnVtY44PmmcSSZA0EheTtUbUHKiZ%2FpEn7XQwKW2MZCc6krMDiyLN0Sacts9OfkxAyhI8YwaEFvcMTeluRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6d33fcdfbef10bfd-AMS
expires: Thu, 27 Jan 2022 19:42:58 GMT

GET
H3 200 materialize-1.min.js Show response
adbtc.top/js/ Frame 4892 177 KB
44 KB 97ms
69ms Script
application/javascript 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/js/materialize-1.min.js

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2279
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 24 Aug 2021 10:42:13 GMT
server: cloudflare
etag: W/"6124cd05-2c375"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGUbqsUqfEXlaIPoDfpFLxrAsjh5mDAESE8GqVmHOCQgsCC5hVfi0SLZD3jdYz7xPWOkfuJyw4SepjL16gjZPn%2BDZKVjsPCfSRe7AaC7qnlSxo8%2FtegqBja0iF5iHbRJ0CvSJrWOkDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 6d33fcdfbef30bfd-AMS

GET
H3 200 lazysizes.min.js Show response
adbtc.top/js/ Frame 4892 7 KB
4 KB 163ms
136ms Script
application/javascript 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/js/lazysizes.min.js

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 871
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 24 Aug 2021 10:42:12 GMT
server: cloudflare
etag: W/"6124cd04-1c43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckGZPy9pFnEdgsHWYUcXyBTMd9iBDO2MUF757Y5pDHcyLxkyjlvuZmy1cwBhRYMO1EDn6DMuYmXE9IQp%2BeFU7vijPFy%2BRb1gZ3fjZt%2B9g259BCXvtc6CeaMOWDkwuwBGl6QGAjPsmhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 6d33fcdfbf190bfd-AMS

GET
H3 200 style-0.1.1.css
adbtc.top/css/ Frame 4892 3 KB
1 KB 123ms
95ms Stylesheet
text/css 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/css/style-0.1.1.css

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a7e0bbda529d1ecbff01255fd26d57ea86fdd8083cd40128d2429ee1a9d1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4473
cf-polished: origSize=3141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 24 Aug 2021 10:41:30 GMT
server: cloudflare
etag: W/"6124ccda-c45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3Lf3XJkSibACWe8I%2FXeSWq4f5k4xoxyctPYj%2BK2InM2FL54RvN5QPZHAFwStX3lRQdG1hT4%2BFGbw2odcVB%2FU0X4yAAfCYaIcOYOge6ZtFPPqKbelPCa%2BnKFQGrzTNakt1xZ%2FyL0Lh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6d33fcdfbef70bfd-AMS
cf-bgj: minify

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 4892 14 KB
5 KB 143ms
103ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: adbtc.top
URL: https://adbtc.top/r/l/1359636
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d33fcdfc92791e7-FRA

GET
H2 200 _puzzle.js Show response
api-secure.solvemedia.com/papi/ Frame 75AF 71 KB
22 KB 229ms
226ms Script
text/javascript 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-secure.solvemedia.com/papi/_puzzle.js
Requested by: Host: api-secure.solvemedia.com
URL: https://api-secure.solvemedia.com/papi/challenge.script?k=oGt2xSE2v9M-aQ7F-51-VxfxBMJxsXeQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 3c559c083aadcf20f416928615539ffc3abf3a3efc59264629163b7ad7464773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 10:41:02 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-ac-origin: aws-us-east-2-prod-57
cache-control: public,max-age=86400
expires: Wed, 26 Jan 2022 19:42:58 GMT

GET
H/1.1 200
OK ra_logo.gif
regionads.ru/images/ Frame 7EAC 695 B
979 B 56ms
55ms Image
image/gif 188.120.236.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/ra_logo.gif

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=728x90

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

df7be0d12117230256dd66d99ad9ca5febb7b3587e2ce5930a68de39399b2d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/js/banner.php?id=785&f=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Last-Modified: Sun, 23 Jun 2019 06:11:49 GMT
Server: nginx/1.16.1
ETag: "5d0f1825-2b7"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 695

GET
H/1.1 200
OK 5_1639745768.jpg
regionads.ru/images/banners/ Frame 7EAC 31 KB
32 KB 163ms
107ms Image
image/jpeg 188.120.236.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/banners/5_1639745768.jpg

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=728x90

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e8402e3d22b1f149ffa6d6a975688c7c90a105b6e94b2d0fd21f61388e48c047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/js/banner.php?id=785&f=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Last-Modified: Fri, 17 Dec 2021 12:56:08 GMT
Server: nginx/1.16.1
ETag: "61bc88e8-7d69"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32105

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 7EAC 196 KB
67 KB 90ms
90ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

858b074d3341e69dfee2ca648f95ce997a857ca26bf95344c295f1bd037f33ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
last-modified: Tue, 25 Jan 2022 09:24:23 GMT
etag: "61ef9797-10ac3"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 68291
expires: Tue, 25 Jan 2022 20:42:58 GMT

GET fa-solid-900.ttf
koiniom.com/assets/webfonts/ Frame 75AF 0
0

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame 3FD5 4 KB
2 KB 85ms
15ms Script
application/javascript 99.86.3.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-67.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 23592932
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: PodaKyMwXwHOxxcLccoznM7q-UkiJiwKrkwgoOysgnt2Srh2YuXnyg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3FD5 49 KB
20 KB 58ms
16ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154633790-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 484
date: Tue, 25 Jan 2022 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 25 Jan 2022 21:34:54 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ Frame 3FD5 192 B
566 B 148ms
147ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12149426&u1=EBC6795E36C94F48DCCB9009AE4F8818&java=1&security=46990006&sc_snum=1&sess=1e20bc&p=0&rcat=r&rdom=serfnets.ru&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//serfnets.ru/&u=https%3A//faucetpay.io/%3Fr%3D1569530&t=Home%20%7C%20FaucetPay&invisible=1&sc_rum_e_s=549&sc_rum_e_e=554&sc_rum_f_s=0&sc_rum_f_e=543&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d33fce00dcd9048-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://faucetpay.io
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame 4892 135 KB
45 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dbb0fc0e83b745af632ba1d0f81fc1450282d11055fef8f1c31e9d99db65bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 19:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46285
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Jan 2023 19:55:23 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame 3FD5 43 B
552 B 56ms
15ms Image
image/gif 18.66.122.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=0&frame_width=0&iframe=1&title=Home%20%7C%20FaucetPay&time=1643139778611&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=http%3A%2F%2Fserfnets.ru%2F&host_url=https%3A%2F%2Ffaucetpay.io%2F%3Fr%3D1569530&random_number=5369431616&sess_cookie=719d073c17e92c348327f3d0dd1&sess_cookie_flag=1&user_cookie=719d073c17e92c348327f3d0dd1&user_cookie_flag=1&dynamic=true&domain=faucetpay.io&account=GVoqw1WyR620WR&jsv=20130128&user_lang=en-US
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 04:13:26 GMT
Via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 55773
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA60-P2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: eYxrBYhr0wFPgf2WvKY0aWuezbsspFAQf1R76hlK2eW1iZOUdtQYaA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 3FD5 0
48 B 367ms
110ms Image
text/plain 3.131.104.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: faucetpay.io
URL: https://faucetpay.io/?r=1569530
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.104.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-104-30.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://faucetpay.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
server: Server

GET
H2

200

1 Show response
mc.yandex.com/watch/54518020/ Frame 7EAC
Redirect Chain

https://mc.yandex.com/watch/54518020?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-inf...
https://mc.yandex.com/watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-i...

350 B
381 B

43ms
43ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1380194332925%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A353224438%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=728x90

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

b575fa267b805892967ae0acf6b1b2857d9fcada699c2a249799b2e4f5530ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 25-Jan-2022 19:42:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 25-Jan-2022 19:42:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Tue, 25-Jan-2022 19:42:58 GMT
location: /watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1380194332925%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A353224438%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-Jan-2022 19:42:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/54517903/ Frame 7EAC
Redirect Chain

https://mc.yandex.com/watch/54517903?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-inf...
https://mc.yandex.com/watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-i...

350 B
483 B

43ms
43ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A2%3Adp%3A0%3Als%3A763739279492%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A522365553%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=728x90

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f36b496d2850899904dbb7ae9c6a7fecc1e9126173b0d15b6d9da976c1ba7e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 25-Jan-2022 19:42:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 25-Jan-2022 19:42:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Tue, 25-Jan-2022 19:42:58 GMT
location: /watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D785%26f%3D728x90&page-ref=http%3A%2F%2Fpronavigator.ru.xsph.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A848%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A730%3Acn%3A2%3Adp%3A0%3Als%3A763739279492%3Ahid%3A468538217%3Az%3A0%3Ai%3A20220125194258%3Aet%3A1643139779%3Ac%3A1%3Arn%3A522365553%3Arqn%3A1%3Au%3A16431397791058374371%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643139777736%3Ads%3A0%2C170%2C71%2C0%2C479%2C0%2C%2C22%2C0%2C%2C%2C%2C747%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643139779%3At%3ARegionAds.ru&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-Jan-2022 19:42:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4892 15 KB
15 KB 44ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 2589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:59:49 GMT

GET
H/1.1 200
OK 298312 Show response
ad.a-ads.com/ Frame 03E4 6 KB
2 KB 74ms
28ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/298312?size=468x60

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

6d703eade067a3f4b5fd6f0fb7d93993bc2c459622d1b477c1757df2d99336d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 25 Jan 2022 19:42:58 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 7EAC 43 B
136 B 43ms
43ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Wed, 19 Jan 2022 13:48:47 GMT
etag: "61e7ec8f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jan 2022 20:42:58 GMT

GET
DATA 200
OK truncated
/ Frame 4892 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET Roboto-Regular.ttf
adbtc.top/fonts/roboto/ Frame 4892 0
0

GET
H2 200 _challenge.js Show response
api-secure.solvemedia.com/papi/ Frame 75AF 3 KB
2 KB 133ms
132ms Script
text/javascript 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-secure.solvemedia.com/papi/_challenge.js?k=oGt2xSE2v9M-aQ7F-51-VxfxBMJxsXeQ;f=_ACPuzzleUtil.callbacks%5B0%5D;l=en;t=img;s=standard;c=js,h5c,h5ct,svg,h5v,v/h264,v/ogg,v/webm,h5a,a/mp3,a/ogg,ua/chrome,ua/chrome97,os/nt,os/nt10.0,fwv/BYUrrg.iail92,htmlplus;am=dfUyrQ9Aq7ZwcAQKD0Crtg;ca=script;ts=1643139019;ct=1643139778;th=white;r=0.4976431009689535
Requested by: Host: api-secure.solvemedia.com
URL: https://api-secure.solvemedia.com/papi/_puzzle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 5e16d59b4af3b9a994e4217593b4b3075ff653d70e43835ed8b316817b8c2b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: gzip
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSA PSD UNI COM NAV OUR STP"
x-ac-origin: aws-us-east-2-prod-146
cache-control: no-store,no-cache,must-revalidate
content-type: text/javascript; charset=utf-8

GET
H2 200 solve-whV2.png
api-secure.solvemedia.com/media/ Frame 75AF 1 KB
2 KB 115ms
113ms Image
image/png 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-secure.solvemedia.com/media/solve-whV2.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: b0a7d0f6f80f650a29ac8ebd479acfd1771d5d1dbc92e1f0cc6ae80c89e7a0bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
accept-ranges: bytes
etag: "5af-5b0ef4642ab80"
content-length: 1455
content-type: image/png

GET
H2 200 reload-whV2.gif
api-secure.solvemedia.com/media/ Frame 75AF 654 B
851 B 114ms
113ms Image
image/gif 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-secure.solvemedia.com/media/reload-whV2.gif
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 1730c445d1f7a53afd3689d8c422217bfe548c426b46b168b4d8f67ef620a883

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
accept-ranges: bytes
etag: "28e-5b0ef4642ab80"
content-length: 654
content-type: image/gif

GET
H2 200 note-whV2.gif
api-secure.solvemedia.com/media/ Frame 75AF 639 B
836 B 112ms
111ms Image
image/gif 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-secure.solvemedia.com/media/note-whV2.gif
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: deda44bb167b75db0c1fe7f0d2013d6c171e44a00139e259ae369e5c071eb315

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
accept-ranges: bytes
etag: "27f-5b0ef4642ab80"
content-length: 639
content-type: image/gif

GET
H2 200 text-whV2.gif
api-secure.solvemedia.com/media/ Frame 75AF 389 B
586 B 113ms
112ms Image
image/gif 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-secure.solvemedia.com/media/text-whV2.gif
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 5fc24a05ce60994d84643aba8023b397730c26fb6f0bf2236a49a3b0df189b68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
accept-ranges: bytes
etag: "185-5b0ef4642ab80"
content-length: 389
content-type: image/gif

GET
H2 200 info-whV2.gif
api-secure.solvemedia.com/media/ Frame 75AF 417 B
614 B 114ms
114ms Image
image/gif 13.58.91.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-secure.solvemedia.com/media/info-whV2.gif
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.91.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-91-41.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 9d8c1f1f876a94f37ca3ea5add501a71d8fb111c76402529ff46882affbf59bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
accept-ranges: bytes
etag: "1a1-5b0ef4642ab80"
content-length: 417
content-type: image/gif

GET
H/1.1 200
OK 1171042 Show response
ad.a-ads.com/ Frame 7583 6 KB
2 KB 26ms
26ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1171042?size=300x250

Requested by

Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

90fd504e37953092fa6d94d13e8dbcbd420b03ac439172be9f22e04e5f524165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 25 Jan 2022 19:42:58 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1198667 Show response
ad.a-ads.com/ Frame E6E8 6 KB
2 KB 51ms
25ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1198667?size=468x60

Requested by

Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

56975ea3ff47d975f223b9b7c18a33c462208237d64111e2cfe42ece64b5af3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 25 Jan 2022 19:42:58 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 75AF 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET fa-brands-400.woff2
koiniom.com/assets/webfonts/ Frame 75AF 0
0

GET
H3 200 banner2.webp
adbtc.top/img/ Frame 4892 180 KB
181 KB 56ms
56ms Image
image/webp 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adbtc.top/img/banner2.webp

Requested by

Host: adbtc.top
URL: https://adbtc.top/r/l/1359636

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27b68a7495449ecb01f80bc53eb5316f6f0af7d927ccde76f514bb22ff5a465

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184410
last-modified: Tue, 24 Aug 2021 10:41:45 GMT
server: cloudflare
etag: "2d05a-5ca4bc7b3e44e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfIeDK4s6IZxJ%2BYOBmg7IIdImRyMdwgrzF5hitx2Om9Ca4C%2FASoqw5FnydV7h1AFo47PMVVUiD%2FdKDb9Y59Z9oaAN9dalk7uMzJ47jY4cqAUIzJVdGwIGGJRLXlwgyjIhjitx9FoUqU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fce19a510bfd-AMS

GET
H2 400 6149b5b06708c6d33813da72.js
cdn.bmcdn2.com/js/ Frame 75AF 0
0 176ms
120ms Script
text/html 2606:4700:20::681a:8ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn2.com/js/6149b5b06708c6d33813da72.js
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQWzQncbvqaeEF2GinodzyaEq4w9%2FxmLI7uuXKJRpzFOPZne3D1I%2FVOa8QKkjKeEBpVzlGoT%2FYT1IfuDJgqtKUKdzi8B10XD2zGtMKmtf72a4a6qAqjBmK5BZnM8jbAWpPKMOIo%2FQYmbnE5z"}],"group":"cf-nel","max_age":604800}
cache-control: public max-age=1800
cf-ray: 6d33fce1f8a090f4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 400 61db4364cb0f1700137b6caf.js
cdn.bmcdn2.com/js/ Frame 75AF 0
0 173ms
117ms Script
text/html 2606:4700:20::681a:8ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bmcdn2.com/js/61db4364cb0f1700137b6caf.js
Requested by: Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr25%2FhkeKeEOWD0UCNe0TpQqVFyc0XLomHNKF1Ei4ZRuPLaqWat185x6or%2FJQ%2BoHn5GY0aJTmj8moCobQzRSNYGbgk8kflAAubMHX0AZCU7pL%2FhDbk16T6ZUtVEuvTJeGHky56xbrmVJSGbY"}],"group":"cf-nel","max_age":604800}
cache-control: public max-age=1800
cf-ray: 6d33fce1f8a490f4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 l.js Show response
client.crisp.chat/ Frame 75AF 8 KB
3 KB 89ms
28ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: koiniom.com
URL: https://koiniom.com/affiliate/exUQRXRyml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 42468
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-1ebe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 6d33fce238569116-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 26 Jan 2022 19:42:58 GMT

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/44fc726/static/ Frame 5914 2 KB
1 KB 34ms
33ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-challenge.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d181a8dcdabebd2ba2988085394e6bdd34529802a892c0ab32d4ba73ad0d9703

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-type: text/html
last-modified: Tue, 25 Jan 2022 14:36:48 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 6WBPqYaOserdaF04-D2yBS_adnj6mlyv3pJr59RHxEtyW6MG3ZQvDQ==
age: 18196
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d33fce1ea5090b5-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/44fc726/static/ Frame 0FF3 2 KB
1 KB 34ms
34ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/44fc726/static/hcaptcha-checkbox.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b280a26ac6b47c3fdc078c0c3097499415f7ec8683909a0d6d102f6d6b1c74b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
content-type: text/html
last-modified: Tue, 25 Jan 2022 14:36:48 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 c9cb74549b807d498500f04e1d4b8c7c.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C2
x-amz-cf-id: evTdJq9Eoi6IedpjMB1EETDKvJx88nb5AdHmAkYaF-yCSkiAFTF7ow==
age: 18196
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d33fce1ea5290b5-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/117620/ Frame 03E4 156 KB
157 KB 94ms
41ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/298312?size=468x60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash: d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: PQQDRBASQAW3KBFW
ETag: "d89cd17d5e22adfb5532615d116d84b8"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 160195
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
x-amz-id-2: ddy2ur7D5Nmf8R9MULzvQhG7DYe9ceQCkWxiyB0p+XzLBA7tuhho6lycVzOsQ/Uswa2iCY6Httc=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET fa-brands-400.woff
koiniom.com/assets/webfonts/ Frame 75AF 0
0

GET
H2

200

block Show response
koiniom.com/ Frame 75AF
Redirect Chain

http://koiniom.com/block
https://koiniom.com/block

2 KB
1 KB

82ms
82ms

Document
text/html

2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/block
Requested by: Host: koiniom.com
URL: https://koiniom.com/assets/js/script.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f60f746042dcfb698daee6872171d764f5677a594d8db01abab4766c039148e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://koiniom.com/affiliate/exUQRXRyml

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV3cuj0kuSdoHV%2BfGhts3B9hqTL%2BakHwJdmApwsEhdeQ0vT2YhScMze2XCUs6yJuTIzCZqTMYDsCZ91J1P411J8i1bwNzk3ZYELB8FRkIr1%2FH1psEi4mlH1LV%2Fk1eMLUdg0e8IZH9XqS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fce26b39929b-FRA
content-encoding: br

Redirect headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 25 Jan 2022 20:42:58 GMT
Location: https://koiniom.com/block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTerdodUqS9bxU3W%2FqddCWDzw1wJQt7qCh0vZLxmL2XnniO%2Bk9nbKtkzP7F5RPzZWjr6PPYucIrIu%2B55dU1YKSMlv6aNhaXBvF1Xi4LUpDjrkhjxoa6yHU5M5%2BLgZsqrpOlWSoik00cv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d33fce21c385caa-FRA

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 4892 12 KB
12 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:23:17 GMT
x-content-type-options: nosniff
age: 29981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:23:17 GMT

GET
DATA 200
OK truncated
/ Frame 03E4 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/103763/ Frame 7583 144 KB
0 85ms
41ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1171042?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Last-Modified: Fri, 27 Dec 2019 12:20:30 GMT
Server: nginx
x-amz-request-id: MEQHYYMFB828B2CK
ETag: "28dd56aa4c3448923f2e06f6f90e1017"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 702864
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2: OhYF5Ai5XBgc8TEH2Pme2+x7H7YPsrjrYJgm+6dfWMyGb3tU8xmdvjY/TTGTmkSqU9jefDai234=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/117620/ Frame E6E8 32 KB
0 85ms
44ms Image
image/gif 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1198667?size=468x60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.11.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.11.243.136.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:58 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: PQQDRBASQAW3KBFW
ETag: "d89cd17d5e22adfb5532615d116d84b8"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 160195
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
x-amz-id-2: ddy2ur7D5Nmf8R9MULzvQhG7DYe9ceQCkWxiyB0p+XzLBA7tuhho6lycVzOsQ/Uswa2iCY6Httc=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET fa-brands-400.ttf
koiniom.com/assets/webfonts/ Frame 75AF 0
0

POST result
koiniom.com/cdn-cgi/bm/cv/ Frame 75AF 0
0

OPTIONS
H2 404 result
koiniom.com/cdn-cgi/bm/cv/ Frame 0
0 34ms
34ms Preflight 2606:4700:20::681a:328
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/cdn-cgi/bm/cv/result?req_id=6d33fcdb99fc929b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:328 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 19:42:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g204z%2FpHoj%2F9v9I%2BO6h%2FhPwFI4pPGwuM0QM%2BSPffBLPU53sYHrLpObmHO8AixjwXQKJRL8eriuR8RaSBiU1mpmWyKJZgTqiGvs1xkqxCaPmFeRj4QYUHIECTIv6BTG0Cw7Rc2ayR%2By%2F8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fce2891c927a-FRA

GET hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/44fc726/ Frame 5914 0
0

GET beacon.js
sb.scorecardresearch.com/ Frame 75AF 0
0

GET media
api-secure.solvemedia.com/papi/ Frame 0D54 0
0

GET s-4312.xgi
p.nexac.com/e/sr/a-2079/s-4312/ Frame 75AF 0
0

GET 380619.gif
idsync.rlcdn.com/ Frame 75AF 0
0

GET hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/44fc726/ Frame 0FF3 0
0

POST rum
adbtc.top/cdn-cgi/ Frame 4892 0
0

OPTIONS
H3 200 rum
adbtc.top/cdn-cgi/ Frame 0
0 27ms
26ms Preflight
text/plain 2606:4700:3030::ac43:9dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adbtc.top/cdn-cgi/rum?

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:9dee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
content-type: text/plain
access-control-allow-origin: unknown://nil
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 6d33fce31cd500c3-AMS
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

GET
H3 200 css
fonts.googleapis.com/ Frame 75AF 3 KB
635 B 55ms
55ms Stylesheet
text/css 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: koiniom.com
URL: https://koiniom.com/block

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:22:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 19:42:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 19:42:59 GMT

GET
H2 200 api.js Show response
koiniom.com/cdn-cgi/bm/cv/669835187/ Frame 75AF 35 KB
9 KB 22ms
22ms Script
text/javascript 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://koiniom.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: koiniom.com
URL: https://koiniom.com/block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUMvQK1zVf2%2FqWtHkVegAbExflFz2mlhl0w%2FLStJYQWEsMu%2BWTB2%2Bk1zMRi8Z2JQA1TeF2y2KPSwjvOXwB3Xws%2FLP8Cy9C3TMlOSQo9AatdxHI0aaB5aoCpgtzb2VjngGldfKe3Wgof%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6d33fce31ca6929b-FRA

GET
H2 200 logo_sm.png
koiniom.com/assets/img/ Frame 75AF 2 KB
3 KB 63ms
63ms Image
image/png 2606:4700:20::ac43:475f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koiniom.com/assets/img/logo_sm.png
Requested by: Host: koiniom.com
URL: https://koiniom.com/block
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fffe41ce8cd82c8accfe01cd1f9eb08b98e7ce0f5fbeb25e851663f4b1cbe845

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3565
cf-polished: origSize=4666
content-length: 2275
last-modified: Fri, 05 Feb 2021 07:38:47 GMT
server: cloudflare
etag: "123a-5ba91e9144fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anGm4fiqFwsjr3FddpR1vt8DTNP0wqY7y3KsFEKRsazVniQYde0GN%2BNdWrIkEY5NC1YEc1YL6Kwc2z%2BIq6CilYvLvXYwkYb53ivvLxM4or2CK3MmzZsqhmSBzVHftU14CYpcMCP%2FV9tr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d33fce36dcd929b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 75AF 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 2591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:59:48 GMT

POST result
koiniom.com/cdn-cgi/bm/cv/ Frame 75AF 0
0

OPTIONS
H2 404 result
koiniom.com/cdn-cgi/bm/cv/ Frame 0
0 38ms
37ms Preflight 2606:4700:20::681a:328
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koiniom.com/cdn-cgi/bm/cv/result?req_id=6d33fce26b39929b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:328 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxmR3XohaOh%2BOxgDpMhpbXVkKO3%2BqhSv2GqEq5SFjeVIDbqf9xM1%2BTyJ%2B1V5DNh7XLLJRur0t9PN68vEou8czmdTT4s6s39rZUAxYWu7QKostN16CeSo3gXSs0QR3Bc692VLh9BNpeOA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d33fce3cc38927a-FRA

GET
H/1.1 200
OK 3_1631272478.gif
netgaming.fun/images/tizer/ 38 KB
38 KB 55ms
55ms Image
image/gif 195.62.53.232
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netgaming.fun/images/tizer/3_1631272478.gif

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.62.53.232 Moscow, Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

ca606cca5cd2674371ce8ea8309021c28a3bdde2b142276a915498c58c050c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:59 GMT
Last-Modified: Sun, 26 Sep 2021 03:07:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "983b-5ccdd472bab05"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 38971

GET
H/1.1

200
OK

banner.php Show response
regionads.ru/js/ Frame 9326
Redirect Chain

http://regionads.ru/js/banner.php?id=785&f=300x250
https://regionads.ru/js/banner.php?id=785&f=300x250

2 KB
2 KB

69ms
69ms

Document
text/html

188.120.236.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://regionads.ru/js/banner.php?id=785&f=300x250

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.3.3

Resource Hash

19ebcd7973ea72975a0ef594a5fab5ec472276be63fb4900d465ec626afea823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/

Response headers

Server: nginx/1.16.1
Date: Tue, 25 Jan 2022 19:42:59 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Strict-Transport-Security: max-age=31536000;

Redirect headers

Location: https://regionads.ru/js/banner.php?id=785&f=300x250
Non-Authoritative-Reason: HSTS

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 196 KB
67 KB 85ms
85ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

858b074d3341e69dfee2ca648f95ce997a857ca26bf95344c295f1bd037f33ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
content-encoding: br
last-modified: Tue, 25 Jan 2022 09:24:23 GMT
etag: "61ef9797-10ac3"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 68291
expires: Tue, 25 Jan 2022 20:42:59 GMT

GET
H/1.1 404
Not Found daopush-init.js
pronavigator.ru.xsph.ru/ 0
0 50ms
50ms Script
text/html 2a0a:2b47:c:6777::
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://pronavigator.ru.xsph.ru/daopush-init.js
Requested by: Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/
Protocol: HTTP/1.1
Server: 2a0a:2b47:c:6777:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:59 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 ntload Show response
tgpsew.com/ 268 B
365 B 130ms
35ms Fetch
application/javascript 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tgpsew.com/ntload?a=1&e=aeyJwaWQiOjEwODMwODgsInNpZCI6MTEyMDIxMiwid2lkIjoyODM3NzAsImQiOiJwcm9uYXZpZ2F0b3IucnUueHNwaC5ydSIsImxpIjoxfQ==&tz=0&if=0
Requested by: Host: dvypar.com
URL: https://dvypar.com/na/waWQiOjEwODMwODgsInNpZCI6MTEyMDIxMiwid2lkIjoyODM3NzAsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e0095d8034e3884d2f35fe36d38fe9c3355fa111ba76efd1d04536643c89fe50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jan 2022 19:42:59 GMT
content-encoding: gzip
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 297 B
439 B 90ms
36ms Fetch
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: dvypar.com
URL: https://dvypar.com/na/waWQiOjEwODMwODgsInNpZCI6MTEyMDIxMiwid2lkIjoyODM3NzAsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d7f951a15402b38e7e8b46f1b128562ea66c64081b4438147c6259432faa7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6d33fce66bd89211-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 78 KB
29 KB 69ms
38ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3edfaa75558e93756874357f71bc329c3a97c36d5e92e347251e195742ba0a79

Request headers

Referer: http://pronavigator.ru.xsph.ru/
Origin: http://pronavigator.ru.xsph.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
content-encoding: gzip
last-modified: Fri, 21 Jan 2022 15:18:57 GMT
server: nginx/1.18.0
etag: W/"61eacee1-1382f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 25 Jan 2022 20:42:59 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 8.gif
ve7.ru/assets/mod/context/img/ 31 KB
31 KB 116ms
116ms Image
image/gif 2a00:f940:2:2:1:1:0:51
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ve7.ru/assets/mod/context/img/8.gif

Requested by

Host: pronavigator.ru.xsph.ru
URL: http://pronavigator.ru.xsph.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f940:2:2:1:1:0:51 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

Software

nginx /

Resource Hash

54b6f4ebe82318f50349fec1276567a33d31d8ccdaa854e95f0f8aebf9000a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:42:59 GMT
last-modified: Sun, 19 Dec 2021 09:39:01 GMT
server: nginx
etag: "61befdb5-7b71"
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 31601
expires: Fri, 11 Mar 2022 19:42:59 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
125 KB 113ms
53ms Script
text/javascript 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onetouch8.info
URL: https://video.onetouch8.info/d-video.js?b=15

Protocol

HTTP/1.1

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://pronavigator.ru.xsph.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Vary: Accept-Encoding
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 127061
X-XSS-Protection: 0
Expires: Tue, 25 Jan 2022 19:42:59 GMT

GET dc3fe6b5cfb7b703c92fc924ecf3caf0.js
50794a7538.a229d74843.com/ 0
0

GET
H/1.1 200
OK ra_logo.gif
regionads.ru/images/ Frame 9326 695 B
979 B 68ms
68ms Image
image/gif 188.120.236.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/ra_logo.gif

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=300x250

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

df7be0d12117230256dd66d99ad9ca5febb7b3587e2ce5930a68de39399b2d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://regionads.ru/js/banner.php?id=785&f=300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 19:42:59 GMT
Last-Modified: Sun, 23 Jun 2019 06:11:49 GMT
Server: nginx/1.16.1
ETag: "5d0f1825-2b7"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 695

GET
H/1.1 200
OK 7_1639745830.gif
regionads.ru/images/banners/ Frame 9326 30 KB
30 KB 141ms
141ms Image
image/gif 188.120.236.88
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/banners/7_1639745830.gif

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=785&f=300x250

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS