urlscan.io logo urlscan.io
SecurityTrails logo

www.k-bettel.de Open in urlscan Pro
195.201.125.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 78 HTTP transactions. The main IP is 195.201.125.43, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is www.k-bettel.de.
TLS certificate: Issued by R3 on May 30th 2022. Valid for: 3 months.
This is the only time www.k-bettel.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 195.201.125.43 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.216.78.118 16509 (AMAZON-02)
4 116.202.214.170 24940 (HETZNER-AS)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 159.69.68.169 24940 (HETZNER-AS)
2 46.105.201.240 16276 (OVH)
1 158.69.248.123 16276 (OVH)
5 213.202.218.154 24961 (MYLOC-AS ...)
1 10 104.20.46.59 13335 (CLOUDFLAR...)
1 2 89.163.148.251 24961 (MYLOC-AS ...)
1 195.28.12.55 31400 (ACCELERAT...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a03:4000:30:... 197540 (NETCUP-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 161.156.47.58 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
78 20
16    195.201.125.43 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: k-bettel.hansespace.de
www.k-bettel.de
www.traffic-master.de
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    52.216.78.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    116.202.214.170 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.170.214.202.116.clients.your-server.de
ad.a-ads.com
static.a-ads.com
12    2606:4700:20::ac43:4b33 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bmcdn3.com
static.bmcdn3.com
media.bmcdn3.com
1    2606:4700:20::681a:89d (United States)

ASN13335 (CLOUDFLARENET, US)
faucetcrypto.com
1    159.69.68.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dserv01.lightningsoft.de
www.shimly.net
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    158.69.248.123 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns542881.ip-158-69-248.net
s4.histats.com
5    213.202.218.154 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: mail.lcmmedia.de
www.lcmmedia.de
10    104.20.46.59 (None, )

ASN13335 (CLOUDFLARENET, US)
l.adcocktail.com
bk.adcocktail.com
2    89.163.148.251 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: mail.croxy.de
www.croxy.de
1    195.28.12.55 (Germany)

ASN31400 (ACCELERATED-IT, DE)
PTR: static.klamm.de
static.klamm.de
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a03:4000:30:f0ad::16:2728 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
lesezirkel-onlinetexte.de
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    161.156.47.58 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 3a.2f.9ca1.ip4.static.sl-reverse.com
vg08.met.vgwort.de
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 k-bettel.de
www.k-bettel.de
47 KB
14 lesezirkel-onlinetexte.de
lesezirkel-onlinetexte.de
230 KB
12 bmcdn3.com
cdn.bmcdn3.com — Cisco Umbrella Rank: 125001
static.bmcdn3.com — Cisco Umbrella Rank: 175542
media.bmcdn3.com — Cisco Umbrella Rank: 227158
116 KB
10 adcocktail.com
l.adcocktail.com
bk.adcocktail.com
13 KB
5 lcmmedia.de
www.lcmmedia.de
3 KB
4 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 27095
static.a-ads.com — Cisco Umbrella Rank: 39748
1 MB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 16886
s4.histats.com — Cisco Umbrella Rank: 14147
12 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 294
fonts.googleapis.com — Cisco Umbrella Rank: 55
65 KB
2 gstatic.com
fonts.gstatic.com
38 KB
2 vgwort.de
vg08.met.vgwort.de — Cisco Umbrella Rank: 144210
725 B
2 croxy.de
www.croxy.de
869 B
2 amazonaws.com
s3.amazonaws.com
8 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
44 KB
1 klamm.de
static.klamm.de
17 KB
1 shimly.net
www.shimly.net
25 KB
1 faucetcrypto.com
faucetcrypto.com — Cisco Umbrella Rank: 574858
1 traffic-master.de
www.traffic-master.de
249 B
78 18
Domain Requested by
15 www.k-bettel.de www.k-bettel.de
14 lesezirkel-onlinetexte.de www.lcmmedia.de
lesezirkel-onlinetexte.de
8 l.adcocktail.com www.shimly.net
l.adcocktail.com
7 static.bmcdn3.com cdn.bmcdn3.com
static.bmcdn3.com
5 www.lcmmedia.de www.shimly.net
www.lcmmedia.de
4 cdn.bmcdn3.com www.k-bettel.de
cdn.bmcdn3.com
2 fonts.gstatic.com fonts.googleapis.com
2 vg08.met.vgwort.de 1 redirects lesezirkel-onlinetexte.de
2 bk.adcocktail.com 1 redirects l.adcocktail.com
2 www.croxy.de 1 redirects www.lcmmedia.de
2 static.a-ads.com ad.a-ads.com
2 s10.histats.com www.k-bettel.de
s10.histats.com
2 ad.a-ads.com www.k-bettel.de
2 s3.amazonaws.com www.k-bettel.de
s3.amazonaws.com
2 cdnjs.cloudflare.com www.k-bettel.de
2 ajax.googleapis.com www.k-bettel.de
www.shimly.net
1 media.bmcdn3.com cdn.bmcdn3.com
1 fonts.googleapis.com lesezirkel-onlinetexte.de
1 www.googletagmanager.com s3.amazonaws.com
1 static.klamm.de www.shimly.net
1 s4.histats.com s10.histats.com
1 www.shimly.net www.k-bettel.de
1 faucetcrypto.com www.k-bettel.de
1 www.traffic-master.de 1 redirects
78 24

This site contains links to these domains. Also see Links.

Domain
www.traffic-master.de
www.histats.com
Subject Issuer Validity Valid
k-bettel.de
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh
shimly.net
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh
histats.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
lcmmedia.de
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.adcocktail.com
Thawte RSA CA 2018		 2022-03-17 -
2023-04-17		 a year crt.sh
croxy.de
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
lesezirkel-onlinetexte.de
R3		 2022-04-14 -
2022-07-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Frame ID: 54D511F251DA22DE41DAD9A5FE6DFFCA
Requests: 29 HTTP requests in this frame

Frame: https://ad.a-ads.com/319556?size=468x60
Frame ID: 51A397B6B8F24D1AB01A4050B47DCF8A
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1663200?size=160x600
Frame ID: 68C97F1DD49446F1F99228E1B4C73F08
Requests: 3 HTTP requests in this frame

Frame: https://faucetcrypto.com/ref/744272
Frame ID: 33979F60B81050D83F33E7838EE5A4F4
Requests: 1 HTTP requests in this frame

Frame: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Frame ID: 990AA43ED29570A3AB9195764BA553C3
Requests: 13 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Frame ID: 38A8CDB6AE7BF11CBDEEC5FAE28DE4CA
Requests: 1 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD01NjM2JnNpZD04OCZ2MT1hOWQ4NGQxNDlkZjYzYjcwZTc4Y2JkMWExMzA4YWE4NDUxMjZlMjM4Y2YxNzU3NTA3MTQ5YTU1NTZkYTlkMmJiOGUxOTVlYjJmNzkwOTA1OTFiZmZhYjVmYjdjYzU1ZWZiNDQ3NDJlZTViZjc3NWU3M2NlYmJiYTZmMTU0ZjYyZSZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Frame ID: 889BEC8EDB2457C1692625FD2BF6B403
Requests: 2 HTTP requests in this frame

Frame: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Frame ID: BFF506F0F239649AEA5F1220C17242BF
Requests: 19 HTTP requests in this frame

Frame: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5636&sid=88
Frame ID: 99AE10F58FCC150DC8885AF546FF8E53
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=0318e6f3253fc5620ee78af2403daa1e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 7B9CF326F71EBEA7BCF327CE9C482EB4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

K-Bettel.de - Bettel dich reich!

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

78
Requests

96 %
HTTPS

42 %
IPv6

18
Domains

24
Subdomains

20
IPs

5
Countries

1722 kB
Transfer

2634 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.traffic-master.de/traffic.php HTTP 302
  • https://faucetcrypto.com/ref/744272
Request Chain 48
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzMwNzh8ODc5MTJ8MTk5OTE0fDE2NTQ5MTAxODY= HTTP 302
  • https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
Request Chain 52
  • https://www.croxy.de/goo.php?ip=aHR0cHM6Ly9sZXNlemlya2VsLW9ubGluZXRleHRlLmRlL2ZhZWhpZ2tlaXRlbi1lcmxhbmdlbi8/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1GYWVoaWdrZWl0ZW4uZXJsYW5nZW4mdXRtX3Rlcm09QW56aWVodW5nJnV0bV9jb250ZW50PWJhbm5lci1hZA== HTTP 301
  • https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Request Chain 64
  • https://vg08.met.vgwort.de/na/8a2ab3c267894ce7b7ea253e4fc2c8d7 HTTP 302
  • https://vg08.met.vgwort.de/blank.gif

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.k-bettel.de/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
f0b32fa73b3152c23e2331add686d39e47b7fff7a1b8a91222faf781a10e5f7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3653
Content-Type
text/html; charset=UTF-8
Date
Sat, 11 Jun 2022 01:16:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
main.css
www.k-bettel.de/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.k-bettel.de/css/main.css
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 11:15:05 GMT
Server
Apache
ETag
"1aa8-5a26107816040-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1361
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 14:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 14:00:09 GMT
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7613970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7Sri3zrv5xaQKbAiGwZQmnpjCsorzLbk8xL9jWAr169RSxxJsmtJTiKp%2ByW82YvMMTDPizKeFzKwb5Pi3Ikn8Ds9pSE3N6ruRk2dedppWTFc4F2egSe72msxRaP4peg1xtaduLG9gylrJ7vej8rmMj6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719680552e626907-FRA
expires
Thu, 01 Jun 2023 01:16:25 GMT
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1336917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1541
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtNBh9SCCcaYwDtDHe7yKMQB%2F02la0bcxcoWnzXWDmn3PSm%2BD%2FM1SbPGTHZnqC2oJ7DggFokcEG42jcltCgOkC90VknbgUmA3%2FrkTqNyE2b4%2FCMDJQUJNtuyiE%2FunuVad3N73%2FU0TqKN4MiPlXuNkMSI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719680552e606907-FRA
expires
Thu, 01 Jun 2023 01:16:25 GMT
script.js
s3.amazonaws.com/valao-cloud/cookie-hinweis/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.78.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:27 GMT
Last-Modified
Fri, 25 Nov 2016 10:04:09 GMT
Server
AmazonS3
x-amz-request-id
BNJFHYSKQPGECXDP
ETag
"9f90654a8f604d63de9dd294259e6eff"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
4605
x-amz-id-2
E9WPP4f9aC1tGRJZBozhMXJ48iWAIyZx4SEWbaTHFgVxU14zcx4TRPoOXfEeS99afjGjqnBL25Q=
319556
ad.a-ads.com/ Frame 51A3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/319556?size=468x60
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.214.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.170.214.202.116.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
ad863af60677589974a31817b3d85677262bc58efad28c5ac41185ae4af60449
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 11 Jun 2022 01:16:25 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
https://www.k-bettel.de/
X-Powered-By
Phusion Passenger(R)
X-XSS-Protection
1; mode=block
1663200
ad.a-ads.com/ Frame 68C9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1663200?size=160x600
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.214.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.170.214.202.116.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
c5ec95d86529b57eb448c1d48b3b677f9de30f107bda913b4a9634c0f12a32a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 11 Jun 2022 01:16:25 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
https://www.k-bettel.de/
X-Powered-By
Phusion Passenger(R)
X-XSS-Protection
1; mode=block
bg.png
www.k-bettel.de/images/ 		288 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/bg.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"120-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
288
header.png
www.k-bettel.de/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/header.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 25 May 2020 11:36:45 GMT
Server
Apache
ETag
"8d1b-5a67764bd4d40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
36123
topLoginBg.png
www.k-bettel.de/images/ 		704 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/topLoginBg.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"2c0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
704
topButton.png
www.k-bettel.de/images/ 		215 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/topButton.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"d7-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
215
mainBg.gif
www.k-bettel.de/images/ 		98 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/mainBg.gif
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"62-4ca767b64d500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
98
navTop.png
www.k-bettel.de/images/ 		208 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navTop.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"d0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
208
navMid.png
www.k-bettel.de/images/ 		192 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navMid.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"c0-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
192
navFoot.png
www.k-bettel.de/images/ 		236 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/navFoot.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"ec-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
236
623c55576a92bc002503d00b.js
cdn.bmcdn3.com/js/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/623c55576a92bc002503d00b.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92206a4963d95c25e0c5b16f336c17a3b3f0c29aedf66d90b4a1e3235a8a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Igv3%2B%2F9kuKeGC5CKHNiLHcsxg2ukGqrwUH6SK4cRub%2BkdjmpAKLiqaDGyi9ei9lSWiM%2BezyWINW5FN9Nl5FY7d8BUAKAs8fTH4ef%2FUw8DeQdr7sBZMeheMsSxnLB0RIcv6%2BS49R69DUaBqG1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800, public
cf-ray
719680560e045c1a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Sat, 11 Jun 2022 01:46:25 GMT
744272
faucetcrypto.com/ref/ Frame 3397
Redirect Chain
  • https://www.traffic-master.de/traffic.php
  • https://faucetcrypto.com/ref/744272
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://faucetcrypto.com/ref/744272
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:89d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
71968056eddb9a05-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piLQnd5DBQmncUdblebvaAxMiYCzrEKCNd3iCSIc0bmgQSRa%2BMv%2BpvvDAd6zN3luWloUZ1RBmjoPz%2FKLbRhWgklzpkg9w0FGGLc8FnkgWEWgSRxPROz%2B7gcRgABBUGqYt5%2BwQiS0gr9NWW6Q878%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding X-Inertia
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 11 Jun 2022 01:16:25 GMT
Keep-Alive
timeout=5, max=100
Location
https://faucetcrypto.com/ref/744272
Server
Apache
ptp-1-1675-30-48-sh
www.shimly.net/public/ Frame 990A 		65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shimly.net/public/ptp-1-1675-30-48-sh
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.68.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dserv01.lightningsoft.de
Software
nginx / PHP/7.3.33 PleskLin
Resource Hash
9b00bee4cd7d1f5f328be7bf4361cf05a9b1111b0f674a81b949fd082ae2883c

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
25674
content-type
text/html; charset=utf-8
date
Sat, 11 Jun 2022 01:16:25 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.33 PleskLin
pop.php
www.k-bettel.de/popup/ 		0
0
623c565afdbfc7001a590989.js
cdn.bmcdn3.com/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5b16455c8910658b073fa0a9e44333f799cca7acf6730fa39fe2e280cdc0a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2BhkQivW3DlCpbwIKph3PjPYkWoHmPLRvOuU1R5CkPUvJUU8dezsMvqVuTbmivfnmiJblWyK6XteggVIsFg8cuWnxzVqHeGCc3%2Bl%2FrRowCdohuzi%2FN7XtATAjdPt3CzQtYB2fpBHZVat7ve"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800, public
cf-ray
719680560e065c1a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Sat, 11 Jun 2022 01:46:25 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:14:33 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
864912323
contentTop.png
www.k-bettel.de/images/ 		237 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentTop.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"ed-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
237
contentMid.gif
www.k-bettel.de/images/ 		81 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentMid.gif
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"51-4ca767b64d500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
81
contentFoot.png
www.k-bettel.de/images/ 		101 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/contentFoot.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"65-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
101
countmid.png
www.k-bettel.de/images/ 		94 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/countmid.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"5e-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
94
footer.png
www.k-bettel.de/images/ 		467 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k-bettel.de/images/footer.png
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
k-bettel.hansespace.de
Software
Apache /
Resource Hash
1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:25 GMT
Last-Modified
Mon, 24 Sep 2012 18:08:52 GMT
Server
Apache
ETag
"1d3-4ca767b64d500"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
467
160x600
static.a-ads.com/a-ads-banners/393781/ Frame 68C9 		663 KB
664 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393781/160x600?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1663200?size=160x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.214.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.170.214.202.116.clients.your-server.de
Software
nginx /
Resource Hash
657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:26 GMT
Last-Modified
Tue, 31 May 2022 13:36:40 GMT
Server
nginx
x-amz-request-id
0S4KJJEN47HBEMMA
ETag
"be74ac110e715286295dca6083c0d2a7"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
679079
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
IqF_AcCFiT4rzay4H.z3QpoKMh_R2ZHV
x-amz-id-2
GnQkos9vVoJP1HlS3xLZGzdX897w5s/JYdUZ/Opm7DaYBK4SBRLkNpzQDRx7JNhzZC/HJoP/iPc=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
468x60
static.a-ads.com/a-ads-banners/393777/ Frame 51A3 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393777/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/319556?size=468x60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.214.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.170.214.202.116.clients.your-server.de
Software
nginx /
Resource Hash
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:26 GMT
Last-Modified
Tue, 31 May 2022 13:36:38 GMT
Server
nginx
x-amz-request-id
2TWSE1MMQDWKER3M
ETag
"9ecf8ce917854a0c481254a2d97e2ac6"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
438215
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
uLgJt0kG8h9_6Yb2PhHXE0X7UZZ61_vh
x-amz-id-2
Qh19VQ2tNEswfrm06GvTnpjOx2619iiF3PLWg1EiYbUbHnnvyHkLWXOIxGokNt3i3BIgq2YZ79c=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 68C9 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
4631295.php
s4.histats.com/stats/ 		96 B
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4631295.php?4631295&@f16&@g1&@h1&@i1&@j1654910185974&@k0&@l1&@mK-Bettel.de%20-%20Bettel%20dich%20reich!&@n0&@o1000&@q0&@r0&@s328&@ten-US&@u1600&@b1:67450554&@b3:1654910186&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.248.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns542881.ip-158-69-248.net
Software
/
Resource Hash
dc5643a3e030aa9dcb9a4f2ab4864343deca71e90f724d548ebaf6a6b3a2243a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:26 GMT
Connection
close
Content-Length
96
Content-Type
text/html;charset=UTF-8
truncated
/ Frame 51A3 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
ziel.php
www.lcmmedia.de/kamp/ Frame 38A8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
b418f0b2161487ea8de2b92eba1aedff91dbb288a8a069f2dd1ba112ecb9e9e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.shimly.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
807
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
truncated
/ Frame 990A 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 990A 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 11:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Jun 2023 11:25:25 GMT
lay.php
l.adcocktail.com/ Frame 990A 		262 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Jun 2022 01:16:26 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
71968056ee7f9bf5-FRA
content-length
174
expires
Wed, 11 Jan 1984 05:00:00 GMT
layer.css
l.adcocktail.com/ Frame 990A 		2 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/layer.css?id=2
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2018 13:34:28 GMT
server
cloudflare
etag
"684-565180dcd5f3b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
cf-ray
719680574edf9bf5-FRA
content-length
586
layerhead.js
l.adcocktail.com/ Frame 990A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/layerhead.js?id=2
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2018 09:26:46 GMT
server
cloudflare
etag
"d67-5651497f64282-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
cf-ray
719680574ee09bf5-FRA
content-length
1300
l_rota_v.php
l.adcocktail.com/ Frame 990A 		2 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee153f7e8938a47e1951cc1e61a508619e1f65c40420e670601c619e571f38ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Jun 2022 01:16:26 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
719680574ee19bf5-FRA
content-length
726
expires
Wed, 11 Jan 1984 05:00:00 GMT
frame_forced.php
www.lcmmedia.de/kamp/ Frame 889B 		373 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD01NjM2JnNpZD04OCZ2MT1hOWQ4NGQxNDlkZjYzYjcwZTc4Y2JkMWExMzA4YWE4NDUxMjZlMjM4Y2YxNzU3NTA3MTQ5YTU1NTZkYTlkMmJiOGUxOTVlYjJmNzkwOTA1OTFiZmZhYjVmYjdjYzU1ZWZiNDQ3NDJlZTViZjc3NWU3M2NlYmJiYTZmMTU0ZjYyZSZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
50d1e932dc4caea9eb055608f67604192ebf279677687dba9f9944e8bf83c273
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
327
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
go.php
www.croxy.de/ Frame BFF5 		951 B
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.croxy.de/go.php?id=5636&sid=aHR0cHM6Ly9sZXNlemlya2VsLW9ubGluZXRleHRlLmRlL2ZhZWhpZ2tlaXRlbi1lcmxhbmdlbi8/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1GYWVoaWdrZWl0ZW4uZXJsYW5nZW4mdXRtX3Rlcm09QW56aWVodW5nJnV0bV9jb250ZW50PWJhbm5lci1hZA==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.163.148.251 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.croxy.de
Software
nginx / PHP/7.3.20 PleskLin
Resource Hash
11e2c17557d5847409e6a47fcb281d6d23469ea29a9697447b1d7ca230583cab

Request headers

Referer
https://www.lcmmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
454
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
ms-author-via
DAV
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.20 PleskLin
kamp_m_lcm.php
www.lcmmedia.de/kamp/ Frame 99AE 		1 KB
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5636&sid=88
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
8b96296e29f5e301f0f4c8b7f22deddf43ab08f686a5c61720563ed3778c7f54
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
560
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
style.css
www.lcmmedia.de/kamp/ Frame 99AE 		486 B
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/style.css
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5636&sid=88
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PleskLin
Resource Hash
f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=5636&sid=88
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 16:02:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"1e6-5c3deb3e84805-gzip"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-accel-version
0.01
date
Sat, 11 Jun 2022 01:16:26 GMT
accept-ranges
bytes
content-length
255
bk_rota.php
bk.adcocktail.com/ Frame 990A 		279 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.adcocktail.com/bk_rota.php?format=468x60&uid=87912&wsid=199914
Requested by
Host: l.adcocktail.com
URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db667119da719f15ac26c2b074c6fe6deb83611562daa0879acaa96142296ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
71968057af519bf5-FRA
content-length
202
expires
Wed, 11 Jan 1984 05:00:00 GMT
adc_layer_logo.png
l.adcocktail.com/images/ Frame 990A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_logo.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:13 GMT
server
cloudflare
age
1606
etag
"1448-56502018ce55d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71968057af419bf5-FRA
content-length
5192
adc_layer_fav.png
l.adcocktail.com/images/ Frame 990A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_fav.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:13 GMT
server
cloudflare
age
1606
etag
"68b-56502018c397b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71968057af439bf5-FRA
content-length
1675
adc_layer_new.png
l.adcocktail.com/images/ Frame 990A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_new.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:14 GMT
server
cloudflare
age
2450
etag
"54c-56502018e6c02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71968057af449bf5-FRA
content-length
1356
adc_layer_stop.png
l.adcocktail.com/images/ Frame 990A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adcocktail.com/images/adc_layer_stop.png
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2018 11:16:14 GMT
server
cloudflare
age
2450
etag
"4ea-56502018f0844"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
71968057af459bf5-FRA
content-length
1258
frame_forced.php
www.lcmmedia.de/kamp/ Frame 889B 		32 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD01NjM2JnNpZD04OCZ2MT1hOWQ4NGQxNDlkZjYzYjcwZTc4Y2JkMWExMzA4YWE4NDUxMjZlMjM4Y2YxNzU3NTA3MTQ5YTU1NTZkYTlkMmJiOGUxOTVlYjJmNzkwOTA1OTFiZmZhYjVmYjdjYzU1ZWZiNDQ3NDJlZTViZjc3NWU3M2NlYmJiYTZmMTU0ZjYyZSZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.202.218.154 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
mail.lcmmedia.de
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer
https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD01NjM2JnNpZD04OCZ2MT1hOWQ4NGQxNDlkZjYzYjcwZTc4Y2JkMWExMzA4YWE4NDUxMjZlMjM4Y2YxNzU3NTA3MTQ5YTU1NTZkYTlkMmJiOGUxOTVlYjJmNzkwOTA1OTFiZmZhYjVmYjdjYzU1ZWZiNDQ3NDJlZTViZjc3NWU3M2NlYmJiYTZmMTU0ZjYyZSZ2Mj1wMnAmcmVmZXJlcj1odHRwczovL3d3dy5zaGltbHkubmV0Lw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
39
content-security-policy
upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin
klamm_468x60_rotate.gif
static.klamm.de/banner/o/468x60/ Frame 990A
Redirect Chain
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzMwNzh8ODc5MTJ8MTk5OTE0fDE2NTQ5MTAxODY=
  • https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
Requested by
Host: www.shimly.net
URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Protocol
H2
Server
195.28.12.55 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
static.klamm.de
Software
Apache /
Resource Hash
c0071c650aca2615e49b7534434933e32e3619b9631a4167dbc71ec5d7c1592a
Security Headers
Name Value
Strict-Transport-Security max-age=15555555

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shimly.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
last-modified
Sat, 10 Feb 2018 13:15:01 GMT
server
Apache
etag
"4132206250"
x-cache-status
MISS
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3024000
strict-transport-security
max-age=15555555
accept-ranges
bytes
content-length
17487
expires
Sat, 16 Jul 2022 01:16:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Jun 2022 01:16:26 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://static.klamm.de/banner/o/468x60/klamm_468x60_rotate.gif
note
CACHING IS DISABLED
cf-ray
7196805908c69bf5-FRA
content-length
20
expires
Wed, 11 Jan 1984 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVL985
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2db2efca5f7a00905538ce1360d0b8a436aa02107ae1af2bf80f9c71eddc07cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44541
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 11 Jun 2022 01:16:26 GMT
/
cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/ 		35 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=0318e6f3253fc5620ee78af2403daa1e
Requested by
Host: www.k-bettel.de
URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlypQhYVxDkhQAkEYKbQmyihvrMZA4iEbQ641LIdZfmFx65v6rdkjlQxt4awyyePtEu0NSjVV0JDN%2FboEZK21nJuro0zqwGSn03N5nCBJKPE8BFRsvMYdn0RBb0y5cz3jmAY6QrwSsq417D0"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cf-ray
71968059295c5c1a-FRA
content-length
35
cc_328.js
s10.histats.com/counters/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_328.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:08:38 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"853387749"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
7129
x-request-id
925041025
/
lesezirkel-onlinetexte.de/faehigkeiten-erlangen/ Frame BFF5
Redirect Chain
  • https://www.croxy.de/goo.php?ip=aHR0cHM6Ly9sZXNlemlya2VsLW9ubGluZXRleHRlLmRlL2ZhZWhpZ2tlaXRlbi1lcmxhbmdlbi8/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1GYWVoaWdrZWl0ZW4uZXJsY...
  • https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
192 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Requested by
Host: www.lcmmedia.de
URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=5636&sid=88&v1=a9d84d149df63b70e78cbd1a1308aa845126e238cf1757507149a5556da9d2bb8e195eb2f79090591bffab5fb7cc55efb44742ee5bf775e73cebbba6f154f62e&v2=p2p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
65050901f22c6a75ba7ae5124cb839c436cd7d71ea039069051dbbf453880840

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.croxy.de
Referer
https://www.croxy.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 11 Jun 2022 01:16:26 GMT
location
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
ms-author-via
DAV
server
nginx
x-powered-by
PHP/7.3.20 PleskLin
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
6iadc.css
lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/1ri9b495/ Frame BFF5 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/1ri9b495/6iadc.css
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
abbf1a6b5079f3fa3ff765946cbe9b9274931ebfa45cdfb21459b5ed0a71eaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Fri, 04 Mar 2022 09:39:34 GMT
server
nginx
etag
W/"6221de56-b952"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000
expires
max-age=A10368000, public
css
fonts.googleapis.com/ Frame BFF5 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla%3A300%2C%7CLibre+Baskerville%3A400&display=fallback&ver=3.7.10
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a50a3ed1db297a906435dff601ac62b3b96eefd186c5e3cda77e2fb6e7481e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Jun 2022 01:16:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 11 Jun 2022 01:16:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Jun 2022 01:16:26 GMT
17w5.css
lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/drcvpz51/ Frame BFF5 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/drcvpz51/17w5.css
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d5338f2ed1ee52d1502ce5a6f6666386b6bb60c2567ac2fe965a247b3acdd54a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Fri, 20 May 2022 00:40:45 GMT
server
nginx
etag
W/"6286e38d-1aa23"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000
expires
max-age=A10368000, public
6hqmp.css
lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/mp039atx/ Frame BFF5 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/cache/wpfc-minified/mp039atx/6hqmp.css
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a0b1554a525fc11caf3d1998e73b78cfc2ecbb3843c7481160f22a0826267e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 15:49:41 GMT
server
nginx
etag
W/"625eda15-cf57"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10368000
expires
max-age=A10368000, public
jquery.min.js
lesezirkel-onlinetexte.de/wp-includes/js/jquery/ Frame BFF5 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Mon, 27 Sep 2021 12:38:07 GMT
server
nginx
etag
W/"6151bb2f-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
jquery-migrate.min.js
lesezirkel-onlinetexte.de/wp-includes/js/jquery/ Frame BFF5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Mon, 27 Sep 2021 12:38:07 GMT
server
nginx
etag
W/"6151bb2f-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
cropped-Grau-Blumen-Modern-Einrichtungsgegenstaende-Logo-212x212.png
lesezirkel-onlinetexte.de/wp-content/uploads/2021/10/ Frame BFF5 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/uploads/2021/10/cropped-Grau-Blumen-Modern-Einrichtungsgegenstaende-Logo-212x212.png
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e74e221757e7a8f1814d43e1c2a970bfa0fe65c0d01ac2db07d45924a1bb459e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
last-modified
Fri, 06 May 2022 09:38:46 GMT
server
nginx
etag
"6274eca6-1057e"
content-type
image/png
cache-control
max-age=10368000
accept-ranges
bytes
content-length
66942
expires
max-age=A10368000, public
frontend.min.js
lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/js/minified/ Frame BFF5 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.10
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Thu, 21 Apr 2022 16:27:46 GMT
server
nginx
etag
W/"62618602-402c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
sassy-social-share-public.js
lesezirkel-onlinetexte.de/wp-content/plugins/sassy-social-share/public/js/ Frame BFF5 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.42
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 00:35:34 GMT
server
nginx
etag
W/"628c2856-1dbb3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
borlabs-cookie.min.js
lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/javascript/ Frame BFF5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/javascript/borlabs-cookie.min.js?ver=2.2.51
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 12:23:04 GMT
server
nginx
etag
W/"6299fd28-618b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10368000
expires
max-age=A10368000, public
blank.gif
vg08.met.vgwort.de/ Frame BFF5
Redirect Chain
  • https://vg08.met.vgwort.de/na/8a2ab3c267894ce7b7ea253e4fc2c8d7
  • https://vg08.met.vgwort.de/blank.gif
43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vg08.met.vgwort.de/blank.gif
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
HTTP/1.1
Server
161.156.47.58 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
3a.2f.9ca1.ip4.static.sl-reverse.com
Software
keen /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 11 Jun 2022 01:16:26 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
keen
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sat, 11 Jun 2022 01:16:26 GMT
Last-Modified
Sat, 11 Jun 2022 01:16:26 GMT
Server
keen
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html
Location
/blank.gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 22 Aug 2000 15:05:01 GMT
qkBIXvYC6trAT55ZBi1ueQVIjQTDppqaE0lK.woff2
fonts.gstatic.com/s/karla/v22/ Frame BFF5 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v22/qkBIXvYC6trAT55ZBi1ueQVIjQTDppqaE0lK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A300%2C%7CLibre+Baskerville%3A400&display=fallback&ver=3.7.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c251dff3ea42abeee2bbefeb368d59feeee0a858c861c5fd8df8eedba4c942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lesezirkel-onlinetexte.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:05:19 GMT
x-content-type-options
nosniff
age
285067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11412
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:27:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:05:19 GMT
default.png
lesezirkel-onlinetexte.de/wp-content/plugins/related-posts-thumbnails/img/ Frame BFF5 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/related-posts-thumbnails/img/default.png
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c6d7605e49f3024a18fbc5a4c5a020108d1b24c91f6fe467ec79548554dbbd9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
last-modified
Tue, 19 Apr 2022 15:49:03 GMT
server
nginx
etag
"625ed9ef-11e1"
content-type
image/png
cache-control
max-age=10368000
accept-ranges
bytes
content-length
4577
expires
max-age=A10368000, public
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame BFF5 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A300%2C%7CLibre+Baskerville%3A400&display=fallback&ver=3.7.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lesezirkel-onlinetexte.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:01:54 GMT
x-content-type-options
nosniff
age
285272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Jun 2023 18:01:54 GMT
astra.woff
lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/fonts/ Frame BFF5 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lesezirkel-onlinetexte.de/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Origin
https://lesezirkel-onlinetexte.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
last-modified
Thu, 21 Apr 2022 16:27:46 GMT
server
nginx
etag
"62618602-ce8"
content-type
font/woff
cache-control
max-age=0
accept-ranges
bytes
content-length
3304
expires
max-age=A10368000, public
borlabs-cookie-logo.svg
lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/ Frame BFF5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-logo.svg
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
2165e2c26c55abda30802c47b96c0299eed7de988ab2ef405b35036b4fbdeb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
last-modified
Fri, 03 Jun 2022 12:23:04 GMT
server
nginx
etag
"6299fd28-215a"
content-type
image/svg+xml
cache-control
max-age=10368000
accept-ranges
bytes
content-length
8538
expires
max-age=A10368000, public
borlabs-cookie-icon-black.svg
lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/ Frame BFF5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lesezirkel-onlinetexte.de/wp-content/plugins/borlabs-cookie/assets/images/borlabs-cookie-icon-black.svg
Requested by
Host: lesezirkel-onlinetexte.de
URL: https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:4000:30:f0ad::16:2728 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lesezirkel-onlinetexte.de/faehigkeiten-erlangen/?utm_source=google&utm_medium=organic&utm_campaign=Faehigkeiten.erlangen&utm_term=Anziehung&utm_content=banner-ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:26 GMT
last-modified
Fri, 03 Jun 2022 12:23:04 GMT
server
nginx
etag
"6299fd28-105e"
content-type
image/svg+xml
cache-control
max-age=10368000
accept-ranges
bytes
content-length
4190
expires
max-age=A10368000, public
/
cdn.bmcdn3.com/p/623c565afdbfc7001a590989/ Frame 7B9C 		1 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=0318e6f3253fc5620ee78af2403daa1e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2565adf0c7215da374d8739c3e93c9d70483280df9b558bbd06ee9468d102bfc

Request headers

Referer
https://www.k-bettel.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7196805bfb695c1a-FRA
content-encoding
br
content-type
text/html
date
Sat, 11 Jun 2022 01:16:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gab%2BWjOfigCytc9IMwdZQfR0vGWni%2Fo17TxGeO1u%2FH6mpJ%2BB2S98d89rF914AbsftxCOYzha32fA1zNo6wxU8wKkccA4BRzSzY9%2BuLAystduma7str4nS5N0RLP2QcsIJlND6p7JbddmwSlo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
post_load_info.js
static.bmcdn3.com/js/ Frame 7B9C 		706 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/js/post_load_info.js?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=0318e6f3253fc5620ee78af2403daa1e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b434054a6be065acfc38ab163590b92c370d560540a2a0ab518d10e289cd2dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7053
cf-polished
origSize=932
last-modified
Wed, 08 Sep 2021 10:16:41 GMT
server
cloudflare
etag
W/"61388d89-3a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IELPRoulXtn1NlxdEXimjkqlFdufNCJvPuw6ohjhvZSZmqMZJYFPgtlJMWHCFL8gnAn1Aqfri6QV0AdrqrAvSdf0siJRuENhEXMmonjRsaFxUYJ40xBdiI9Tt1M0qEEcF2iTEDu8PLTlLjPbzc%2Fg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
7196805cdc315c1a-FRA
cf-bgj
minify
basic.css
static.bmcdn3.com/css/ Frame 7B9C 		3 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=0318e6f3253fc5620ee78af2403daa1e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84dfd0883135e8d52e90873b82f56e58b094edeba836252fbead61f4f88c4be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4081
cf-polished
status=cannot_optimize
last-modified
Thu, 30 Sep 2021 08:48:04 GMT
server
cloudflare
etag
W/"615579c4-d7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i%2BFrTpCZh3djRMCHTRe7LJo7u9M4CgWm44zTbZKiU1qMRCPdfb2jCQuW9XxfClR0M7AGovi%2BwlIXABDjMAjoF3xVAOL1x2Hii%2BhhznWroJ7ETK1xP8E7hXplde%2BghikHoOENKM4qXYrOKsQ4ynA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7196805cdc2f5c1a-FRA
cf-bgj
minify
img.css
static.bmcdn3.com/css/ Frame 7B9C 		317 B
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bmcdn3.com/css/img.css?v=v1.25.4
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=0318e6f3253fc5620ee78af2403daa1e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d9174b2c70c32d1556f151d409daf5efb467a56abac707403beb8ff1e35a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3967
cf-polished
origSize=401
last-modified
Tue, 03 Nov 2020 15:55:58 GMT
server
cloudflare
etag
W/"5fa17d8e-191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jajfVJQn4cHL%2FPUtn3kf76o%2FCiVHrCfUAEgXY6NIWtQtwcyj0BYKiO4Rdmxk4Z8mK56pP8G6EuNF%2BNsXrijdpxADPNyxcfqwn%2FiOLIhgJ2d1bGTNXXxtvG7bXpOhM2bGJl8MxOjLgNBD1gNhx%2Fwv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7196805cdc305c1a-FRA
cf-bgj
minify
8ffcc890-d042-11ec-bd60-8dbe4508d3d849a151ef-7504-43c4-9c22-d014d897d7ce.png
media.bmcdn3.com/static/ Frame 7B9C 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bmcdn3.com/static/8ffcc890-d042-11ec-bd60-8dbe4508d3d849a151ef-7504-43c4-9c22-d014d897d7ce.png
Requested by
Host: cdn.bmcdn3.com
URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D778158%26tan%3D9391aea79caa2639568306c2de76f09b%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=c7a31f00a343e896f8c9b7d3c09a06d9&fidnoua=ab522cd10032f375d23076075f373cad&impid=0318e6f3253fc5620ee78af2403daa1e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sig=0x00000&blocksubid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46668b76331d1eac0e1f8e038c6aab2ad3137c3a2d2d9f08c4a4c04939fcc169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.bmcdn3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1107
cf-polished
origSize=80534
content-length
70324
last-modified
Tue, 10 May 2022 09:21:24 GMT
server
cloudflare
etag
"627a2e94-13a96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDCQuuVqDUAD8q%2FzM%2FsbjPD0LQ%2BSPqjxJjDwXyn2ZtQJQiguVM29foB3EFRYdWgW1Ouk7dWngzGll7A6%2BJ85dteQX4nJIL3HE6c%2BokUQGnr0RL02vKVQ5VOIUCvwcLmgDvlhdHIMDNf4wmvDA4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
7196805d1c675c1a-FRA
cf-bgj
imgq:100,h2pri
new_bm_logo_v2.svg
static.bmcdn3.com/img/ Frame 7B9C 		675 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/new_bm_logo_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Jan 2019 10:06:54 GMT
server
cloudflare
age
3956
etag
W/"5c4053be-2a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DTBfBdGjrcFMKY%2FFHIoKT%2B5%2FyRGAJgx1d9jBqAuaBqeQEAwY%2BZF62QIiZOqJ5lEJkLTyrzodQfXJT11MbvgJFwMKsFfvLxis8BSYtdRTASzdO%2BmOE1LcDfp%2Fv4M9T8eOOVYWZdav8zOI8Q6T42a"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7196805d0c5a5c1a-FRA
by_bm_v2.svg
static.bmcdn3.com/img/ Frame 7B9C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/by_bm_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:45:28 GMT
server
cloudflare
age
3633
etag
W/"5f883658-e03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XSwtHiPAEur3MD1OcGPLnmTv7JP%2F%2FZEs%2FyxYtpEHjJfjfh7yH8%2BW8J14k7SU%2FObx2nvqDJgdUsoUO5%2B9rzhWDq1bxCRfTtsAZEKJoac9X%2F6RIRTpYWoGJbvukfg6SyPdMbgKtvCI8OqWuGtGbHP"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7196805d0c5b5c1a-FRA
choice_v2.svg
static.bmcdn3.com/img/ Frame 7B9C 		351 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/choice_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:44:30 GMT
server
cloudflare
age
3912
etag
W/"5f88361e-15f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6vpK0rRxOox%2F5bOYR0zkwkhJ8h1gjjiYmWOfEQ0QOLWGnkqzhuW1h83Z%2F1NHuKvU0ALyte5yY6Ljj6CaZDG%2BK4Pi%2BPA57hMovwCJBUJQNyCLKDghcXpPcMDl1rCUYSUyQvs3zffD5Bwg9mgFHpI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7196805d0c5c5c1a-FRA
choices_v2.svg
static.bmcdn3.com/img/ Frame 7B9C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bmcdn3.com/img/choices_v2.svg
Requested by
Host: static.bmcdn3.com
URL: https://static.bmcdn3.com/css/basic.css?v=v1.25.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.bmcdn3.com/css/basic.css?v=v1.25.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 01:16:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 11:45:54 GMT
server
cloudflare
age
3956
etag
W/"5f883672-892"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzilgp%2BRu4uUotbHnUN9bUrOnFb5f7IjCzL8G9%2BBLTipihhDihWF%2FAxm%2BqyarbBgkhq3T6NIgdfkVFqvog0CPX%2BGwCe74V4Z5pzCZNfBkq4Ep5IvSt24sBcWviPiWjoDy135arra6lkGcVuB5DO1"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7196805d0c5e5c1a-FRA
dark-bottom.css
s3.amazonaws.com/valao-cloud/cookie-hinweis/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/dark-bottom.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.78.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.k-bettel.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sat, 11 Jun 2022 01:16:28 GMT
Last-Modified
Thu, 13 Jun 2019 19:15:46 GMT
Server
AmazonS3
x-amz-request-id
R8SNR5GCA9F28T6E
ETag
"5bf7ee25dfc531a650cadc3770723438"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3341
x-amz-id-2
kEYI5gDJaqse7J4GzYbU4uS0DWmhWXyruAOhI56wN7Q23FwGO+u4JL29+Yt1Nr0CpEp2Lc91vj4=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.k-bettel.de
URL
http://www.k-bettel.de/popup/pop.php

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery number| auto_refresh object| _Hasync object| cookieconsent_options function| chfh function| chfh2 string| _HST_cntval object| Histats function| Fingerprint2 number| c2 number| c1 object| bmblocks boolean| hasCookieConsent object| dataLayer object| _HistatsCounterGraphics_328_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_328 function| histats_canvascounters_base.js object| google_tag_manager boolean| changed function| update_cookieconsent_options string| token

9 Cookies

Domain/Path Name / Value
www.k-bettel.de/ Name: PHPSESSID
Value: ce19a713d1d4kh2a73olg3sk06
www.k-bettel.de/ Name: HstCfa4631295
Value: 1654910185974
www.k-bettel.de/ Name: HstCla4631295
Value: 1654910185974
www.k-bettel.de/ Name: HstCmu4631295
Value: 1654910185974
www.k-bettel.de/ Name: HstPn4631295
Value: 1
www.k-bettel.de/ Name: HstPt4631295
Value: 1
www.k-bettel.de/ Name: HstCnv4631295
Value: 1
www.k-bettel.de/ Name: HstCns4631295
Value: 1
www.k-bettel.de/ Name: bitmedia_fid
Value: eyJmaWQiOiJjN2EzMWYwMGEzNDNlODk2ZjhjOWI3ZDNjMDlhMDZkOSIsImZpZG5vdWEiOiJhYjUyMmNkMTAwMzJmMzc1ZDIzMDc2MDc1ZjM3M2NhZCJ9

4 Console Messages

Source Level URL
Text
security error URL: https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok' was loaded over HTTPS, but requested an insecure script 'http://www.k-bettel.de/popup/pop.php'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid=(Line 16)
Message:
Mixed Content: The page at 'https://www.k-bettel.de/index.php?content=/noreload&ref=778158&tan=9391aea79caa2639568306c2de76f09b&step2=ok' was loaded over HTTPS, but requested an insecure frame 'http://l.adcocktail.com/l_frame.php?uid=87912&kid=0&wid=0&wsid=199914'. This request has been blocked; the content must be served over HTTPS.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://faucetcrypto.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security warning URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh
Message:
Mixed Content: The page at 'https://www.shimly.net/public/ptp-1-1675-30-48-sh' was loaded over HTTPS, but requested an insecure element 'http://bk.adcocktail.com/bk_rota_v.php?tan=MzMwNzh8ODc5MTJ8MTk5OTE0fDE2NTQ5MTAxODY='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bk.adcocktail.com
cdn.bmcdn3.com
cdnjs.cloudflare.com
faucetcrypto.com
fonts.googleapis.com
fonts.gstatic.com
l.adcocktail.com
lesezirkel-onlinetexte.de
media.bmcdn3.com
s10.histats.com
s3.amazonaws.com
s4.histats.com
static.a-ads.com
static.bmcdn3.com
static.klamm.de
vg08.met.vgwort.de
www.croxy.de
www.googletagmanager.com
www.k-bettel.de
www.lcmmedia.de
www.shimly.net
www.traffic-master.de
www.k-bettel.de
104.20.46.59
116.202.214.170
158.69.248.123
159.69.68.169
161.156.47.58
195.201.125.43
195.28.12.55
213.202.218.154
2606:4700:20::681a:89d
2606:4700:20::ac43:4b33
2606:4700::6811:180e
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a03:4000:30:f0ad::16:2728
46.105.201.240
52.216.78.118
89.163.148.251
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06bc03e4f5a5277ac8d3d697b8dee3a3cfdf698b96a7ebe6d1027fe0e01ec199
1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90
112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4
11e2c17557d5847409e6a47fcb281d6d23469ea29a9697447b1d7ca230583cab
13709341c595645bf12fce15afd2d622beb3bfbc018d872d117432c87bf3f95b
1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979
2165e2c26c55abda30802c47b96c0299eed7de988ab2ef405b35036b4fbdeb6a
2565adf0c7215da374d8739c3e93c9d70483280df9b558bbd06ee9468d102bfc
27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449
2db2efca5f7a00905538ce1360d0b8a436aa02107ae1af2bf80f9c71eddc07cf
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a
31c251dff3ea42abeee2bbefeb368d59feeee0a858c861c5fd8df8eedba4c942
33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa
355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546
3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0
3afd8d9a88e2ca9e42c39ef288883e5cf12a0a9e7bb9b72ce60f176023e8f035
46668b76331d1eac0e1f8e038c6aab2ad3137c3a2d2d9f08c4a4c04939fcc169
4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47
50d1e932dc4caea9eb055608f67604192ebf279677687dba9f9944e8bf83c273
511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9
527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4
58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a
5ae45b129421c6a1cb3b964d2a419dd3fb45b1bd2e654dbcefab83aa61b137de
63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171
65050901f22c6a75ba7ae5124cb839c436cd7d71ea039069051dbbf453880840
657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69
6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac
7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171
84dfd0883135e8d52e90873b82f56e58b094edeba836252fbead61f4f88c4be8
85d9174b2c70c32d1556f151d409daf5efb467a56abac707403beb8ff1e35a28
8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0
8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e
8b96296e29f5e301f0f4c8b7f22deddf43ab08f686a5c61720563ed3778c7f54
8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525
92206a4963d95c25e0c5b16f336c17a3b3f0c29aedf66d90b4a1e3235a8a60f7
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
967af3993132271f062ec7da3ac3ed4290536b65bac071c7c30f7ae3ff83ac48
9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c
9a5b16455c8910658b073fa0a9e44333f799cca7acf6730fa39fe2e280cdc0a0
9b00bee4cd7d1f5f328be7bf4361cf05a9b1111b0f674a81b949fd082ae2883c
a0b1554a525fc11caf3d1998e73b78cfc2ecbb3843c7481160f22a0826267e3d
a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961
a50a3ed1db297a906435dff601ac62b3b96eefd186c5e3cda77e2fb6e7481e83
a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d
a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
abbf1a6b5079f3fa3ff765946cbe9b9274931ebfa45cdfb21459b5ed0a71eaa2
ad863af60677589974a31817b3d85677262bc58efad28c5ac41185ae4af60449
b418f0b2161487ea8de2b92eba1aedff91dbb288a8a069f2dd1ba112ecb9e9e9
b434054a6be065acfc38ab163590b92c370d560540a2a0ab518d10e289cd2dde
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c
c0071c650aca2615e49b7534434933e32e3619b9631a4167dbc71ec5d7c1592a
c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7
c5ec95d86529b57eb448c1d48b3b677f9de30f107bda913b4a9634c0f12a32a2
c6d7605e49f3024a18fbc5a4c5a020108d1b24c91f6fe467ec79548554dbbd9c
cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5338f2ed1ee52d1502ce5a6f6666386b6bb60c2567ac2fe965a247b3acdd54a
d5dad722ce42464ca6eeba6979cce9e699d33df3024b38282f34f104c123f6b9
db667119da719f15ac26c2b074c6fe6deb83611562daa0879acaa96142296ca7
dc5643a3e030aa9dcb9a4f2ab4864343deca71e90f724d548ebaf6a6b3a2243a
dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02
e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4
e74e221757e7a8f1814d43e1c2a970bfa0fe65c0d01ac2db07d45924a1bb459e
eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
ee153f7e8938a47e1951cc1e61a508619e1f65c40420e670601c619e571f38ff
f0b32fa73b3152c23e2331add686d39e47b7fff7a1b8a91222faf781a10e5f7f
f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d