urlscan.io logo urlscan.io
SecurityTrails logo

krafmender.site Open in urlscan Pro
2606:4700:3031::6815:2302  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.note.reserved-effect.net/bb/781188567681034960
Effective URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Submission: On February 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3031::6815:2302, located in United States and belongs to CLOUDFLARENET, US. The main domain is krafmender.site.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.
This is the only time krafmender.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 5 45.145.177.130 42881 (BADGER-BV)
1 94.154.173.187 8100 (ASN-QUADR...)
33 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... ()
46 6
5    45.145.177.130 (United States)

ASN42881 (BADGER-BV, MD)
www.note.reserved-effect.net
1    94.154.173.187 (Hyattsville, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
atlilacstreet.com
33    2606:4700:3031::6815:2302 (United States)

ASN13335 (CLOUDFLARENET, US)
krafmender.site
5    2606:4700:3035::6815:5068 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com
event.trk-adulvion.com
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80b::200e (None, )

ASN- ()
www.google-analytics.com
Domain Requested by
33 krafmender.site atlilacstreet.com
krafmender.site
5 www.note.reserved-effect.net 1 redirects www.note.reserved-effect.net
4 event.trk-adulvion.com trk-adulvion.com
2 www.googletagmanager.com krafmender.site
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 trk-adulvion.com krafmender.site
1 atlilacstreet.com
46 7

This site contains no links.

Subject Issuer Validity Valid
atlilacstreet.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh
krafmender.site
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
trk-adulvion.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Frame ID: D16A673AEB1FFC65C344A71DD5F5D0D9
Requests: 42 HTTP requests in this frame

Frame: http://www.note.reserved-effect.net/bb/EmailBotTrnValidation.aspx?finalurl=A8D22EE39BD91F5F13716A654E368E32
Frame ID: B41D0BC8FDFC1FB7B0D42B2F0C64372E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Hardware Store - We Want Your Opinion!

Page URL History Show full URLs

  1. http://www.note.reserved-effect.net/bb/781188567681034960 Page URL
  2. http://www.note.reserved-effect.net/bb/decrypt2NEW.aspx?uid=781188567681034960 HTTP 302
    https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/3329... Page URL
  3. https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

91 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

1437 kB
Transfer

2585 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.note.reserved-effect.net/bb/781188567681034960 Page URL
  2. http://www.note.reserved-effect.net/bb/decrypt2NEW.aspx?uid=781188567681034960 HTTP 302
    https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/165450 Page URL
  3. https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.note.reserved-effect.net/bb/decrypt2NEW.aspx?uid=781188567681034960 HTTP 302
  • https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/165450

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
781188567681034960
www.note.reserved-effect.net/bb/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.note.reserved-effect.net/bb/781188567681034960
Protocol
HTTP/1.1
Server
45.145.177.130 , United States, ASN42881 (BADGER-BV, MD),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d49597acc89618d92a5f9657f701015ed6e9b1200899537f7522d6db41b15ddf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1601
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Feb 2024 22:24:48 GMT
Keep-Alive
timeout=5, max=100
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
loading.gif
www.note.reserved-effect.net/bb/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.note.reserved-effect.net/bb/loading.gif
Requested by
Host: www.note.reserved-effect.net
URL: http://www.note.reserved-effect.net/bb/781188567681034960
Protocol
HTTP/1.1
Server
45.145.177.130 , United States, ASN42881 (BADGER-BV, MD),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e1c9f4c66e06ad7aa169dc42e420abe6f097111e9d98cf35dfc162bb41ffffe1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.note.reserved-effect.net/bb/781188567681034960
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 22:24:48 GMT
Last-Modified
Wed, 24 May 2023 15:50:52 GMT
Server
Microsoft-IIS/10.0
ETag
"efcdca84578ed91:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1298
EmailBotTrnValidation.aspx
www.note.reserved-effect.net/bb/ Frame B41D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.note.reserved-effect.net/bb/EmailBotTrnValidation.aspx?finalurl=A8D22EE39BD91F5F13716A654E368E32
Requested by
Host: www.note.reserved-effect.net
URL: http://www.note.reserved-effect.net/bb/781188567681034960
Protocol
HTTP/1.1
Server
45.145.177.130 , United States, ASN42881 (BADGER-BV, MD),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d748b303896ac886728accc04250238881c94e97a25c42a71ca33219a899a30b

Request headers

Referer
http://www.note.reserved-effect.net/bb/781188567681034960
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1046
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Feb 2024 22:24:49 GMT
Keep-Alive
timeout=5, max=98
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
fpCollect.min.js
www.note.reserved-effect.net/bb/ Frame B41D 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.note.reserved-effect.net/bb/fpCollect.min.js
Requested by
Host: www.note.reserved-effect.net
URL: http://www.note.reserved-effect.net/bb/EmailBotTrnValidation.aspx?finalurl=A8D22EE39BD91F5F13716A654E368E32
Protocol
HTTP/1.1
Server
45.145.177.130 , United States, ASN42881 (BADGER-BV, MD),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf645d99dce675e8d4650db9ee051f19388e909f0368b1f392d8901f7dd3f394

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.note.reserved-effect.net/bb/EmailBotTrnValidation.aspx?finalurl=A8D22EE39BD91F5F13716A654E368E32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 22:24:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 May 2023 18:40:20 GMT
Server
Microsoft-IIS/10.0
ETag
"04213316f8ed91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3748
165450
atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/
Redirect Chain
  • http://www.note.reserved-effect.net/bb/decrypt2NEW.aspx?uid=781188567681034960
  • https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/165450
136 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/165450
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.154.173.187 Hyattsville, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://www.note.reserved-effect.net
Referer
http://www.note.reserved-effect.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
136
content-type
text/html; charset=UTF-8
date
Fri, 02 Feb 2024 22:24:50 GMT
server
Apache

Redirect headers

Cache-Control
private
Connection
Keep-Alive
Content-Length
2504
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Feb 2024 22:24:49 GMT
Keep-Alive
timeout=5, max=96
Location
https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/165450
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Primary Request /
krafmender.site/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Requested by
Host: atlilacstreet.com
URL: https://atlilacstreet.com/0/0/0/0839f01c0f3439c8699cc40388529130/FA777D824A550E27B0747B27943475FA/33299fff-7f4a-45c2-8d2c-2b4b2666ad27/165450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8f69802c89ce6116ac712efbcab52c1a39fa342f8c89c4a57d97ada568ea93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://atlilacstreet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84f5d8bbd97a4bd8-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Feb 2024 22:24:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBzQM08baDCKiDcxeoh3%2Ff3avJBDXm4H%2BgYYl4ngMNzDBHd3U%2B67S%2F%2BYKI%2FXRkLkBSbIqrKdSj9us%2FoXM0neryoqhwwZMO1tL%2BMPEym5rYDyO9VaQaQu%2BkKS86BatNhqJhtppGozLrE9NOKiSLs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
7f7d336892156341053afe8a812dc6f4
krafmender.site/ 		56 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/7f7d336892156341053afe8a812dc6f4?_ax=w
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16181f83c7320cf5d1f460d6260521f5d8492df56bbcf1d08b6cd8d07ba5000f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BN5mXKIzNaNGvBVVzdgTjGyCiYEGi93zmDZPfY2qCKbeex4b6FnD5rIuH8qkz%2BF4DtEbgl%2Ff7Ycp%2F%2Bj5jm3s1QfbtNDRcCBO%2BlM1mZQXQCtuh3%2BtV%2FWRWRbOpwME7XDw9WRadtY2a42CnXr3ns%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
84f5d8c05e5d4bd8-BUF
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
krafmender.site/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W71djbPkwcJ1IIi5RcJJxIwo3%2BsPphrRhY4w7ryHOtWUcJ5KasrOozaivOHtq7RoajdRTbEdpcXqfw8Pd1bVnQMHVt7BHUkLMU7GYe%2BP1SXI1zveNxmiFWYLRFpYl4SaPnWzahw839AdSk4xxI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c47b2d6aed-BUF
expires
Sun, 04 Feb 2024 01:40:01 GMT
all.min.css
krafmender.site/assets/vendors/fontawesome_pro/css/ 		496 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPIKo1pQ21%2Fzv1NCRw%2B9Hb6TB1aLc2uiCswR3BmEvL9OfY9ekPRZYEPQczVW6TjHc0cnd%2BnCgY7QUoWMgom4zj7oqlMTXtVzngzbncyX8fF5bAi%2Bx35g6%2F31mYvRX54CTf8pLIwdN6ou8BK3yiQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b316aed-BUF
expires
Sun, 04 Feb 2024 01:40:01 GMT
mont-heavy.otf
krafmender.site/assets/css/dublin/ 		134 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/css/dublin/mont-heavy.otf
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64bfcaf7d5071a48d3114cccc6ec7338038aaf59d52b76cd513fcd03702b153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
Origin
https://krafmender.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5838
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Sep 2023 14:38:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
font/otf
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2H0Z1H3G6sNIcR9x81Q3R%2F1duMz8D52UIIfRidNvHtnMv95JL5wyXbVbXoR6ZPceL2p1pCqhoOR1wOKFNZq%2FX5vUawrMAdgH0eRc9f5d8D91keML3SMsqOd35%2B4ZEgZrvYqgCnjzOeSwWM6oJg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
84f5d8c48b326aed-BUF
common-hybrid.css
krafmender.site/assets/css/dublin/dist/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/css/dublin/dist/common-hybrid.css?v=063375646516960725ca8a81b87a9113
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0ce941cb771df9b0cd16026975991ed4d55a93d7c81e62b6e3c218ad049001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 27 Dec 2023 15:11:29 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQf6t40LnCZk7eCjaQRCv%2BmTPeXlCrBlNMo7Ze3cFryeK4NN6och6zyPIzYyOJH3FhkQFRiv2Gl19w0khb%2BpkJOwdadfYmQFAipdl8YiVq8SwXvLzBwAHQ%2BaP%2FAQOwBnKr2%2BZTxyc5P2eQsM6ts%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b336aed-BUF
expires
Fri, 09 Feb 2024 22:24:52 GMT
msg.v3.js
krafmender.site/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/inc/msg.v3.js?65bd6bb3c830c
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LG8GenPJ%2F0GOiWFn%2FaJtz5Y9Uya7ePYQYp6nOBRLAERRbx8v36fBKBZRsCvV1e4ZAeky%2Fmcle%2F2pL%2B7uwgfeLjPPqrTmX%2BXrMwbd%2ByaQJdx8%2FlOa2bk1SUVms%2BY83oTkdiKCeyESvOQ3gjpvP9E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b346aed-BUF
expires
Fri, 09 Feb 2024 22:24:52 GMT
ace.png
krafmender.site/uploads/archive/company/106/images/ 		326 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/company/106/images/ace.png
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c5c2774b705f182008f9c29417147e4a7c1d1394d8ad53e867f514e2f45f82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
content-length
333908
x-xss-protection
1; mode=block
last-modified
Thu, 10 Mar 2022 18:55:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntp6J%2BKG9xYMU3vh0Lyio4UbLe87MXB6KPtkvJ2WXrK4Ax7Jp4yUhK%2BPrQ8ucek93O67lz3EzJFIi7v15kz%2BBfWr1GPJS7cB43fEgsCm8ptx4zF%2Fg5esQ5KU660DiCbxv%2BCeWB5Bq4TDoJ0VYtQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b356aed-BUF
expires
Sun, 04 Feb 2024 01:40:01 GMT
flag-us.png
krafmender.site/assets/images/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/flags/flag-us.png
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e34d082ccdc00408c7c4ddda543f1247f981ebc756c8458e2b6321d8a4d42a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
content-length
2692
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:39:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJUJx5uZyl0t7k5qM%2F3fvsmzo4pk690icuSnE5d4b1MbyDgrRNaHolbuRR2DHuMg5jIoXtbbsRpSMPRUoe%2FLeSGfoOHHFGmyWEP4%2BpPUb2VzOH0xXG%2BVYQJ%2FxxVo3lIcGm6QB%2FDytwyGWGk%2BqRI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b366aed-BUF
expires
Sun, 04 Feb 2024 01:40:01 GMT
toolbox.png
krafmender.site/uploads/archive/product/277/images/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/toolbox.png
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7ffacc110ca73f37ede5776ab0be33daf17348539460c92755c246a7988abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346232
alt-svc
h3=":443"; ma=86400
content-length
160501
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 11:59:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOFvYi8U7iBvTJh%2BzL0%2B%2ByLUwyatupmnKr5tFlQjmaJpOfCNilQBx1x%2F4BhDGzqnlA%2FnOx%2BH3GStkqS5K0rj8RknMiqa68ce6i9nZbo3T4o5ZdNPxAtfdZmS4ht7rAqx87B4MRCrtSIZkVNRnzY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b376aed-BUF
expires
Mon, 05 Feb 2024 22:14:19 GMT
STMT810312.jpg
krafmender.site/uploads/archive/product/277/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/STMT810312.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbeb5ee583c4e7c0c6e84af3576e9b49ff64af90c3dcd6e2ff72c16beb5b4ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175210
alt-svc
h3=":443"; ma=86400
content-length
23996
x-xss-protection
1; mode=block
last-modified
Sat, 28 Jan 2023 00:34:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IK6bxJ%2BIJnUqZlaELYLS5NS%2BLmfaBtTf5uVzwlhunB6JurckhVui1dRBrnsBANhz0HSnMvNnQBvpwYJmOMofGI0O292E0SDBa4Wq%2BSAQzbC5cOt92ztLLDM%2Fq61COyQpLRH50OQ2uttYtf%2B2as%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b386aed-BUF
expires
Wed, 07 Feb 2024 21:44:41 GMT
STMT810313.jpg
krafmender.site/uploads/archive/product/277/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/STMT810313.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35223d72e75414d86e3be28cfe5580587ab598b1ee70b4cee64eea745ea1358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346232
alt-svc
h3=":443"; ma=86400
content-length
41856
x-xss-protection
1; mode=block
last-modified
Sat, 28 Jan 2023 00:34:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwGps5orEvcCeSxomz7OIw4RzMMbar2ht4zjp%2Fu708KGfEy4SSY%2FQHrI4%2FWweIh5ma3N7J56Q8i4Ju9cLuCKxl9s6wu4L%2B5CcgNsxacIW6zB%2BNKRVES0gEmAUO0Qcr88QK6LtRjI%2B6k5CuSWrHI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b396aed-BUF
expires
Mon, 05 Feb 2024 22:14:19 GMT
st.jpg
krafmender.site/uploads/archive/product/277/images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/st.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f8c2c2c96c858ffc1cd5226d72f03825870cd5b3d2b9598e77ff7a38e6ec46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346232
alt-svc
h3=":443"; ma=86400
content-length
30882
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 11:59:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEXRu%2BMfsj1aHVXcs0VZUw3eNroCAERVoG8UPzrfBznpL9uCHJTBz%2FmHxf5hgUiDR5W2kRP1NzGdtBEnm3tq%2FSlv7gdzruuv3rexhJ0JBBK2GbPYfnTyoABW7zmIj2YA86ZJXEEPv9G5ikSDy4s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b3a6aed-BUF
expires
Mon, 05 Feb 2024 22:14:19 GMT
ci8.jpg
krafmender.site/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci8.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed9848c2d0a538c9fb3f7b45a7fd3c83e87f65567be58b19f016ffef7a8c64f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342115
alt-svc
h3=":443"; ma=86400
content-length
2040
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBsXle8hnc2Poz%2BzoZpxyI6%2F66qhRN4WndZWnEMB6R9jXgHAbDGsGbFTiio25G3DXgY3L5ftavbMJ%2F0Cbr8p1aeGEKyfRneTDh41ckl%2F7d3iihzs%2BYLYSARL%2FHWh7n%2BvgxW32OLLYug5p7Lsgec%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b3b6aed-BUF
expires
Mon, 05 Feb 2024 23:22:56 GMT
ci20.jpg
krafmender.site/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci20.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bfd00a1efec5d94e650f5c29012d1f9ee342ff658a6167746403214701bd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
content-length
1394
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJRoUMSKAjGYYjQGA0jJ6T7bQQoK9JeIJ5Zz6QoEFOrXjhNz8mcH%2FyRoX0e2FiMVa31XFTRJWQHuHlJji16L%2B8DVffMk%2BrX%2FwdbCA454w7ioHaZIPrrVaW1w8hIHybb%2BHAY5btQ%2BpVcDpAAVnSQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b3c6aed-BUF
expires
Sun, 04 Feb 2024 01:40:01 GMT
ci35.jpg
krafmender.site/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci35.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
89840
alt-svc
h3=":443"; ma=86400
content-length
2190
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQHU8SU0AYomb%2BF9wQBvnwYA90%2BS7Nv3oDoeufmBbWC01cArcbxil3H5p%2B5iq%2BqD%2F3gcjUpuRnVga7FfHYEQRhMMnx7prE3sGXLtPTNsQct2Ir2QELwNlpxpbULx855C3TS0lEzCiyyjZeZcECg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b3d6aed-BUF
expires
Thu, 08 Feb 2024 21:27:31 GMT
c2.jpg
krafmender.site/uploads/archive/product/277/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/c2.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3a14d9156f0aef818c0abc6782e9101632be41d5b488ca76bbee07f2c4f5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346232
alt-svc
h3=":443"; ma=86400
content-length
27192
x-xss-protection
1; mode=block
last-modified
Mon, 17 Apr 2023 20:24:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKHXaFtn%2F5MWUzuF6Zo%2BF8dMr07x8y90YAXhppmiLhvqQvrhRAVZjCfSnWwV0njRW5rChixbHdIUJXkAt0fDdHqBECChTsSpbDJgud85p%2FdLSRG7HMqZs4cO3ZBnaMhzBwmqOagbCzEi4uP9XTk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b3e6aed-BUF
expires
Mon, 05 Feb 2024 22:14:19 GMT
ci29.jpg
krafmender.site/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci29.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
169654
alt-svc
h3=":443"; ma=86400
content-length
1925
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAds2GJb4ldfxnUhU3BvndM8DfdKOpnr1itUXQ11S00CO1COwkgGkQLrZA1IVUoELzx8ahL5EUG9Hm%2FwLdACmLiCDZGDFF2ENLLRvPco1NsltM8x3QZqLis3fsILftEhV0TyS5ia4yv1Xght53Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b3f6aed-BUF
expires
Wed, 07 Feb 2024 23:17:17 GMT
c3.jpg
krafmender.site/uploads/archive/product/277/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/c3.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a791ed33fda06c8b1468d1a3b0c60696becd459329f94db2911d1fb0fb828ebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346232
alt-svc
h3=":443"; ma=86400
content-length
9892
x-xss-protection
1; mode=block
last-modified
Mon, 17 Apr 2023 20:24:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fs9DQubH3jGRR%2B7KAr3Cm7%2FJxsgpsIv9cvMJXhHxErWL9WSpH64ihfvyNSoMzcIGr%2FuVFmlXxbZwv%2B2uXvDEVB0KkDNWauj7pPIyzCKBeF7vU%2BpJuYlwECBMVRo5MNnnZJ2tewCy1L0APWRw6b4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b406aed-BUF
expires
Mon, 05 Feb 2024 22:14:19 GMT
ci3.jpg
krafmender.site/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci3.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b902eec0b1fdf27ccd39b06e13ea1c5cd1ca51d7eb721eff09817e6d821442ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265158
alt-svc
h3=":443"; ma=86400
content-length
1940
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj6E0DW854y4FDRNUkV15phXLe15vQ8IgNccCd0c2myFe5zdTKHiR47NmAODmmMOiqB6nQnG4HTmP3UWC0%2FElGpEZ5vblWSXI%2BoLn40xtCNN2iKoT0Ys1bOIJLCmTeZjrCHXvjOP0f1FW2nflGs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b416aed-BUF
expires
Tue, 06 Feb 2024 20:45:33 GMT
ci27.jpg
krafmender.site/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci27.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290781
alt-svc
h3=":443"; ma=86400
content-length
1941
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eitU%2F06tfg3j7aSnf6ryAAWNxPS16Y0rv6tI23H1UPQDgwr2YDPUI%2FSJ4A0uaQkBBjOqlfUx1MsFkPpJdac%2Ft3UU5ikVXLJY7Ziy3Zqv4CvlpV3coYSoaJeN18TcLLvneZmOHKyDX5vLyinrjNo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b426aed-BUF
expires
Tue, 06 Feb 2024 13:38:30 GMT
mm.jpg
krafmender.site/uploads/archive/product/277/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/uploads/archive/product/277/images/mm.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e01af573fc953ae7ddc2cacad3cd96c10ad30ebe43bd00eb269a339322c9fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
346232
alt-svc
h3=":443"; ma=86400
content-length
10928
x-xss-protection
1; mode=block
last-modified
Mon, 17 Apr 2023 20:24:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJHbXnoDBPl6ESevMFOdunXJfeXubXDmw8U844rhtSniwAdBCRbw1y49PZkXhEW6EdiEcyyHbJhg8Qd1tNHfLFcygWmh73%2BaLyb%2FJ3iP6461Pj1Jkqmf1WJtZRgxnFn9WcTMzP8pZLAhuYOl5EM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b436aed-BUF
expires
Mon, 05 Feb 2024 22:14:19 GMT
ci19.jpg
krafmender.site/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci19.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342115
alt-svc
h3=":443"; ma=86400
content-length
1964
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BJPEtqvW9MPEYz8I4jmwhbKdWnY3R2xgeTmxj4%2FC0xcFDI7a8kVzoDa5NcCpBdPUrThClLpTyazHpg7JaJaJVa4YXjeJ9E8hqJkBEBNf76EiJnmLqTJ8rtDGKD4Ycvy%2FvR6onPwgW3HpUF%2BdYQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b446aed-BUF
expires
Mon, 05 Feb 2024 23:22:56 GMT
ci15.jpg
krafmender.site/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/ci15.jpg
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2061
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:27:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEAg8ZRxNJLVn13x1LyhlWmppU4jd7C7YhqXkvNMSMl3yO1H0gQR1ZLiE9yVagJZZCz8YreXNry96ZdhOudxmN6bOhujX1aEH1HFU26wyPWrmLWxrJxtdPPySUnuB%2Fm8NjDhkPaQSM0VKgFeKo4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b466aed-BUF
expires
Fri, 09 Feb 2024 22:24:52 GMT
x.png
krafmender.site/assets/images/common/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krafmender.site/assets/images/common/x.png
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Thu, 25 Mar 2021 02:06:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSUE17a6gUJacMjiHH4T5kqZ3GLOInXCpt4X36NCi%2FCiHh31MdUTfXR2BcMunY5Nq8dzrA0Su8upiWHbCa%2B0ulVSLj9QBvz9QBZJqMoXk7kur2tAUyb05Sut4oPkxoghtpmpQh59P5hl1DXMkyU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c48b476aed-BUF
expires
Sun, 04 Feb 2024 01:40:02 GMT
email-decode.min.js
krafmender.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 18:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b94449-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBwLdMIr1Hyf%2FTg%2FyYPqU71X%2BznJNN%2FPFuy5pXf6hBX80z80cyVZ3O7tnyiZYeIuCz00uChynkucrhwVtDimWyVh3MmG9rZ8Jrwn0jWdQc%2FVUE%2FhmM47zxWIPAEqq9IZyRJjS9yPUMS1QqqLrGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84f5d8c48b486aed-BUF
expires
Sun, 04 Feb 2024 22:24:51 GMT
jquery-3.4.1.min.js
krafmender.site/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaTpHkWNBNLbJwUZLQpr0KqRSdcXxSiGXAh4qrXzmX4Woy5XORZ4xguQIPIJ%2BzZxwcxI1XOcEb68saQaFvh1zTPlOXafdl31TTcou46%2BAdHTlpkYyb2n5r7%2B4hbD0PuFkGDff69eBdOSPr0Nn7s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b496aed-BUF
expires
Sun, 04 Feb 2024 01:40:02 GMT
bootstrap.min.js
krafmender.site/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506689
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Fl3rl%2B5Q8Nhng10Ia9DjQIw8hrE0UIRIUpZBHbE%2FJcXmS8CK3DJu8aQ9l34d2N2F1C6rX5B5OiRzIJNfzEBkBeRkTyf2qoMNryn6wdmRWVkAILOu2%2BtHmqKLmEhuJiZ9WSvTp1QG8wP2JRH7es%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b4c6aed-BUF
expires
Sun, 04 Feb 2024 01:40:02 GMT
functions.js
krafmender.site/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/js/functions.js?v=063375646516960725ca8a81b87a9113
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ebfc0168a8c147fa15ef9d89fbbc16d7365d0c6d98dd49243924d62707d6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 14:18:07 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHRnC%2FSRHr0zoCN2cMKEXGSGuhxKlIlD8Y6iOypVz4mVN%2FBZsUqV2iA9eSk7oV3rvbQ1qJk%2Bo53lQyX3lRvF2%2BAzaHkTp8Hccu02OOCoNSeh5cPQbfOx%2FppxOQ%2BBniBZZ%2BTI01Sw0dD26LimH80%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b4d6aed-BUF
expires
Fri, 09 Feb 2024 22:24:52 GMT
intl_functions.js
krafmender.site/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/js/intl_functions.js?v=063375646516960725ca8a81b87a9113
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2e118a815e6de6042a2e004718938e3068ffdf3fca85010a37fcaaa72d49ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 20 Dec 2023 19:19:33 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXFJOfEgJdrsqm70HySzI4lFJrl%2F0KoHNUnKfd3kDI67D91xafouR5hYNVZmOno6geoH5%2BPj8riNM8ofZ12H%2FByfrOtYtW%2BQB%2FFWZf8Q%2FmtO3cqud3vwZUWZjzV4iCKKLkLqeqAzIcYoIB09hts%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b4e6aed-BUF
expires
Fri, 09 Feb 2024 22:24:52 GMT
common-hybrid.js
krafmender.site/assets/js/dublin/dist/ 		105 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/js/dublin/dist/common-hybrid.js?v=063375646516960725ca8a81b87a9113
Requested by
Host: krafmender.site
URL: https://krafmender.site/?s1=350932&s2=1135974035&s3=4413&s4=2451&s10=2213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cb1f1f43f6087fdbfa09495d162ae6af2da5a99d2a3a186a28a6c779839928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jan 2024 16:31:48 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iiXI0P15EcUb%2BQHqtLgg8SvUKhySJleYfEUOiEVeDw4Z3I%2Bo6BZFuIwaz88W4Aog%2Bt0W2aIXvwbFREOy0D%2BBopXXGGjgzNO%2B1FZrvHMI8BiBwsA23WRfI9q44CPK5VH2b1H0JshUjlEDoJaL48%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
84f5d8c48b4f6aed-BUF
expires
Fri, 09 Feb 2024 22:24:52 GMT
v9e118mez8
trk-adulvion.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: krafmender.site
URL: https://krafmender.site/inc/msg.v3.js?65bd6bb3c830c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a4a7e1e3b6806e9eb4b719dcdd56c7f3dec5c4991bc15b56193c7e99f719f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5007
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Feb 2024 21:01:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSb1yLkj4%2FNjnLW%2FtSZE0KjK2dT4zIEy2LZbUwMRWmVfZPqDR0%2Bm%2Bi60NMjd%2BScme9IU22d6Tbz9ItRYplSfLMKUhpepaHE82ETaQofbUJoKJYkqmlKYREXEcdEppXrZ8QY%2Bk0dSRWkk5ZFvsK%2Bi"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84f5d8c68c104bd2-BUF
expires
0
gtm.js
www.googletagmanager.com/ 		184 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Requested by
Host: krafmender.site
URL: https://krafmender.site/7f7d336892156341053afe8a812dc6f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a6624c201c7108c377a0992bdd05794c09f63be47cac7c82fce102b859ebd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66946
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Feb 2024 22:24:52 GMT
fa-solid-900.woff2
krafmender.site/assets/vendors/fontawesome_pro/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/assets/vendors/fontawesome_pro/webfonts/fa-solid-900.woff2
Requested by
Host: krafmender.site
URL: https://krafmender.site/assets/vendors/fontawesome_pro/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krafmender.site/assets/vendors/fontawesome_pro/css/all.min.css
Origin
https://krafmender.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
506690
alt-svc
h3=":443"; ma=86400
content-length
327824
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toYBb2VIEO3Adpjy%2F%2F5U4hl4I4q162enXQMhFCK8umOECgInCHKZnsUyrmJw6disRP0h0R4Gg8KD57TY7FMvReEaG%2F4n3BOyS0IN3CLEajYhXAr%2FGvpU92lNceBAOcq8SN8aK2GtzTXvwDKBEDQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84f5d8c61c526aed-BUF
expires
Sun, 04 Feb 2024 01:40:02 GMT
7f7d336892156341053afe8a812dc6f4
krafmender.site/ 		25 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
Requested by
Host: krafmender.site
URL: https://krafmender.site/inc/msg.v3.js?65bd6bb3c830c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2302 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krafmender.site/7f7d336892156341053afe8a812dc6f4
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu8w4fR7wz9qsIvNz0vOvdioKuIY7eaF6vpSI0L%2FllZEayJrGcYp7V9BDqO7HB30ut3ESmyfeYnCSVa4VGiuwl36mLC4Wn%2BV8XfQS7LK3fCFzvTqcyvFhdinijRddxLu%2FalJ0yKIeUtZSNPRM6Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
84f5d8c6cccf6aed-BUF
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ad4b3203792a745102c36324861534734661d2bcf8dc2ac1bd5e0cb9ee902fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:24:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 22:24:52 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=45je41v0v882458333z8849140141za200&_p=1706912692149&gcd=11l1l1l1l1&npa=0&dma=0&cid=92123076.1706912692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706912692&sct=1&seg=0&dl=https%3A%2F%2Fkrafmender.site%2F7f7d336892156341053afe8a812dc6f4&dr=https%3A%2F%2Fatlilacstreet.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Hardware%20Store%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2126
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krafmender.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 22:24:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krafmender.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krafmender.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 02 Feb 2024 22:24:52 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHSjW8ChiboSX4k0r8g4uVEadpxoVT1rNC%2FQ%2B6JsbP8U%2BkZtUjIrlMNpAVRwHsha092FmNwb2VmwLaL5XXgLXA1cSFEvImHIx2yS3sdn%2BPpT8m5LzxBJhQx8guibkZFDpjzPzPi0eqMEffoaKODBd3bgdcJ5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84f5d8c9fda14bcf-BUF
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://krafmender.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84f5d8c95cee4bcf-BUF
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Fri, 02 Feb 2024 22:24:52 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkl4bMYs5i4z1ChnoCrE7cyY4dPqaztegaRy3hhQz2utKY9n9zk9u3tpHrjuDv12LGg2pqMP3DRF1sDke1s6c5of0zNn4QK%2F9%2FZqWeUqGP89CkZyQhohTnPXgJad5ZIv%2FGzacfKIIDgdDXpPNCVRW%2FgCW16l"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krafmender.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 02 Feb 2024 22:24:52 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5umB%2B0tKZWzFdQKmoreTrQ3PVshSxZPmlYjfgWXVhbcxL1fGt0phDz%2F3bpNyW2WCTsbMuYOtOpzmwpe1DAlmaS8KkllxxzF%2B%2FORamEoQKRZXOwGpzwclCQkAXaEpkDdIe%2BhR18EXbWxZFpcHq5Lk3hba4GzF"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
84f5d8c9fda44bcf-BUF
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://krafmender.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84f5d8c95cec4bcf-BUF
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Fri, 02 Feb 2024 22:24:52 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2P4FUywoHp7IWgu2QGMhmoyuC3aLI66s5pm9EJ4xxcMlYNYwFeJrVXXyMH%2FxQ7iJlCZOIa%2FEiPYhgSIvUwOm1%2FfehuphV8Ve45s2FYEOps9o5sBx7r06bzObFQHKAToR7YgrewdwAJcvAn%2BNq5f2LEyR6YE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x4eba function| _0x3ccf function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| dataLayer function| $ function| jQuery object| bootstrap number| refresh_page function| datehax function| startTimer number| duration undefined| time undefined| refresh string| rightnow object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| FNP string| API_URL function| a0_0x308896 string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| a0_0x4d81 function| processQuestion function| nextQuestion function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder function| a0_0x23e2 function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl string| questiontx string| of function| putVarCommon function| count_p function| mfq_tags number| count_img number| time_img function| fadeInImgModal number| advEmail number| email_pixel string| prod_var string| pname_modal number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
www.note.reserved-effect.net/ Name: A8D22EE39BD91F5F13716A654E368E32co
Value: grace@posthastetravel.com&017&559658-209278-109304-64029-0-0&WWVlYWQrICBSZV1aXVJUZGVjVlZlH1RgXiAhICEgISAhKSQqVyEiVCFXJCUkKlQpJyoqVFQlISQpKSYjKiIkISA3MigoKDUpIyUyJiYhNiMoMyEoJSgzIygqJSQlKCY3MiAkJCMqKldXVx4oVyVSHiUmVCMeKVUjVB4jUyVTIycnJ1JVIyggIicmJSYh&33299fff-7f4a-45c2-8d2c-2b4b2666ad27&638424914889309753
www.note.reserved-effect.net/ Name: A8D22EE39BD91F5F13716A654E368E32
Value: true|false|false,false,false|false
atlilacstreet.com/ Name: uid4413
Value: 1135974035-20240202172450-51cd74691425c8c2de45052cead6d772-2451
krafmender.site/ Name: PHPSESSID
Value: 565c367d918fac92a2733953cf536fe8
.krafmender.site/ Name: _ga_JMJ044GLKX
Value: GS1.1.1706912692.1.0.1706912692.0.0.0
.krafmender.site/ Name: _ga
Value: GA1.1.92123076.1706912692

1 Console Messages

Source Level URL
Text
other error URL: https://krafmender.site/7f7d336892156341053afe8a812dc6f4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atlilacstreet.com
event.trk-adulvion.com
krafmender.site
trk-adulvion.com
www.google-analytics.com
www.googletagmanager.com
www.note.reserved-effect.net
2606:4700:3031::6815:2302
2606:4700:3035::6815:5068
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::2008
45.145.177.130
94.154.173.187
0e34d082ccdc00408c7c4ddda543f1247f981ebc756c8458e2b6321d8a4d42a9
16181f83c7320cf5d1f460d6260521f5d8492df56bbcf1d08b6cd8d07ba5000f
16cb1f1f43f6087fdbfa09495d162ae6af2da5a99d2a3a186a28a6c779839928
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a0ce941cb771df9b0cd16026975991ed4d55a93d7c81e62b6e3c218ad049001
2afec4b8ec5bcf8184f88649b4fae9e442750d3feadeddd6a7592c0f4b61af80
40a4a7e1e3b6806e9eb4b719dcdd56c7f3dec5c4991bc15b56193c7e99f719f8
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5a2e118a815e6de6042a2e004718938e3068ffdf3fca85010a37fcaaa72d49ae
5ad4b3203792a745102c36324861534734661d2bcf8dc2ac1bd5e0cb9ee902fe
6e01af573fc953ae7ddc2cacad3cd96c10ad30ebe43bd00eb269a339322c9fac
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
75ebfc0168a8c147fa15ef9d89fbbc16d7365d0c6d98dd49243924d62707d6f1
7a6624c201c7108c377a0992bdd05794c09f63be47cac7c82fce102b859ebd6c
7a8f69802c89ce6116ac712efbcab52c1a39fa342f8c89c4a57d97ada568ea93
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
a791ed33fda06c8b1468d1a3b0c60696becd459329f94db2911d1fb0fb828ebe
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
aed9848c2d0a538c9fb3f7b45a7fd3c83e87f65567be58b19f016ffef7a8c64f
b1bfd00a1efec5d94e650f5c29012d1f9ee342ff658a6167746403214701bd81
b35223d72e75414d86e3be28cfe5580587ab598b1ee70b4cee64eea745ea1358
b902eec0b1fdf27ccd39b06e13ea1c5cd1ca51d7eb721eff09817e6d821442ad
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bd7ffacc110ca73f37ede5776ab0be33daf17348539460c92755c246a7988abb
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
bf645d99dce675e8d4650db9ee051f19388e909f0368b1f392d8901f7dd3f394
cdbeb5ee583c4e7c0c6e84af3576e9b49ff64af90c3dcd6e2ff72c16beb5b4ba
d2f8c2c2c96c858ffc1cd5226d72f03825870cd5b3d2b9598e77ff7a38e6ec46
d49597acc89618d92a5f9657f701015ed6e9b1200899537f7522d6db41b15ddf
d748b303896ac886728accc04250238881c94e97a25c42a71ca33219a899a30b
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
dc3a14d9156f0aef818c0abc6782e9101632be41d5b488ca76bbee07f2c4f5f7
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e1c9f4c66e06ad7aa169dc42e420abe6f097111e9d98cf35dfc162bb41ffffe1
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64bfcaf7d5071a48d3114cccc6ec7338038aaf59d52b76cd513fcd03702b153
f4c5c2774b705f182008f9c29417147e4a7c1d1394d8ad53e867f514e2f45f82
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b