cramkensderesse.gq Open in urlscan Pro
2606:4700:3033::ac43:acbf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://orerovspin.gq/okko
Effective URL:
https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Submission: On January 18 via manual (January 18th 2022, 3:42:21 pm UTC) from UA — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3033::ac43:acbf, located in United States and belongs to CLOUDFLARENET, US. The main domain is cramkensderesse.gq.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 16th 2021. Valid for: a year.

This is the only time cramkensderesse.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::6815:2fd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3033::ac43:acbf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 15	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
2	81.176.238.211 81.176.238.211	8342 (RTCOMM-AS) (RTCOMM-AS)
1	81.176.238.214 81.176.238.214	8342 (RTCOMM-AS) (RTCOMM-AS)
1	81.176.238.212 81.176.238.212	8342 (RTCOMM-AS) (RTCOMM-AS)
28	6

1 2606:4700:3031::6815:2fd4 (United States)

ASN13335 (CLOUDFLARENET, US)

orerovspin.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3033::ac43:acbf (United States)

ASN13335 (CLOUDFLARENET, US)

cramkensderesse.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.12.193 (Frankfurt am Main, Germany) 5 redirects

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.176.238.211 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

a.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.176.238.214 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

d.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.176.238.212 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: radikal.ru

b.radikal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	imgur.com 5 redirects i.imgur.com — Cisco Umbrella Rank: 5174	335 KB
13	cramkensderesse.gq cramkensderesse.gq	2 MB
4	radikal.ru a.radikal.ru — Cisco Umbrella Rank: 224866 d.radikal.ru — Cisco Umbrella Rank: 224606 b.radikal.ru — Cisco Umbrella Rank: 275954	166 KB
1	orerovspin.gq orerovspin.gq	824 B
28	4

	Domain	Requested by
15	i.imgur.com	5 redirects cramkensderesse.gq
13	cramkensderesse.gq	cramkensderesse.gq
2	a.radikal.ru	cramkensderesse.gq
1	b.radikal.ru	cramkensderesse.gq
1	d.radikal.ru	cramkensderesse.gq
1	orerovspin.gq
28	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-27` - `2022-12-26`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.radikal.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-28` - `2022-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Frame ID: E3ED6870986DED5E77E868E9619D1BCF
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🚗 «OKKO» - Заправся подарунками!

Page URL History Show full URLs

https://orerovspin.gq/okko Page URL
https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1 Page URL

Page Statistics

28
Requests

82 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

2745 kB
Transfer

3861 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://orerovspin.gq/okko Page URL
https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://i.imgur.com/9N3T7C0.png HTTP 302
https://i.imgur.com/removed.png

Request Chain 6

https://i.imgur.com/EmfVMyz.png HTTP 302
https://i.imgur.com/removed.png

Request Chain 7

https://i.imgur.com/heOLyBn.png HTTP 302
https://i.imgur.com/removed.png

Request Chain 12

https://i.imgur.com/PXmzu7A.png HTTP 302
https://i.imgur.com/removed.png

Request Chain 17

https://i.imgur.com/GkRfYdl.png HTTP 302
https://i.imgur.com/removed.png

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 okko Show response
orerovspin.gq/ 193 B
824 B 433ms
370ms Document
text/html 2606:4700:3031::6815:2fd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orerovspin.gq/okko
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2fd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00fc86d7093f2c26a3e23b5d4718639d22fe1abd36cd98fc0c3255a70c84e776

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 18 Jan 2022 15:42:15 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 18 Jan 2022 15:42:15 GMT
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIyOk4FTlochazLHgxn3YiKY1j%2FTWNzKwJ%2F0H9uhVYnC6J9056TnmOAa8aykfoZuoYDWeTW9ZROi2J2rcleWpbMfvPU8oTMano5hxajqOc4uy4o4hdjy8QkpueH6ag6wztLmx5yGKyK4Fz%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf8eea349f57162-DUS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request okko Show response
cramkensderesse.gq/ 7 KB
2 KB 333ms
193ms Document
text/html 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f78801bd5ee4a2756e035bf5e5a9a2ee40450851e18429e08441e593df865c65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://orerovspin.gq/

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Tue, 18 Jan 2022 15:42:16 GMT
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYu30mo8RokmmxCCYJY6pq5bkxZbv4o7TZXp9OeFbtpkMQf31FRfVNAFTXgb5lcV5wXBMnJ9kh43KVkAgM9vtv1XvFTT975Vd0ZD6%2FvpA2mTp1puRVVUWzAIA%2B9oWusJRtcaOTQfq8X2b47Vn9WJMTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cf8eea6ae608751-DUS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
cramkensderesse.gq/lander/okko/css/ 44 KB
8 KB 120ms
119ms Stylesheet
text/css 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea49d71e5a1322218fe6f61c2c6075843673e5f1f84a63bfe2b3bedf195c4bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-b0cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vf%2BpnHyvrPR37YszCWKTf3VgFTJxGOHvuSqyUsF%2B2N3Qa1Tww06wc5wqqbxrwYrwz4dtIAMEJej2iKBZHkHVxFmRY98P7orRGwwEuSAulL90CMlvwfmaYVDciG5RBzGd27OhfRtp480lYjdd7fg%2FkLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eea829de8751-DUS
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H2 200 JkLglxq.png
i.imgur.com/ 2 KB
2 KB 83ms
30ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/JkLglxq.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3914fdd60ffe465dcb6241d04fd8f14e04c85d0ae67e02be34b33573f08bc7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 264249
x-cache: HIT, HIT
content-length: 1656
x-served-by: cache-iad-kcgs7200112-IAD, cache-fra19183-FRA
last-modified: Tue, 11 Jan 2022 08:08:57 GMT
server: cat factory 1.0
x-timer: S1642520536.389450,VS0,VE1
etag: "fba838d15fb87b25a6fddff7dfef17f2"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 147

GET
H2 200 y4MBSuH.jpg
i.imgur.com/ 225 KB
225 KB 84ms
32ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/y4MBSuH.jpg

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ae489b6c71283e917cd7f898c1e3ea7236533a257955890358637217544ec6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 632144
x-cache: HIT, HIT
content-length: 230452
x-served-by: cache-iad-kcgs7200042-IAD, cache-fra19183-FRA
last-modified: Tue, 11 Jan 2022 08:06:32 GMT
server: cat factory 1.0
x-timer: S1642520536.389650,VS0,VE1
etag: "24cae3d7316b9fb3f7eed6c002f7cef4"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK 8d25e92a9727.png
a.radikal.ru/a34/2201/40/ 49 KB
49 KB 598ms
266ms Image
image/png 81.176.238.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.radikal.ru/a34/2201/40/8d25e92a9727.png
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: fadd44875f7263e82f1234563d15b8e55c1cdceec12cf33d31bcf0c040fca144

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 15:42:16 GMT
Last-Modified: Tue, 11 Jan 2022 08:01:31 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "bf58f72c16d81:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 50250

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/9N3T7C0.png
https://i.imgur.com/removed.png

503 B
663 B

94ms
94ms

Image
image/png

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 19668931
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5165-BWI, cache-fra19183-FRA
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1642520536.422282,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 105914

Redirect headers

date: Tue, 18 Jan 2022 15:42:16 GMT
server: cat factory 1.0
age: 262
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
x-cache-hits: 0, 7
x-cache: HIT, HIT
accept-ranges: bytes
x-timer: S1642520536.389711,VS0,VE0
access-control-allow-origin: *
content-length: 0
retry-after: 0
x-served-by: cache-iad-kiad7000098-IAD, cache-fra19183-FRA

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/EmfVMyz.png
https://i.imgur.com/removed.png

503 B
575 B

94ms
94ms

Image
image/png

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 19668931
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5165-BWI, cache-fra19183-FRA
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1642520536.422393,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 105915

Redirect headers

date: Tue, 18 Jan 2022 15:42:16 GMT
server: cat factory 1.0
age: 262
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
x-cache-hits: 0, 7
x-cache: HIT, HIT
accept-ranges: bytes
x-timer: S1642520536.389773,VS0,VE0
access-control-allow-origin: *
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100069-IAD, cache-fra19183-FRA

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/heOLyBn.png
https://i.imgur.com/removed.png

503 B
575 B

94ms
94ms

Image
image/png

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 19668931
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5165-BWI, cache-fra19183-FRA
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1642520536.423292,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 105916

Redirect headers

date: Tue, 18 Jan 2022 15:42:16 GMT
server: cat factory 1.0
age: 477
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
x-cache-hits: 0, 10
x-cache: HIT, HIT
accept-ranges: bytes
x-timer: S1642520536.389832,VS0,VE0
access-control-allow-origin: *
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100156-IAD, cache-fra19183-FRA

GET
H2 200 load-toy-1.svg
cramkensderesse.gq/lander/okko/img/ 2 KB
1 KB 75ms
73ms Image
image/svg+xml 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cramkensderesse.gq/lander/okko/img/load-toy-1.svg
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db8db67ce3520f5ef98e1333677132151d8fb847717c9ee97e9c18fa4c160b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-783"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pj5G8a%2FqIZ4upFd7rfuiFCS1faEVSeCweJoZtG78jTOSMPD5R3gwPCBTi5pQuKBbdL4ckwelCJXe0nECcFW9aG5bO2b%2FcziBr4m%2FTWTgkRXlgJ2QeozQaQ2dZs1hi%2FKPo0chiO6Cv0sfKRFxgn2UrbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eea829e88751-DUS
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H2 200 load-toy-2.svg
cramkensderesse.gq/lander/okko/img/ 4 KB
2 KB 183ms
182ms Image
image/svg+xml 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cramkensderesse.gq/lander/okko/img/load-toy-2.svg
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3ce5a3806d2bb9f972946a6eb20a32f213e14e1f7b39ccdaf2c32ef671efd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7pYPN8UhD0B62kDhKSQwy92K8ZQkcNkjTC7Iyoli9TDIBQPWkE4SOBDBH24iQ8Z8XrqWAazfwTSZy666mB%2BgxIPQBkujG5QqQX1x0KIGfanIpBSLnv2A2aVE5TBhkbQNPDHwtSPV8e93t%2FLuj%2FDiYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eea829ea8751-DUS
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H2 200 gift-header.svg
cramkensderesse.gq/lander/okko/img/ 1 MB
1 MB 183ms
182ms Image
image/svg+xml 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cramkensderesse.gq/lander/okko/img/gift-header.svg
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b782450a3dda898be7a90ee0974a71e1747c929e1770fdbf69d8f0e755cbf14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-156f5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xzcXra02lxBE%2BllAbq%2FZHY8mQo4hDRrBsRfCX5pWwsf3ePFN%2FQtJUeSyUvsDL%2BIIhxZObeR3PkyBh%2B3sA%2FA1ICbCN0hjWO3pZFuYxz7DeJHls5TUEhPYxsE3rzUQTYXUIzy30KFhNbYmfKMyFxIRXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eea829ec8751-DUS
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H2 200 gift-body.svg
cramkensderesse.gq/lander/okko/img/ 1 MB
1 MB 182ms
181ms Image
image/svg+xml 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cramkensderesse.gq/lander/okko/img/gift-body.svg
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13029b93dcaf1f07659970bd34aa31d3ba17079c9323c0eb2efc8b0a328fd031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-156f58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooadyHQ537EUkc41m0zthcbWQUgwhpZrU3GBluhTOboSKnFvlWiL89N9jm9vWHTWtBdQ3GInhileMLsNug1OKrUIDWfXPxUBnYTxaTai73b6pzlxmwzkOWbdpOYYCHG3qrvnlrhhTqRtmGBpHmsVB9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eea829ef8751-DUS
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/PXmzu7A.png
https://i.imgur.com/removed.png

503 B
575 B

94ms
94ms

Image
image/png

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 19668931
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5165-BWI, cache-fra19183-FRA
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1642520536.423175,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 105917

Redirect headers

date: Tue, 18 Jan 2022 15:42:16 GMT
server: cat factory 1.0
age: 250
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
x-cache-hits: 0, 7
x-cache: HIT, HIT
accept-ranges: bytes
x-timer: S1642520536.389854,VS0,VE0
access-control-allow-origin: *
content-length: 0
retry-after: 0
x-served-by: cache-iad-kcgs7200128-IAD, cache-fra19183-FRA

GET
H/1.1 200
OK 610da97ab1e9.png
d.radikal.ru/d06/2201/09/ 28 KB
28 KB 637ms
283ms Image
image/png 81.176.238.214
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.radikal.ru/d06/2201/09/610da97ab1e9.png
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.214 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 75fc1625e651db4aefc1ba5e6bc542725bc5caaf1bc88d5394deb4bfc3a9882c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 15:42:16 GMT
Last-Modified: Tue, 11 Jan 2022 08:01:26 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "4da9af6ec16d81:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 28573

GET
H/1.1 200
OK 48053cf11dc9.png
a.radikal.ru/a37/2201/ca/ 35 KB
35 KB 637ms
294ms Image
image/png 81.176.238.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.radikal.ru/a37/2201/ca/48053cf11dc9.png
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 09cd98079efb59eedd0d3571d329c6498556e60cd1eca43c48307e453f4cd1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 15:42:16 GMT
Last-Modified: Tue, 11 Jan 2022 08:01:27 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "76cd546fc16d81:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 35501

GET
H/1.1 200
OK 44dc99e25c70.png
b.radikal.ru/b05/2201/aa/ 53 KB
53 KB 610ms
275ms Image
image/png 81.176.238.212
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.radikal.ru/b05/2201/aa/44dc99e25c70.png
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 81.176.238.212 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: radikal.ru
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 7c458eece4ab2444be6164d06f9b225d00ffb68a011d369deba97b9a8b2fb11a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 15:42:16 GMT
Last-Modified: Tue, 11 Jan 2022 08:01:26 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "8d376fc16d81:0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 53904

GET
H2 200 QzTtotz.png
i.imgur.com/ 43 KB
43 KB 100ms
100ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/QzTtotz.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ab3a4fa839750cb5f5191751dd3d93ae9b8dc8c0c3128346bb7ad269a8dcf84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 2012843
x-cache: HIT, HIT
content-length: 44209
x-served-by: cache-iad-kiad7000115-IAD, cache-fra19183-FRA
last-modified: Sun, 26 Dec 2021 08:34:54 GMT
server: cat factory 1.0
x-timer: S1642520536.413065,VS0,VE1
etag: "698bb44f100721d713f4fcdf71884aea"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 199

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/GkRfYdl.png
https://i.imgur.com/removed.png

503 B
663 B

40ms
40ms

Image
image/png

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 19668931
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5165-BWI, cache-fra19183-FRA
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1642520537.509957,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 105918

Redirect headers

date: Tue, 18 Jan 2022 15:42:16 GMT
server: cat factory 1.0
age: 128
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
x-cache-hits: 0, 3
x-cache: HIT, HIT
accept-ranges: bytes
x-timer: S1642520536.414725,VS0,VE0
access-control-allow-origin: *
content-length: 0
retry-after: 0
x-served-by: cache-iad-kcgs7200116-IAD, cache-fra19183-FRA

GET
H2 200 scripts.min.js Show response
cramkensderesse.gq/lander/okko/js/ 564 KB
168 KB 130ms
128ms Script
application/javascript 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/lander/okko/js/scripts.min.js
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748b5a9cf5cd734c5a5d6ed09dbceb9e532abfc037250492f5eee4fe9bee9feb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/okko?_subid=13u8eb57v1v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-8cf25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16uVu2eEjE4T%2BI6xapOpzTUVHizbJaJw1e8f%2FA2pniNQstB7uYlLn%2F%2BJFEm0ivVLlvg1bIH%2FMaUkFOGp76hNASmLLq3DVu6dd047sB5fo8fUFya4f%2FW6g0zJLqtChrtAL9sv92%2FfUTsV4bm9wTzZWFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eea829e48751-DUS
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H2 200 qFcNtFV.png
i.imgur.com/ 6 KB
6 KB 76ms
75ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qFcNtFV.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1f8a7f411ce5ea1e7637b5e41495d4da72dbe5dd67c1168219f3db6429c81853

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 2873631
x-cache: HIT, HIT
content-length: 5888
x-served-by: cache-bwi5180-BWI, cache-fra19183-FRA
last-modified: Thu, 16 Dec 2021 09:28:26 GMT
server: cat factory 1.0
x-timer: S1642520536.465031,VS0,VE1
etag: "1897f8882f328507abb76471d57e5612"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 200

GET
H2 200 LXWTOma.png
i.imgur.com/ 54 KB
55 KB 75ms
74ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/LXWTOma.png

Requested by

Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

759564ac0ad2195c49989e99a278f8042011ef2997d2a8e1a7146c77f7303f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
x-content-type-options: nosniff
age: 2873650
x-cache: HIT, HIT
content-length: 55513
x-served-by: cache-bwi5167-BWI, cache-fra19183-FRA
last-modified: Thu, 16 Dec 2021 09:28:06 GMT
server: cat factory 1.0
x-timer: S1642520536.465190,VS0,VE0
etag: "1ff07be161b283933436b89178f11125"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 201

GET
H3 404 PhosphateRRSolid.ttf
cramkensderesse.gq/lander/okko/lander/lenta2/fonts/ 0
0 122ms
122ms Font
text/html 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/PhosphateRRSolid.ttf
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cramkensderesse.gq/lander/okko/css/style.min.css
Origin: https://cramkensderesse.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wADv6Q0ZGA2Z6WrCp3Gy8Dzf4vNfZUo9RQsm6lGjjfNv1wzdHaITihIVAjkUjhSdKEWLv5kgzj9Bh0n%2BIdkYyBUNYNoQUBhjdAzDyzO1nmLNICmsmI3TyMTAlv8ZH2NjNd%2FSxHMYc2BjROkv1sWePlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6cf8eea8f90c5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Inter-Black.ttf
cramkensderesse.gq/lander/okko/lander/lenta2/fonts/ 0
0 122ms
121ms Font
text/html 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/Inter-Black.ttf
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cramkensderesse.gq/lander/okko/css/style.min.css
Origin: https://cramkensderesse.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl3qwn55h9n69aenIfcu5AL%2FyrGyy%2FYh2gJIntolpdSe18Ybx8DUCcC9NXSYMWBr3H4Dbgsm08rB1ttkIQe5y%2BIJJrKs2CQ7%2B5Gi7lMnWidrb0VYYyPSrcYFq3vSStNDZyvtGsQZDzFb4zZyO1fCWmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6cf8eea8f9105a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Inter-Regular.ttf
cramkensderesse.gq/lander/okko/lander/lenta2/fonts/ 0
0 115ms
113ms Font
text/html 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/Inter-Regular.ttf
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cramkensderesse.gq/lander/okko/css/style.min.css
Origin: https://cramkensderesse.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zz0%2FSupAtbX9sQBAYtPeCeD0x8cp2%2FZHJLhq4f9vPIUrZHg4L%2FvRFsDDN4zmxltq0jX4RCIx0J69D8fPFAaE0AcapZ%2FNMe0qgc2ao1GqtXTWv2nl42qLGSctQvxQLOcrZOZre9FgTjyTN5Fkl%2Bd5Z0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6cf8eea8f9115a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Inter-Bold.ttf
cramkensderesse.gq/lander/okko/lander/lenta2/fonts/ 0
0 135ms
134ms Font
text/html 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/Inter-Bold.ttf
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cramkensderesse.gq/lander/okko/css/style.min.css
Origin: https://cramkensderesse.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yN2O%2BYpWWZjnMJdAouCLw8%2FswDmyUgrjrG%2BBKUw5VR8%2FcPgIcs9s%2Fmoxfia%2Fxuuoml7REBn9O35QR4iEjcxmKm9s7IBGpltxMUFP0vAd6YiFgG21wsWrC4M1YtFK8IksOUEtBZa2KQEl1cX1sbh4VY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6cf8eea8f9145a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ic-arrow-prev.svg
cramkensderesse.gq/lander/okko/img/ 238 B
762 B 159ms
158ms Image
image/svg+xml 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cramkensderesse.gq/lander/okko/img/ic-arrow-prev.svg
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 988567438dc594302c7850ea5b23c44add351ce25ba9852775f33479177548e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/lander/okko/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGb%2FPZ%2FvkKVPrYEDEgY4Jediew8rILLXh%2FKRNPQi7z%2BR6rC4KDCruOhB33rkM0Pas8lCbfZNk8Pvk2OJ2U0KhzAskIpZyLMd2J4vnxQIT8jd%2FFkwwWLz9ype9WFVZRVns62f9USQznX7rpUuxbZHjAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eeaaee665a19-MXP
expires: Fri, 28 Jan 2022 15:42:16 GMT

GET
H3 200 ic-arrow-next.svg
cramkensderesse.gq/lander/okko/img/ 206 B
747 B 151ms
150ms Image
image/svg+xml 2606:4700:3033::ac43:acbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cramkensderesse.gq/lander/okko/img/ic-arrow-next.svg
Requested by: Host: cramkensderesse.gq
URL: https://cramkensderesse.gq/lander/okko/css/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:acbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd1f2946b8ff8d42bfed45a7d38b12a0da12526c95151b83dd3110217026d706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cramkensderesse.gq/lander/okko/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 15:42:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 09:23:49 GMT
server: cloudflare
etag: W/"61dd4ca5-ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUCJQ0Zbcaqqo1UH8jrmS%2Bjn9GNP%2B%2Bxg4znGc6ZOxnVPlOZ3w9usViae0VkYf8Zyx4XyfqmgLPYdlEM7RyM%2F9dZq3CaFt%2FSowalprOqLrOIaCBghYDg4V6rpQumipfeI9gl1P9UJtgXcCoydNWfvYQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 6cf8eeaaee695a19-MXP
expires: Fri, 28 Jan 2022 15:42:16 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			orerovspin.gq/	1970-01-20 08:53:44	Name: linksgo Value: cramkensderesse.gq
			cramkensderesse.gq/	1970-01-20 08:53:44	Name: _subid Value: 13u8eb57v1v1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/Inter-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/PhosphateRRSolid.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/Inter-Black.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cramkensderesse.gq/lander/okko/lander/lenta2/fonts/Inter-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.radikal.ru
b.radikal.ru
cramkensderesse.gq
d.radikal.ru
i.imgur.com
orerovspin.gq
151.101.12.193
2606:4700:3031::6815:2fd4
2606:4700:3033::ac43:acbf
81.176.238.211
81.176.238.212
81.176.238.214
00fc86d7093f2c26a3e23b5d4718639d22fe1abd36cd98fc0c3255a70c84e776
09cd98079efb59eedd0d3571d329c6498556e60cd1eca43c48307e453f4cd1ac
13029b93dcaf1f07659970bd34aa31d3ba17079c9323c0eb2efc8b0a328fd031
1db8db67ce3520f5ef98e1333677132151d8fb847717c9ee97e9c18fa4c160b6
1f8a7f411ce5ea1e7637b5e41495d4da72dbe5dd67c1168219f3db6429c81853
3914fdd60ffe465dcb6241d04fd8f14e04c85d0ae67e02be34b33573f08bc7c8
6b782450a3dda898be7a90ee0974a71e1747c929e1770fdbf69d8f0e755cbf14
6ea49d71e5a1322218fe6f61c2c6075843673e5f1f84a63bfe2b3bedf195c4bf
748b5a9cf5cd734c5a5d6ed09dbceb9e532abfc037250492f5eee4fe9bee9feb
759564ac0ad2195c49989e99a278f8042011ef2997d2a8e1a7146c77f7303f01
75fc1625e651db4aefc1ba5e6bc542725bc5caaf1bc88d5394deb4bfc3a9882c
7c458eece4ab2444be6164d06f9b225d00ffb68a011d369deba97b9a8b2fb11a
988567438dc594302c7850ea5b23c44add351ce25ba9852775f33479177548e4
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9e3ce5a3806d2bb9f972946a6eb20a32f213e14e1f7b39ccdaf2c32ef671efd4
ab3a4fa839750cb5f5191751dd3d93ae9b8dc8c0c3128346bb7ad269a8dcf84b
ae489b6c71283e917cd7f898c1e3ea7236533a257955890358637217544ec6b3
f78801bd5ee4a2756e035bf5e5a9a2ee40450851e18429e08441e593df865c65
fadd44875f7263e82f1234563d15b8e55c1cdceec12cf33d31bcf0c040fca144
fd1f2946b8ff8d42bfed45a7d38b12a0da12526c95151b83dd3110217026d706

cramkensderesse.gq Open in urlscan Pro 2606:4700:3033::ac43:acbf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

28 Requests

82 %HTTPS

33 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

2745 kBTransfer

3861 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cramkensderesse.gq Open in urlscan Pro
2606:4700:3033::ac43:acbf Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

82 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

2745 kB
Transfer

3861 kB
Size

2
Cookies

28 HTTP transactions
0 data transactions