websort.site Open in urlscan Pro
2604:9a00:2010:a035:5::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://websort.site/?ref=1
Submission: On October 05 via api (October 5th 2023, 6:03:25 am UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 99 HTTP transactions. The main IP is 2604:9a00:2010:a035:5::1, located in Martinsburg, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is websort.site.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.

This is the only time websort.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2604:9a00:201... 2604:9a00:2010:a035:5::1	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3032::ac43:ddae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700:e2:... 2606:4700:e2::ac40:8309	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.57.162.10 69.57.162.10	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	162.0.235.250 162.0.235.250	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	67.223.118.72 67.223.118.72	22612 (NAMECHEAP...) (NAMECHEAP-NET)
12	136.243.4.18 136.243.4.18	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	198.91.81.11 198.91.81.11	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	2600:9000:223... 2600:9000:223f:5c00:1f:946:f000:21	16509 (AMAZON-02) (AMAZON-02)
2	2a0d:da00:a:4... 2a0d:da00:a:401c::	205072 (LAYERSHIFT) (LAYERSHIFT)
2	2a0d:da00:a:4... 2a0d:da00:a:4018::	205072 (LAYERSHIFT) (LAYERSHIFT)
19	2606:4700:e0:... 2606:4700:e0::ac40:6e1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
99	22

5 2604:9a00:2010:a035:5::1 (Martinsburg, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

websort.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ddae (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e2::ac40:8309 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.57.162.10 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium264-2.web-hosting.com

ayelads.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beycoin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.235.250 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium161-4.web-hosting.com

ayelads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.223.118.72 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium261-1.web-hosting.com

rapid-faucet.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.4.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.4.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.91.81.11 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: x11.x10hosting.com

linkx.ix.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thebrightlamps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:5c00:1f:946:f000:21 (United States)

ASN16509 (AMAZON-02, US)

d3u598arehftfk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0d:da00:a:401c:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

appsha-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0d:da00:a:4018:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

apps-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:e0::ac40:6e1c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bmcdn6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bmcdn6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bmcdn6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	bmcdn6.com cdn.bmcdn6.com — Cisco Umbrella Rank: 183105 static.bmcdn6.com — Cisco Umbrella Rank: 257403 media.bmcdn6.com — Cisco Umbrella Rank: 250496	307 KB
12	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 23932 static.a-ads.com — Cisco Umbrella Rank: 32505	860 KB
9	gstatic.com www.gstatic.com	1 MB
8	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3436 ka-f.fontawesome.com — Cisco Umbrella Rank: 7091	314 KB
7	beycoin.xyz 1 redirects beycoin.xyz — Cisco Umbrella Rank: 690295	702 KB
7	google.com www.google.com — Cisco Umbrella Rank: 11	71 KB
6	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 6049	28 KB
5	websort.site websort.site	80 KB
4	ctengine.io appsha-pnd.ctengine.io — Cisco Umbrella Rank: 187286 apps-pnd.ctengine.io — Cisco Umbrella Rank: 208069	4 KB
4	thebrightlamps.com thebrightlamps.com	2 KB
4	ix.tc linkx.ix.tc	4 KB
3	cloudfront.net d3u598arehftfk.cloudfront.net	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	238 KB
2	rapid-faucet.site rapid-faucet.site	18 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878 www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	79 KB
1	ayelads.com ayelads.com	704 B
1	ayelads.click ayelads.click	930 B
1	surfe.pro static.surfe.pro — Cisco Umbrella Rank: 316129	3 KB
99	19

	Domain	Requested by
15	cdn.bmcdn6.com	thebrightlamps.com cdn.bmcdn6.com
9	www.gstatic.com	www.google.com
7	beycoin.xyz	1 redirects websort.site beycoin.xyz
7	ka-f.fontawesome.com	kit.fontawesome.com websort.site
7	www.google.com	websort.site www.gstatic.com www.google.com
6	static.a-ads.com	ad.a-ads.com
6	ad.a-ads.com	ayelads.click thebrightlamps.com
6	widget.trustpilot.com	websort.site widget.trustpilot.com
5	websort.site	websort.site
4	thebrightlamps.com	linkx.ix.tc thebrightlamps.com
4	linkx.ix.tc	beycoin.xyz linkx.ix.tc
3	d3u598arehftfk.cloudfront.net	linkx.ix.tc thebrightlamps.com
3	www.googletagmanager.com	websort.site beycoin.xyz www.googletagmanager.com
2	media.bmcdn6.com	cdn.bmcdn6.com
2	static.bmcdn6.com	cdn.bmcdn6.com
2	apps-pnd.ctengine.io	appsha-pnd.ctengine.io
2	appsha-pnd.ctengine.io	linkx.ix.tc appsha-pnd.ctengine.io
2	rapid-faucet.site	ayelads.click rapid-faucet.site
2	cdn.jsdelivr.net	websort.site
1	www.google-analytics.com	beycoin.xyz
1	ayelads.com	ayelads.click
1	region1.google-analytics.com	www.googletagmanager.com
1	ayelads.click	websort.site
1	static.surfe.pro	websort.site
1	kit.fontawesome.com	websort.site
99	25

This site contains links to these domains. Also see Links.

Domain
t.me
faucetpay.io

Subject Issuer	Validity	Valid
*.websort.site R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
surfe.pro E1	`2023-09-29` - `2023-12-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
ayelads.click Sectigo RSA Domain Validation Secure Server CA	`2022-11-16` - `2023-11-16`	a year	crt.sh
beycoin.xyz GTS CA 1P5	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ayelads.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-23`	a year	crt.sh
rapid-faucet.site Sectigo RSA Domain Validation Secure Server CA	`2023-07-31` - `2024-07-31`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
linkx.ix.tc R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
thebrightlamps.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.ctengine.io Gandi Standard SSL CA 2	`2023-01-13` - `2024-01-13`	a year	crt.sh
bmcdn6.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://websort.site/?ref=1
Frame ID: A65044C7B29C6428FC092FB292FEC0B0
Requests: 21 HTTP requests in this frame

Frame: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90
Frame ID: 8BF98FE6CC1696532C1F29B2BBA7E123
Requests: 2 HTTP requests in this frame

Frame: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
Frame ID: A661468E6F8CB2F3FBA98A533E2F671A
Requests: 6 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb
Frame ID: 21769E72F12128DEEE7CA531DBC5C2FD
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=rg3u06w573pk
Frame ID: FCAB602BB532DB1FA16A5F255BF9ECB0
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=77vq8wpm785
Frame ID: 9A073519CEE377C4FDB5CD10BDCFB258
Requests: 4 HTTP requests in this frame

Frame: https://rapid-faucet.site/index1.php?tag=8bCpQz2&size=728x90
Frame ID: E6991F13474A8B5C129C22B9BE8B376D
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126707?size=728x90
Frame ID: D70F22C0D3514606135E4F7BFE225EE2
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126712?size=300x250
Frame ID: 1CA39AC45044788CB22AAA291DC8BF89
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126713?size=468x60
Frame ID: D1EB0A9DAC248BCFE614AE93262211F8
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126714?size=160x600
Frame ID: CAA972FEE6AB0A59ED92751543895D8A
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2126715?size=320x50
Frame ID: 8C4143E29AEB2E8804C5160B066B50DE
Requests: 3 HTTP requests in this frame

Frame: https://beycoin.xyz/allads.php
Frame ID: C6382C482AF6517A9435DFABF421DE94
Requests: 3 HTTP requests in this frame

Frame: https://beycoin.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 1A32DEDB55825B4749044C597EE7F6CB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu
Frame ID: FE5FD6ECF8647AA0299F3BC3517C10C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu
Frame ID: 9781C65276228F5332C7421EC33F2C87
Requests: 3 HTTP requests in this frame

Frame: https://thebrightlamps.com/4.html
Frame ID: 6F5DA35E790F3762798D4C36173ACD8E
Requests: 2 HTTP requests in this frame

Frame: https://d3u598arehftfk.cloudfront.net/prebid_hb_3083_5501.js
Frame ID: DBE22F7C14A2C3DF943B56649AE1A584
Requests: 2 HTTP requests in this frame

Frame: https://appsha-pnd.ctengine.io/js/script.js?wkey=CTIT6wBXR1
Frame ID: 176C9E4601D4ADE557CCBADCBBCAD8C2
Requests: 4 HTTP requests in this frame

Frame: https://thebrightlamps.com/2.html
Frame ID: 06F32B0BFC418EF185561B78E4450607
Requests: 1 HTTP requests in this frame

Frame: https://thebrightlamps.com/3.html
Frame ID: E143DF1E06F154A8DF0FE8BD8437BC29
Requests: 7 HTTP requests in this frame

Frame: https://thebrightlamps.com/1.html
Frame ID: 744208302A702E058606281F4EB8ACD2
Requests: 9 HTTP requests in this frame

Frame: https://ad.a-ads.com/2244182?size=300x250
Frame ID: A1A14205F0573E09AE276A3BDC0943C7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bmcdn6.com/p/64da33b5bcf8238e664bb4e5/?source=https%253A%252F%252Fthebrightlamps.com%252F2.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=1b980909-8f8e-42b3-9a4b-f5c356668c9b&sessionId=36593232-f357-45c8-9030-78d7eb55a099&pageViewUuid=b559caa0-0d75-4920-b9f6-ed203d9f83a7&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Frame ID: 2E643B458F3F3D4B208BCDCE5E22D1A4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.bmcdn6.com/p/64e8d142eeef798b56886b9b/?source=https%253A%252F%252Fthebrightlamps.com%252F4.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=d4a3b807-dbcc-4ff6-99f9-26d42eddc790&sessionId=4473c569-e4e0-4b2d-aa79-01b9716778d7&pageViewUuid=ddecc21d-6c67-435f-8f23-12c9235d8b2a&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Frame ID: 5557E91347EB842275B9B9B7A4D2FCFC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WEB SORT - PREMIUM LITECOIN FAUCET

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

99
Requests

99 %
HTTPS

71 %
IPv6

19
Domains

25
Subdomains

22
IPs

3
Countries

3765 kB
Transfer

6519 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/websort_faucet
Title: Telegram Group

Search URL Search Domain Scan URL

URL: https://faucetpay.io/?r=4529849
Title: MXEepxVQqPV2txV5xCCXUb9jvT3ThcHEy9

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://beycoin.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

99 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
websort.site/ 31 KB
10 KB 489ms
231ms Document
text/html 2604:9a00:2010:a035:5::1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:9a00:2010:a035:5::1 Martinsburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 38a888418ce22074f7ac0f5a57b644c07cd4f07f0a38d30807e314c163c12ba7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 9501
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 06:03:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/ 156 KB
25 KB 87ms
36ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css

Requested by

Host: websort.site
URL: https://websort.site/?ref=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12291
x-jsd-version: 4.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA, cache-yyz4567-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"26f1b-0wURD7eRE6lhOUtDPYUaNBA0K4w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtdsPh1A%2F5R2HsIRPetrb7URHbyHr9cmzCferII%2FfjpB2rxLtFtANLpUlyf9S4kXDS8Z%2F7adWNjWXqAqwFH%2FMne1pXOdBq00EDUBqkHsb9RAYf7h3y7WyLqcohwA0MQbu7UN627HSmgPIILXc6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811375fa2ea52c2e-FRA

GET
H2 200 d85e0c5c55.js Show response
kit.fontawesome.com/ 11 KB
5 KB 209ms
159ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/d85e0c5c55.js
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca602652996c4dd46bac439378d0c83815e9f6914d7d8893df7425a361897956

Request headers

Referer: https://websort.site/
Origin: https://websort.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 811375fa28585c74-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F4qOBbYSJdZfbh0U-Y5C

GET
H2 200 theme.css
websort.site/template/default/static/ 23 KB
5 KB 124ms
123ms Stylesheet
text/css 2604:9a00:2010:a035:5::1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://websort.site/template/default/static/theme.css?v=2.1.6
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:9a00:2010:a035:5::1 Martinsburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: b84d375a52e9a11d9ca9720252873a904384bdcbc9b8dba2c3677d278b8850da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/?ref=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 13:20:00 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4583
expires: Thu, 12 Oct 2023 06:03:20 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/combine/npm/jquery@3.4.1,npm/popper.js@1.16.0,npm/bootstrap@4.4.1/dist/js/ 166 KB
54 KB 88ms
38ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/jquery@3.4.1,npm/popper.js@1.16.0,npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: websort.site
URL: https://websort.site/?ref=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e0589c4787a8852d5a6b21fc4e9c0363ddcd552c9a1d6073b39f7824cd9c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19430730
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230107-FRA, cache-yyz4554-YYZ
server: cloudflare
etag: W/"2971a-YGlrr8A15LKZGhqHsrOuMrpy/xc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivvkc1dnMuYV25JZ6TfBdM%2F%2B9CiQLW6baboQn18xdLteW8H%2B1WqMvYljSG2tu6hsbFkD%2FObv0E2%2FaLUHAM%2FsnTe3VYadBiWLRZHrt6%2F%2Bnb0xKsot5p%2BdNFF4T4lJt%2F2H5vRK94D9%2Fjqn1TDpj1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811375fa2ea72c2e-FRA

GET
H2 200 countdown-timer.min.js Show response
websort.site/static/js/ 5 KB
2 KB 122ms
121ms Script
application/javascript 2604:9a00:2010:a035:5::1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://websort.site/static/js/countdown-timer.min.js
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:9a00:2010:a035:5::1 Martinsburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/?ref=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: gzip
last-modified: Sun, 25 Dec 2022 11:24:52 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2373
expires: Thu, 12 Oct 2023 06:03:20 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 89ms
25ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: websort.site
URL: https://websort.site/?ref=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 01:49:53 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 15208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6676
x-xss-protection: 1; mode=block
last-modified: Wed, 03 May 2023 13:48:29 GMT
server: AmazonS3
etag: "befec09eb386fc68a0869c8d1b529dd6"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: rOmt6UWvdsIsI5j1FbK0go2GZ2zWZk2ifiAp9dCGiMEd3l8H3uC8qg==

GET
H2 200 logo.png
websort.site/static/img/ 4 KB
5 KB 123ms
122ms Image
image/png 2604:9a00:2010:a035:5::1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://websort.site/static/img/logo.png
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:9a00:2010:a035:5::1 Martinsburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 77d6648306d2e681cb2c64d00ba665bf5d40fe5bde62a79590e4efedcbfc0565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/?ref=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
last-modified: Wed, 12 Jul 2023 15:19:44 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4555
expires: Thu, 12 Oct 2023 06:03:20 GMT

GET
H2 200 net.js Show response
static.surfe.pro/js/ 5 KB
3 KB 98ms
29ms Script
application/javascript 2606:4700:3032::ac43:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.surfe.pro/js/net.js

Requested by

Host: websort.site
URL: https://websort.site/?ref=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:ddae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ff068f75ab9c67ef582a75bc9117ebee2bc972450f961051b24858d2a975e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4230
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Jun 2023 08:54:51 GMT
server: cloudflare
etag: W/"6499525b-1223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H8x2K7X7KxzVcHB52ObXfVfIkModTJ8AR2LMByPUY%2BTFGjQT87dmnaQAkboyeoI0Lag65ngw1KWkF1iY%2BgW8hAO%2BFFDcCZw6qzmuqB1URw13Ojzs9S%2FEkrNjoVZQKsYy6RVeNw1GBnonfubwH4%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=(),geolocation=(self), camera=()
cf-ray: 811375fb09c44d8b-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: websort.site
URL: https://websort.site/?ref=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7667d41929dbee536024b3381aa9e72c4c711d03c5c75fdf227a0537483bbf99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 06:03:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 95ms
38ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T6VQNVWV7D

Requested by

Host: websort.site
URL: https://websort.site/?ref=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

770b1c8b52c11e3601bd26a87497244209d0c3d7d8597323201fb3198a759616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 06:03:20 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 114ms
44ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=d85e0c5c55
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d85e0c5c55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 163721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2zO7SnkJG5VKUP%2FBtmOISN3spkOP56K0NsbAu2NHyx6Fz8bZlHD9unZoI4ZcnNKThuGono2G9g%2Ff5IKicoYG91x9e1ehSdP7E%2BZSYwal0iWXtGRinPnqvye%2Bx%2F1HXQOURxjkfxnYX0QL%2FFRC6MIa78Tww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 811375fbbd8e039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YBSjSDf0P_mIp5jah3di7LCbyiAdd-YmHxckv7UlGCzZSD_efnuV1w==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 100ms
30ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=d85e0c5c55
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d85e0c5c55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 163721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP6DXAxOCq%2FnK8calCXLYRBTvkhchbW69ixufcCo2ewVcxwiKleAyPZ6l%2FogyU1wbwfE5%2FeqJ99wtJ1kQncJMqnayno2Oyvomq5Ua9vindRd%2FFehd0NUbrp3b92VdA0jaCjmkWzsm7g3Vx2fCwtDOczhMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 811375fbbd91039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Y5mt0O-jUAvu66RLkbsIOeJmis2pXoYo1_8RpeoJqgmG5byQ79Imow==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 823 B
721 B 102ms
32ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=d85e0c5c55
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d85e0c5c55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 163721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqOkGPjtZkV3Ryxcx%2FFHo%2BD9IM0rPgHck0FDgOKmL4diH9ncuNEwoTbfktLF3J3fMgtCLIiTG8alV65aYOHJ23hzZodMg2jz4fYfDXsb5ddvO%2F6kHCorlIwjnrAz5rqXUq1U7aSSTQyJBN4VO1qBZSh9AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 811375fbbd92039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: mw_WnJFjKiJPlBeqnuE-7HFmimmtJ-3pbLqpzB9yUchLjxbhdaZh7A==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 2 KB
1 KB 99ms
29ms Fetch
text/css 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=d85e0c5c55
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d85e0c5c55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 163721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUAedkxQCI%2B53vD%2Fuv0PQEr60V1grCQGCkukLjGeRkrG8vyYorWNPRtE1%2FNk8UXJhLWPjN3YevVBxfQWnOwOlqayZEJRG5bqQXwgqcRSBByDg9YHcbJFagVig5s9QAfH1Hk%2BuXOkxFb7UKbeP6HaQk0BmA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 811375fbbd93039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xNKCaIqjfEPdSN342crYYK9Hba57u0gfYyWGfWxDj93RjOpwwoehdg==

GET
H2 200 items.php Show response
ayelads.click/display/ Frame 8BF9 2 KB
930 B 603ms
181ms Document
text/html 69.57.162.10
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.57.162.10 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium264-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 96533c2166d3421ce6cdeef8e9d1c3ff7414ae53d94615af15f86cc80e62b882

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 616
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 06:03:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame A661 8 KB
3 KB 663ms
599ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3a99b62e73fc29f7f242b2f10c871ad19e57970587f17baa4c5025f0c8e0599a

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 811375fbc8299b71-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 06:03:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhSyjLxe6BIA6PQmIIhacOrUo%2BPGvbAhXY1V3hyXHdzEwtJIDsz%2B9uEz8LXJbzzAI81mPVeJjYqQ28f%2BhZVQ%2B%2Fpazh%2F%2FiecDXvW1iZAJPnpd3HvMFsP%2FUp3pu5Trk7M%2B8jRmzA6AsK%2FNkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 background.jpg
websort.site/template/default/static/images/ 59 KB
59 KB 122ms
121ms Image
image/jpeg 2604:9a00:2010:a035:5::1
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://websort.site/template/default/static/images/background.jpg
Requested by: Host: websort.site
URL: https://websort.site/template/default/static/theme.css?v=2.1.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2604:9a00:2010:a035:5::1 Martinsburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: cbaa8ea097e67b8df9108f6b71c061d843570094fd0685bdfbeafc483d360da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/template/default/static/theme.css?v=2.1.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
last-modified: Wed, 12 Jul 2023 12:57:48 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 60684
expires: Thu, 12 Oct 2023 06:03:20 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 2176 7 KB
2 KB 25ms
24ms Document
text/html 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

402179b88fa6e0b17851d64725ec39658d804bd6cc9b8ba227e27bd3b4cca459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9406
cache-control: max-age=86400
content-encoding: gzip
content-length: 2030
content-type: text/html
date: Thu, 05 Oct 2023 03:26:35 GMT
etag: "0bed8f219278d79878d48af3082f466e"
last-modified: Mon, 08 May 2023 11:47:08 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-id: AcgQZJ5ufvgV1g0GJyXwzjXrlX-Qx-vVOj7RfzgbhC0eJDXxsejPUw==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://websort.site/
Origin: https://websort.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 19:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 19:50:48 GMT

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 2176 55 KB
17 KB 27ms
27ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f193d706417bcf72a130968908edcd09a192c51f4b592114ea4697ee4dfe85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 03:18:56 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 9865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17380
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 11:47:10 GMT
server: AmazonS3
etag: "9708742d2d4498168c0fc01551f7c6f2"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: _aIOs0n8FkBXWzkkG2pVuJgHcZAx8gk2xteHqfm5yiEtTmrQNErUYg==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 147 KB
147 KB 39ms
38ms Font
font/woff2 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer: https://websort.site/
Origin: https://websort.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2948960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxDCdm50uK7o5YTzn2MuBDi0%2FjhIZAAGPpUDz3BEmTlh4B3WGkbk0ZrBeIcG7KEiHKL%2BlfhmMyrPR20gCvnlrdASaXdIAlLV16fbUi5OMlu7KtWSl65Uemmcph4945jDfXPfZGvx48TrMwfEpRd8Fpx7%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 811375fc1de5039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kQNa2r7-P7feSRLZ5yGx8M5Oq_f2pI0d7JtwGmoRODiwOca844h6Ew==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 24 KB
24 KB 28ms
28ms Font
font/woff2 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-regular-400.woff2
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fcf2a1cc0b01c13837cd5c8110ef9960ecdf7d45f37d2a4319b81eebd56db06

Request headers

Referer: https://websort.site/
Origin: https://websort.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 fbbaf051f1b6e237fbee09c998e075cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-P1
age: 2305731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 24464
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "e2b7a02eef2f9c93b609ba5831dc9b7f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCCadLlZ%2FIbbfQeeDrdpgGBN7NCLHWuPh3dSnokJX6yGPHgJIrjlTQqQrqxbP7s3VERIE8OSo%2BYnryX9R0KVJaTnIBlF1C4f7%2B1GKSbrCcK3BecX5OzpguJECXTWddOxRK%2F88lYF%2BfiFdHbwBE3fB3i0Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 811375fc1de8039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: bCGw8sO-sB9dTmmGR4a-QT1F_RqF_taBmLgVZkLQFYSmrSrtjvCSfg==

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 107 KB
108 KB 33ms
32ms Font
font/woff2 2606:4700:e2::ac40:8309
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-brands-400.woff2
Requested by: Host: websort.site
URL: https://websort.site/?ref=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75511c24c556201d2a91dace62fd5954c046dff99b94b49d5846ee3ec19543d0

Request headers

Referer: https://websort.site/
Origin: https://websort.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
age: 1182083
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "eadf228ec68267e3d8eaa01efc4a23f3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kKLTheyFpCQtyMtkMx7EXO27CrQZAG%2FvbZC2%2BPNdlXBs%2BK7gBln888Zte3jWDy7Hgxa5%2BorLN%2FcyM0wAWvRSiTWHERjoSIRx%2B6y6xX%2BF%2BVkqLzWPSdy7svh1%2BhCzcDx8pgVS%2Flm2FaE9MJIQo%2B%2BmWunGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 811375fc1de9039a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ofSGuGUhwM2wDgurQNN_hHpJVKDc9L-4rvCoSXVLV_XLe5U-mip20A==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 78ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T6VQNVWV7D&gtm=45je3a20&_p=1002826387&cid=1944073412.1696485800&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696485800&sct=1&seg=0&dl=https%3A%2F%2Fwebsort.site%2F%3Fref%3D1&dt=WEB%20SORT%20-%20PREMIUM%20LITECOIN%20FAUCET&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T6VQNVWV7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://websort.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:03:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://websort.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5419b6a8b0d04a076446a9ad Show response
widget.trustpilot.com/trustbox-data/ Frame 2176 1 KB
978 B 28ms
27ms XHR
application/json 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=65122e9b5db2de8eca89fffb&locale=en-US

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

4dbfeb49ca2c4e9bf0f0f7e600e25ae042cb463aa4a4dd29bdaa2bc9a08c9d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 06:03:20 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
age: 849
etag: "a860dd56f89029c4f644700d9db391dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: 2C4x6B9RS41JqPauqHpi1jDTuwVkAktPj3t2-8dPRIaSzYm2J7bpmg==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 2176 0
323 B 54ms
53ms XHR
text/plain 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=dark&minReviewCount=0&withoutReviewsPreferredStringId=1&styleAlignment=center&url=https%3A%2F%2Fwebsort.site%2F%3Fref%3D1&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.132%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=65122e9b5db2de8eca89fffb&widgetId=5419b6a8b0d04a076446a9ad

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:03:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: MV3fSxgzqbeYYKb7fdopklbazSGvFe5EjrJqAUMOUdl5pKRKVkKENQ==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame 2176 0
322 B 55ms
54ms XHR
text/plain 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=dark&minReviewCount=0&withoutReviewsPreferredStringId=1&styleAlignment=center&url=https%3A%2F%2Fwebsort.site%2F%3Fref%3D1&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.132%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=65122e9b5db2de8eca89fffb&widgetId=5419b6a8b0d04a076446a9ad

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=65122e9b5db2de8eca89fffb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:03:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: HpTbhJgFs5Z0JMOddWJqX3lO5lgsYrTK0bQsHb3tuzJEVcTA8g9dAQ==
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FCAB 59 KB
34 KB 48ms
47ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=rg3u06w573pk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

785401b0b09d6ab3503b34e8f73c06c0fd9a91a8dc148ab1fcd123ac00300388

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3HUxMObB9q5iS4vlchk_pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3HUxMObB9q5iS4vlchk_pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 06:03:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9A07 58 KB
33 KB 49ms
49ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=77vq8wpm785

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58d2cd4dff12c726eec16d19ab7fe6e82885c8580175e7b9e4d122d83bdf98ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z6JaaD18ZzRRvizXFm9TWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z6JaaD18ZzRRvizXFm9TWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 06:03:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame FCAB 55 KB
24 KB 72ms
23ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=rg3u06w573pk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 04:39:20 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame FCAB 466 KB
187 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 19:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 19:50:48 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 9A07 55 KB
24 KB 66ms
31ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 04:39:20 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 9A07 466 KB
187 KB 80ms
45ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 19:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 19:50:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FCAB 102 B
135 B 31ms
30ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=rg3u06w573pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 06:03:20 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9A07 102 B
135 B 31ms
31ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu&co=aHR0cHM6Ly93ZWJzb3J0LnNpdGU6NDQz&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=77vq8wpm785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 06:03:20 GMT

GET
H2 200 logo_ad1.png
ayelads.com/page/image/ Frame 8BF9 503 B
704 B 630ms
208ms Image
image/png 162.0.235.250
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ayelads.com/page/image/logo_ad1.png
Requested by: Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium161-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ayelads.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
last-modified: Fri, 27 Nov 2020 10:25:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 503
expires: Thu, 12 Oct 2023 06:03:21 GMT

GET
H2 200 index1.php Show response
rapid-faucet.site/ Frame E699 685 B
548 B 582ms
184ms Document
text/html 67.223.118.72
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rapid-faucet.site/index1.php?tag=8bCpQz2&size=728x90
Requested by: Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.223.118.72 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium261-1.web-hosting.com
Software: LiteSpeed / PHP/8.1.22
Resource Hash: 628f9530cfbc5c8c8516eb4627a4de6ade35acbc0c3e244a704906e308219582

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 379
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 06:03:21 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.22
x-turbo-charged-by: LiteSpeed

GET
H2 200 2126707 Show response
ad.a-ads.com/ Frame D70F 12 KB
5 KB 133ms
51ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126707?size=728x90

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

7295975031c881e32eff9b230d68eb695d3b23ac892d7ee193d025eaf44772aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 06:03:20 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126712 Show response
ad.a-ads.com/ Frame 1CA3 12 KB
5 KB 148ms
68ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126712?size=300x250

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

9f615d160150ee0ad8ec3d24afefb9f11d851331e56ea7147abe004f64968071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 06:03:20 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126713 Show response
ad.a-ads.com/ Frame D1EB 12 KB
5 KB 120ms
41ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126713?size=468x60

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

609fb623ac7aed76b97604d0bd50b7663d4e9863e2d5cf0b7bb94b2c8e583968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 06:03:20 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126714 Show response
ad.a-ads.com/ Frame CAA9 12 KB
5 KB 129ms
50ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126714?size=160x600

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

681ff2bbbaf918f433b48ee3c8b0e903c79fa75af8431a290a522f546e254ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 06:03:20 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2126715 Show response
ad.a-ads.com/ Frame 8C41 12 KB
5 KB 146ms
69ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2126715?size=320x50

Requested by

Host: ayelads.click
URL: https://ayelads.click/display/items.php?ad=8bCpQz2&s=1&h=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

6e5bba4cc6a78cfef533422a80f455c3fe44be425b9fd62f57c108d2a6ad8ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ayelads.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 06:03:20 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://ayelads.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A661 52 KB
21 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 05:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 07:49:42 GMT

GET
H2 200 b-2_728x90_lhjboaif.gif
beycoin.xyz/files/banners/ Frame A661 692 KB
693 KB 31ms
30ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/banners/b-2_728x90_lhjboaif.gif
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808adc74c8c2c7a45e2e6d5eed2e427723a4890732168915a15d37ac81bcb9a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243561
alt-svc: h3=":443"; ma=86400
content-length: 708571
last-modified: Mon, 08 May 2023 00:55:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yN36IoLZWT2N3qx7Tzddoan6ccbv7j3txwmPmuBAGPyjDsJW61VX3O%2FlyOtYkmGCpv7r0c4uaC9AWVs1n9v26eAtdLaBzPbupsb42u4hpYo8DgZgr2P6E7i%2Ba6%2BXbHMImqP8EBO7%2BzgNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 811375ff9b8d9b71-FRA
expires: Mon, 09 Oct 2023 05:18:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A661 185 KB
67 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ba09270c6fdc3ed20c9d799e16919aa55fb891bbca6f607e71b6dfd6a62c900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 06:03:20 GMT

GET
H2 200 allads.php Show response
beycoin.xyz/ Frame C638 354 B
469 B 211ms
211ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b4a1573e61fab53f08a7f3e88f085b74a4791476d21bba0f4b31a50e1f85e998

Request headers

Referer: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811375ffab979b71-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 06:03:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y90dkZWMmGqeZhq6SASUvJinU9OoeBhcWrrjDvEHU9KtDlFOn3J2FhBL1DgDa%2BQafFuALZTa%2Fgm708KV6P3b%2FclClKpqClyCa5eoI7ZL7n5HkbRVZlLttEFpHqqyV%2FWzvIh6xSIBndAcZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 ror.png
beycoin.xyz/files/logo/ Frame A661 645 B
995 B 41ms
41ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/logo/ror.png
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568e3768feba91a7ff887286c94fd678b82349af9a49d2012160b08dd1ace8e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=1&&ids=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269960
alt-svc: h3=":443"; ma=86400
content-length: 645
last-modified: Mon, 29 May 2023 19:30:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cj7ykZXi71IMoocjsAP05%2FfkC5FqUD8SCoEbzBwYuztWAPy%2FVz4iHhwdldNI%2FLoRn9i%2BmFysnaoGWE9RR4eEbX48%2FUNXggMcy9YUKHEeXWQ9gneX76XiJXw4s3efVVwOVgZPyk8i4OpwbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 811375ffab9b9b71-FRA
expires: Mon, 09 Oct 2023 02:58:57 GMT

GET
H3

200

main.js Show response
beycoin.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 1A32
Redirect Chain

https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://beycoin.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

31ms
30ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beycoin.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=10

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

305cfd6d3c23a7a9f2d1841c88eb1b28ac1e15749620e6a2f904f9601826af7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCZHMyfqvtk5P%2BdE3mF36tZKWyiqCqwTk9X2fvpstsV39FdYRjPp8is0whS9MV6BbuUSWN8wLmLH3qwJLF0mRorwwi62Dsr1FSMSh4adJZ3waVUxyfZgCLUA58eymiZFAlyhTRvPLmfzpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 811376001c6f68f8-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 05 Oct 2023 06:03:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XQhcETUQUq89R7iN1dqDy9HpTwPv%2Fj893h%2BWm2UsnctcgA%2F%2BfDIEKJLzS%2Fnd71EyXN%2FhiMjFtPNA6WuNHsjbbWaBOAKAKepMP99G%2BrE5YhnvU2sK0AU00bWoHRfUjLR%2FUPMVn7QzTbyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 811375ffbba79b71-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/117620/ Frame D1EB 156 KB
157 KB 37ms
26ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126713?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx /
Resource Hash: d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
x-amz-version-id: LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: VS4T0N7JB71SER66
etag: "d89cd17d5e22adfb5532615d116d84b8"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 160195
x-amz-id-2: wtJFU6skCbK4fB7nOJKj+EkfYpvjQijBmT6QTAN16Uk5dcEseZzy3QLmGH/wcDcwgyF+DhXylLk=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 160x600
static.a-ads.com/a-ads-banners/117616/ Frame CAA9 69 KB
69 KB 53ms
53ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117616/160x600?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126714?size=160x600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
x-amz-version-id: Vly2RmS64q4VblC2nRqz_g1rs.jq2Fic
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: 1GDHJ5SJ29FQ8ZQV
etag: "c848631aa56eb03b8cf56723624828e8"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 70430
x-amz-id-2: BZfqzTA733/uekeVwlVpScz8DOAvxlTm/vO+l9l6TiK/DVpSxiyWO6EFsq7ot62kmx+yx8nPmoY=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/117619/ Frame D70F 122 KB
123 KB 53ms
53ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126707?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
x-amz-version-id: 0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: CV8PPP98RGSTHM6Z
etag: "8df22bfbf1b66e4d461cc595236e19c5"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125388
x-amz-id-2: 1TZ/umBGhOWc8MYotKOmM38Vpp4nAhfQqBCXU8L4vx0l4Rrj36AbzNK8iJiAi9TMDyQw7pL+EnI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/117617/ Frame 1CA3 187 KB
187 KB 31ms
30ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126712?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
x-amz-version-id: 9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: B6CFFE237NV3E838
etag: "5896f969c3c0d5de143c2f56c20489d9"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 191448
x-amz-id-2: XjgzExM2buIwS0GbNn6UsLKG/S2OgM2No8X1OmBQi1yy7pglx55PDMLf3RQs8HAOfP9LyyTsPAI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 320x50
static.a-ads.com/a-ads-banners/117618/ Frame 8C41 106 KB
107 KB 30ms
30ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117618/320x50?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2126715?size=320x50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
x-amz-version-id: w4CWsbKlEWz_x7_SpmcYfVfQEmXT2wOu
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: 3N31PNWVXSSSD6HC
etag: "964435510a885dc83118d9345a439c3d"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 108594
x-amz-id-2: omVa2msIFWbqPjBexPIuBgbh7C+OuLBmjnh6VyPigNU+T7J+gyRbJdBe7GVRl9W/fA/2vr1tr58=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame FE5F 7 KB
1 KB 34ms
33ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9285b75776f2f445417b1386a2f4f7973f6e6185942a9d94e35ed0220accfef3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1GfJwHlk9ssC31zaSYcilQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1GfJwHlk9ssC31zaSYcilQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 06:03:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A661 223 KB
79 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4602f2db586780f1ed4ed91e1d9b96322bbdf638a971c85f587124c6356d5409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 06:03:21 GMT

GET
DATA 200
OK truncated
/ Frame D1EB 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CAA9 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D70F 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1CA3 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C41 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9781 7 KB
1 KB 38ms
37ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7ad0db07f363e69a0d545f2e75d26532885fbddf70db53cfee9216f0b56e0af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hrQ5DeCt0IhC2VRZu5jjsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://websort.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hrQ5DeCt0IhC2VRZu5jjsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 06:03:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame FE5F 55 KB
24 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 04:39:20 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame FE5F 466 KB
187 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 19:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 19:50:48 GMT

POST
H3 200 811375fbc8299b71 Show response
beycoin.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1A32 0
560 B 43ms
42ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/811375fbc8299b71
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIpNRhzS9SaMgacw4Qa6zxbey%2F69oQtenVzx%2Ficp%2Be0BkYeuiKEGJ4UavpyVV4jVPvMC%2BQUSAfWo5%2FF%2F0Kc3ZMjnIZfeAncU6mBBuMlrB%2FtOu0TPhpst1JG%2BNgbXkC2zudZrzXtPXDbIiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 811376017db868f8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 asyncjs.php Show response
linkx.ix.tc/www/delivery/ Frame C638 4 KB
2 KB 770ms
148ms Script
text/javascript 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://linkx.ix.tc/www/delivery/asyncjs.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed / PHP/7.4.16
Resource Hash: 4aa8434be85e0a5e726cbc3be7b9e7f4a217334cdf3e1cd6a6d3e1bc7d907494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:05:44 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.16
etag: 655d1a2a543e3ee7d101396b7f75cc9f
vary: Accept-Encoding,User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Thu, 05 Oct 2023 07:05:44 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1897

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 9781 55 KB
24 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 04:39:20 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 9781 466 KB
187 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Ldr8hknAAAAAIu6r8mtOrldQbPYW1LvtpESwmMu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 19:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 19:50:48 GMT

GET
H2 200 728x90.png
rapid-faucet.site/banners/2/ Frame E699 17 KB
18 KB 359ms
359ms Image
image/png 67.223.118.72
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rapid-faucet.site/banners/2/728x90.png
Requested by: Host: rapid-faucet.site
URL: https://rapid-faucet.site/index1.php?tag=8bCpQz2&size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.223.118.72 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium261-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 49fe4fdf2dc5f6f5fbdb10b227baae98577545b9f2f82c047b647bd88efd089e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rapid-faucet.site/index1.php?tag=8bCpQz2&size=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:21 GMT
last-modified: Thu, 07 Sep 2023 18:11:41 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17897
expires: Thu, 12 Oct 2023 06:03:21 GMT

GET
H2 200 asyncspc.php Show response
linkx.ix.tc/www/delivery/ Frame C638 2 KB
2 KB 152ms
152ms XHR
application/json 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://linkx.ix.tc/www/delivery/asyncspc.php?zones=20%7C14&prefix=revive-0-&loc=https%3A%2F%2Fbeycoin.xyz%2Fallads.php&referer=https%3A%2F%2Fbeycoin.xyz%2Fbits-ads.php%3Ftype%3D1%26%26ids%3D10
Requested by: Host: linkx.ix.tc
URL: https://linkx.ix.tc/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed / PHP/7.4.16
Resource Hash: 7725580c9dc412e32c173e8059b9f31be09bd75749cd40a2f9b5b64efaca63e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:05:44 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.16
vary: User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: application/json
access-control-allow-origin: https://beycoin.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 4.html Show response
thebrightlamps.com/ Frame 6F5D 1 KB
806 B 718ms
125ms Document
text/html 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://thebrightlamps.com/4.html
Requested by: Host: linkx.ix.tc
URL: https://linkx.ix.tc/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed /
Resource Hash: 9a6f9e1bd4b056332615cccc75cb365f3b8450316d530ca81edb09e55e672802

Request headers

Referer: https://beycoin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 504
content-type: text/html
date: Thu, 05 Oct 2023 06:05:45 GMT
etag: "4a4-64e91600-c5f0078a8d9ef4bc;br"
last-modified: Fri, 25 Aug 2023 20:58:40 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding

GET
H2 200 prebid_hb_3083_5501.js Show response
d3u598arehftfk.cloudfront.net/ Frame DBE2 0
371 B 113ms
22ms Script
application/javascript 2600:9000:223f:5c00:1f:946:f000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3083_5501.js
Requested by: Host: linkx.ix.tc
URL: https://linkx.ix.tc/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 14:25:24 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:22:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2648279
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 0
x-amz-cf-id: UESh3rVnsBNZuJtGxZ4o-MgPss_az_bpZFbScloLdo3driicgzW0Ew==

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 176C 6 KB
3 KB 162ms
51ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=CTIT6wBXR1
Requested by: Host: linkx.ix.tc
URL: https://linkx.ix.tc/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 48ee57f66218d64b0e9577194cbf7a6b572197243828608c3ae4b2f2e1540cb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 05 Oct 2023 06:03:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 2.html Show response
thebrightlamps.com/ Frame 06F3 280 B
240 B 709ms
126ms Document
text/html 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://thebrightlamps.com/2.html
Requested by: Host: linkx.ix.tc
URL: https://linkx.ix.tc/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed /
Resource Hash: 0559b173b0cdb855e939f4f0032284978a5a52d4d75091b4888b476da58d6ae1

Request headers

Referer: https://beycoin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 158
content-type: text/html
date: Thu, 05 Oct 2023 06:05:45 GMT
etag: "118-65020469-cf2aa30b6235a206;br"
last-modified: Wed, 13 Sep 2023 18:50:17 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding

GET
H3 200 lg.php
linkx.ix.tc/www/delivery/ Frame DBE2 43 B
429 B 149ms
149ms Image
image/gif 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkx.ix.tc/www/delivery/lg.php?bannerid=7&campaignid=3&zoneid=20&loc=https%3A%2F%2Fbeycoin.xyz%2Fallads.php&referer=https%3A%2F%2Fbeycoin.xyz%2Fbits-ads.php%3Ftype%3D1%26%26ids%3D10&cb=a71e49148c
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed / PHP/7.4.16
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:05:44 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.16
vary: User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 43
expires: 0

GET
H3 200 lg.php
linkx.ix.tc/www/delivery/ Frame 176C 43 B
62 B 150ms
149ms Image
image/gif 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkx.ix.tc/www/delivery/lg.php?bannerid=6&campaignid=6&zoneid=14&loc=https%3A%2F%2Fbeycoin.xyz%2Fallads.php&referer=https%3A%2F%2Fbeycoin.xyz%2Fbits-ads.php%3Ftype%3D1%26%26ids%3D10&cb=09b4f4b884
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed / PHP/7.4.16
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:05:44 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.16
vary: User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: 0

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 176C 696 B
1 KB 141ms
46ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=CTIT6wBXR1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:22 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 696

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 159ms
46ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://beycoin.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://beycoin.xyz
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Thu, 05 Oct 2023 06:03:22 GMT
server: nginx

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 176C 47 B
497 B 174ms
76ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=CTIT6wBXR1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer: https://beycoin.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 06:03:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://beycoin.xyz
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

GET
H2 200 prebid_hb_3083_5501.js Show response
d3u598arehftfk.cloudfront.net/ Frame 6F5D 0
369 B 23ms
22ms Script
application/javascript 2600:9000:223f:5c00:1f:946:f000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3083_5501.js
Requested by: Host: thebrightlamps.com
URL: https://thebrightlamps.com/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 14:25:24 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:22:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2648279
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 0
x-amz-cf-id: rSsTi6NGs9mivg2GscInAdb2zeGlc2EE-w27Bds6LjFce7xSbFskYw==

GET
H2 200 3.html Show response
thebrightlamps.com/ Frame E143 882 B
496 B 125ms
125ms Document
text/html 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://thebrightlamps.com/3.html
Requested by: Host: thebrightlamps.com
URL: https://thebrightlamps.com/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed /
Resource Hash: 1889d91703a8292dfbee2ad79315c4efb43030502e23b8cae3497bdeaf912a13

Request headers

Referer: https://thebrightlamps.com/4.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 414
content-type: text/html
date: Thu, 05 Oct 2023 06:05:45 GMT
etag: "372-64e91572-c74aae8bd222f3ae;br"
last-modified: Fri, 25 Aug 2023 20:56:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding

GET
H2 200 1.html Show response
thebrightlamps.com/ Frame 7442 1 KB
507 B 125ms
125ms Document
text/html 198.91.81.11
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://thebrightlamps.com/1.html
Requested by: Host: thebrightlamps.com
URL: https://thebrightlamps.com/2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.91.81.11 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: x11.x10hosting.com
Software: LiteSpeed /
Resource Hash: 7a379238b7bbcf09f14337120593aaa06c0f954993204c8f06b7deee616594e2

Request headers

Referer: https://thebrightlamps.com/2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 425
content-type: text/html
date: Thu, 05 Oct 2023 06:05:45 GMT
etag: "548-64f63516-ca3a7282f1e7cbc2;br"
last-modified: Mon, 04 Sep 2023 19:50:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding

GET
H2 200 prebid_hb_3083_5501.js Show response
d3u598arehftfk.cloudfront.net/ Frame E143 0
371 B 23ms
22ms Script
application/javascript 2600:9000:223f:5c00:1f:946:f000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_3083_5501.js
Requested by: Host: thebrightlamps.com
URL: https://thebrightlamps.com/3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5c00:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 14:25:24 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:22:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2648280
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Rae_8rQXn2MHfW9rHSHNrrZcRH_4NdT6Cl2xxePaDWEYzzOAK0v4CA==

GET
H2 200 64e8d142eeef798b56886b9b.js Show response
cdn.bmcdn6.com/js/ Frame E143 11 KB
5 KB 210ms
137ms Script
application/javascript 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/js/64e8d142eeef798b56886b9b.js?v=1696485803010

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e5016a4102995269457410b587b64a153b2ad58189c3aee63a836dfd27fe52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36%2B9vmEXCrqpEtReTptTHkBf%2FygFW6aT2i3HlhfYtIXuGeNz1fQZx7SfMQTvc8UJlfeO1O9kmsdg0V6rGoFaJoh7KW8nbxr26hnSk6LQdykEEh2dsROn4Ru1UeuC9dHWQ7aiPbad9tjOCMXkEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 8113760d5f744d59-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 64da33b5bcf8238e664bb4e5.js Show response
cdn.bmcdn6.com/js/ Frame 7442 9 KB
4 KB 203ms
138ms Script
application/javascript 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/js/64da33b5bcf8238e664bb4e5.js?v=1696485803018

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6f6b458291d9443555d6ef4d361e4b274e9932b051bec3b84facb8dd9898f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVfnuclhNUSxdl48X5RewTyRoK5BUmISs11T%2BrSw31jd1zhuWFrpWuuQ1ogjiCwiZn0wKk0kSrgj8KHExORFLlUMZZzX0uOJNZ6q6NWt8XMAm9xG85qqWl81eyOGjKYrAaUNYECt8dJold9x7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 8113760d5f754d59-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 64da33b5bcf8238e664bb4e5.js Show response
cdn.bmcdn6.com/js/ Frame 7442 9 KB
4 KB 461ms
396ms Script
application/javascript 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/js/64da33b5bcf8238e664bb4e5.js?v=1696485803019

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e7997d147d7bf8f23b1463537f0ee0d3c72bae029326a40523990f0c8f8876

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRJ9msz9%2F5C%2BBLw1lj65wWS6fiICxfC%2F9ZhLrgQRg6DY0uiL8q0xsavBrTtDE%2BXgCErykA5aYLTDuMHb0W6WZx7ZnSJvOjQOpwNDk5CV1MJ3hPTV33rv27RPG%2FPuuLehYWvmdK4e63a6GhjZZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 8113760d5f764d59-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 2244182 Show response
ad.a-ads.com/ Frame A1A1 12 KB
5 KB 33ms
33ms Document
text/html 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2244182?size=300x250

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.4.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

6ef89212d9480c51f6a14b9883ae3fcae6a77af0533078e432f0782f5d366d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thebrightlamps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 06:03:23 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://thebrightlamps.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/117617/ Frame A1A1 187 KB
187 KB 53ms
52ms Image
image/gif 136.243.4.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2244182?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.4.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
x-amz-version-id: 9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: B6CFFE237NV3E838
etag: "5896f969c3c0d5de143c2f56c20489d9"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 191448
x-amz-id-2: XjgzExM2buIwS0GbNn6UsLKG/S2OgM2No8X1OmBQi1yy7pglx55PDMLf3RQs8HAOfP9LyyTsPAI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame A1A1 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 551715822132.js Show response
cdn.bmcdn6.com/js/source/ Frame 7442 65 KB
21 KB 401ms
400ms Script
application/javascript 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/js/source/551715822132.js?v=1.0.15

Requested by

Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/js/64da33b5bcf8238e664bb4e5.js?v=1696485803018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3d649a3e9159e2e9fce9408aa869910edebcb07a10fafc85adddea1563e820

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2tGEexx0WdpWYvYMD1vFvOeoKcdEksNaUF07Vtnpx8RkdFyNN4uC8dr53b9tYaadfdf2h%2BjzqdE29%2BTOP6c3rmI70t5vel7Bm%2FZQ%2BMs0c1mimoe1DNTCwNGzhUvhnuxqCMO9OhmIXdcRvR9jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 8113760e381d4d59-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 /
cdn.bmcdn6.com/trl/64da33b5bcf8238e664bb4e5/ Frame 7442 0
278 B 122ms
122ms Image
text/plain 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bmcdn6.com/trl/64da33b5bcf8238e664bb4e5/?sourceRef=https%3A%2F%2Fthebrightlamps.com%2F2.html&displayHost=https%3A%2F%2Fcdn.bmcdn6.com%2F&loadTime=2000&badCode=JTNDaWZyYW1lJTIwZGF0YS1hYSUzRCcyMjQ0MTgyJyUyMHNyYyUzRCclMkYlMkZhZC5hLWFkcy5jb20lMkYyMjQ0MTgyJTNGc2l6ZSUzRDMwMHgyNTAnJTIwc3R5bGUlM0Qnd2lkdGglM0EzMDBweCUzQiUyMGhlaWdodCUzQTI1MHB4JTNCJTIwYm9yZGVyJTNBMHB4JTNCJTIwcGFkZGluZyUzQTAlM0IlMjBvdmVyZmxvdyUzQWhpZGRlbiUzQiUyMGJhY2tncm91bmQtY29sb3IlM0ElMjB0cmFuc3BhcmVudCUzQiclM0UlM0MlMkZpZnJhbWUlM0U%3D&badType=replaced&version=1696485803224

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw3UoqeuALMgnW%2FwwR2sBSsgYbp8aC5qA%2BeNMIyf1ILcqRXSkAnmX5%2B4REJMOWxMcTn%2B5iJtpKLvMRYjDpUACwnWYjdLUpBd9g4%2FIIE71%2F%2FXxl6VlkYMvaNzCXvOqO8mGCaJr%2FpF8GrB7k2n6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8113760e381e4d59-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 551715822132.js Show response
cdn.bmcdn6.com/js/source/ Frame E143 65 KB
21 KB 405ms
404ms Script
application/javascript 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/js/source/551715822132.js?v=1.0.15

Requested by

Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/js/64e8d142eeef798b56886b9b.js?v=1696485803010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3d649a3e9159e2e9fce9408aa869910edebcb07a10fafc85adddea1563e820

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
content-encoding: br
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6OCcp%2FwJB%2Fjz61zjW01ED7joL9bWcGUqs2PDy8kOWJyJPaSEbSFJjCXm7hM5By2n2cszVzRGbwkSi%2FXZRWSK4sBfA33LKwBkwWHXe23Tq%2Bs18W8r2FfY5me14dYc7m9%2BLuVeYYfQfVdUXM07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 8113760e381f4d59-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 /
cdn.bmcdn6.com/trl/64e8d142eeef798b56886b9b/ Frame E143 0
269 B 133ms
133ms Image
text/plain 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bmcdn6.com/trl/64e8d142eeef798b56886b9b/?sourceRef=https%3A%2F%2Fthebrightlamps.com%2F4.html&displayHost=https%3A%2F%2Fcdn.bmcdn6.com%2F&loadTime=2000&badCode=PCFkb2N0eXBlIGh0bWw%2BPGh0bWw%2BPGhlYWQ%2BPG1ldGEgY2hhcnNldD0idXRmLTgiLz48bWV0YSBjb250ZW50PSJJRT1lZGdlIiBodHRwLWVxdWl2PSJYLVVBLUNvbXBhdGlibGUiLz48bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSxzaHJpbmstdG8tZml0PW5vIi8%2BPHRpdGxlPjwvdGl0bGU%2BPGxpbmsgaHJlZj0iLy9zdGF0aWMuYm1jZG42LmNvbS9jc3MvaW1nLmNzcz92PXYxLjI1LjE5IiByZWw9InN0eWxlc2hlZXQiLz48L2hlYWQ%2BPGJvZHk%2BPGRpdiBpZD0ibWVkaWEiIHN0eWxlPSJ3aWR0aDo3MjhweDtoZWlnaHQ6OTBweCI%2BPGEgY2xhc3M9InRvcC1pZGVudGl0eSIgaHJlZj0iaHR0cHM6Ly9iaXRtZWRpYS5pby9wcml2YWN5P3V0bV9zb3VyY2U9aWNvbiIgdGFyZ2V0PSJfYmxhbmsiPjwvYT4gPGEgY2xhc3M9ImJvdHRvbS1pZGVudGl0eSIgaHJlZj0iaHR0cHM6Ly9iaXRtZWRpYS5pby8%2FdXRtX3NvdXJjZT1pY29uIiB0YXJnZXQ9Il9ibGFuayI%2BPC9hPjxkaXYgY2xhc3M9Im1haW4tY29udGVudCI%2BPGEgY2xhc3M9ImxpbmsiIGhyZWY9Imh0dHBzOi8vYmFuay5nb3YudWEvZW4vYWJvdXQvc3VwcG9ydC10aGUtYXJtZWQtZm9yY2VzP3I9bGt1Mnc4ejQmdXRtX2NhbXBhaWduPTU1MTcxNTgyMjEzMiZ1dG1fbWVkaXVtPWJjayZ1dG1fc291cmNlPWJtYmNrIiB0YXJnZXQ9Il9ibGFuayI%2BPGltZyBhbHQ9IkJpdG1lZGlhIERvbmF0ZSIgY2xhc3M9ImxpbmstaW1hZ2UiIHNyYz0iLy9zdGF0aWMuYm1jZG42LmNvbS9pbWcvZC9kX3c3MjhoOTAuZ2lmP3Y9djEuMjUuMTkiLz48L2E%2BPC9kaXY%2BPC9kaXY%2BPHNjcmlwdD5sZXQgY3VycmVudExvY2F0aW9uUGF0aD1kb2N1bWVudC5sb2NhdGlvbi5ocmVmLnNsaWNlKGRvY3VtZW50LmxvY2F0aW9uLm9yaWdpbi5sZW5ndGgpLHRlbXBTdHJpbmc9Y3VycmVudExvY2F0aW9uUGF0aC5zbGljZSgzKSxibG9ja0lkPXRlbXBTdHJpbmcuc2xpY2UoMCx0ZW1wU3RyaW5nLmluZGV4T2YoIi8iKSksYmxvY2tTdWJJZD1wYXJzZUludCh0ZW1wU3RyaW5nLnNsaWNlKHRlbXBTdHJpbmcubGFzdEluZGV4T2YoIj0iKSsxKSksbXNnPXtzdGF0dXM6ImRlZmF1bHRBZExvYWRlZCIsZGVzdGluYXRpb25CbG9ja0lkOmJsb2NrSWQsYmxvY2tTdWJJZDpibG9ja1N1YklkLHdpZHRoQmxvY2s6IjcyOCIsaGVpZ2h0QmxvY2s6IjkwIn07d2luZG93LnBhcmVudC5wb3N0TWVzc2FnZShKU09OLnN0cmluZ2lmeShtc2cpLCIqIik8L3NjcmlwdD48L2JvZHk%2BPC9odG1sPg%3D%3D&badType=bitmedia_referral_ad&version=1696485803226

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9klKW2TbvV5k7JQUyG2XNKIN5JXTVnOU5FhT6fe916W37YwNP2oKQoV7Rsc8i%2BChemIKQCmnm3WNEmUFaXLV%2F2UyZ1toWt1xrKLBgoTPpljWbyWlenciz4ruVDINtiAEiQ5ejS12%2BoddNwsvhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8113760e38204d59-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
cdn.bmcdn6.com/trl/64da33b5bcf8238e664bb4e5/ Frame 7442 0
458 B 121ms
121ms Image
text/plain 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: thebrightlamps.com
URL: https://thebrightlamps.com/1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7u%2Fuljo5v292DpFQeoIe2RKlV%2F3jJtTe01xWFsdYjg%2FlMVVy8yirzQzoIcLrWzVaSxWbp1yAJjKuwgnhnEe0SxDyVOFZh3XThbMCcVqjMU%2Bav64T%2BjK9y1MdSPTxY65YxNbLT4cE8NHvpo%2FLSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8113760fdbcb5d8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
cdn.bmcdn6.com/p/64da33b5bcf8238e664bb4e5/ Frame 2E64 2 KB
1 KB 168ms
168ms Document
text/html 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/p/64da33b5bcf8238e664bb4e5/?source=https%253A%252F%252Fthebrightlamps.com%252F2.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=1b980909-8f8e-42b3-9a4b-f5c356668c9b&sessionId=36593232-f357-45c8-9030-78d7eb55a099&pageViewUuid=b559caa0-0d75-4920-b9f6-ed203d9f83a7&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0

Requested by

Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/js/source/551715822132.js?v=1.0.15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

990819bfd2e07fdd7cb56d54f5e7e3fe11d792e70f865876b8e9e1cabaf3efe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://thebrightlamps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-encoding: gzip
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811376125ddf5d8b-FRA
content-encoding: br
content-type: text/html
date: Thu, 05 Oct 2023 06:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YtZfwapN5GJoSY%2FwNO%2B4g1ZnMifwgC5y4mpPP0slF5eyuq8O%2BRCxWQ5isv9NiiJIiZkXYDjXvjvcsIGH2HvqZiJRC%2BFOc%2BwOCl9pLMUC6n%2Frym7sPc6ZP0wysRvKyfw0BYrB7sUU3b7qVv7zw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

GET
H3 200 /
cdn.bmcdn6.com/pv/64caa455309a564137aa07ee/ Frame 7442 35 B
467 B 144ms
144ms Image
image/gif 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bmcdn6.com/pv/64caa455309a564137aa07ee/?source=https%253A%252F%252Fthebrightlamps.com%252F2.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0&pageViewUuid=b559caa0-0d75-4920-b9f6-ed203d9f83a7&version=1696485803867

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
strict-transport-security: max-age=15768000
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uuwvqd%2BfbkLWgy62Po4FFeTVJQudeBycUV5fVuR42NqSDcSX4X0o1aqbtyzPEXEBb5KIZIc2MiZcPipzy5VQvC%2F6YEv27gUqPkokM%2FnzN5Grnb%2Be0BBZhFzQk%2FGuf68nuTTHkTf4vvWYsFND5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 811376125ddc5d8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
cdn.bmcdn6.com/pb/64caa455309a564137aa07ee/64da33b5bcf8238e664bb4e5/ Frame 7442 0
418 B 126ms
125ms Image
text/plain 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bmcdn6.com/pb/64caa455309a564137aa07ee/64da33b5bcf8238e664bb4e5/?type=iframe&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&sourceid=551715822132&source=https%253A%252F%252Fthebrightlamps.com%252F2.html&pageViewUuid=b559caa0-0d75-4920-b9f6-ed203d9f83a7&version=1696485803867

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:23 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQkSewjPoEgN0NlBq3zUR6kdr226ylqljxRwgtnLNmbdGeNCsSWIa1B168yeS49iH5nP8rcBe2VnpXgAwMENsm6lQ5KRYezBqJlaRJ1T1X%2FteLOhhejM1QIJVEka%2FAa4%2BlEVhk9S%2Bm0t6rmFRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 811376125dde5d8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
cdn.bmcdn6.com/pb/64caa455309a564137aa07ee/64da33b5bcf8238e664bb4e5/ Frame 7442 0
420 B 129ms
128ms Image
text/plain 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcDIMRKWQO1XkVwyWl1gJSORBtPeTSYcVqSTBIjpP4%2FMBpDSdNHHEO6YzQyTu0a4hyPJ5iqoA0XNNz4TQtoouSMZGReRNsFYXXPvunu%2F4uwxK5oN4cySQrudF%2FPbtAN6sNG9drd3LZrwnvzuwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 811376126df35d8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
cdn.bmcdn6.com/p/64e8d142eeef798b56886b9b/ Frame 5557 2 KB
1 KB 166ms
165ms Document
text/html 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bmcdn6.com/p/64e8d142eeef798b56886b9b/?source=https%253A%252F%252Fthebrightlamps.com%252F4.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=d4a3b807-dbcc-4ff6-99f9-26d42eddc790&sessionId=4473c569-e4e0-4b2d-aa79-01b9716778d7&pageViewUuid=ddecc21d-6c67-435f-8f23-12c9235d8b2a&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0

Requested by

Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/js/source/551715822132.js?v=1.0.15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331439e89b8d6a17d5515b52792e87d51e1535a8c992e55c13ad0c70a3067b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://thebrightlamps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-encoding: gzip
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811376128e135d8b-FRA
content-encoding: br
content-type: text/html
date: Thu, 05 Oct 2023 06:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfFmCRKXld2W2JlhgRDhn4AhfLIpDGi%2FYtzqE9CDpGvvu9cY7plwNvU8h8IzpoWRERvAJi959uMsE8O%2F5uL9DpHkmktRhabd9Kc6TUrFxS9De%2B9IIaxhKq1PoPOlRb05X9LqNPpS56h2kpWb%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

GET
H3 200 /
cdn.bmcdn6.com/pv/64caa455309a564137aa07ee/ Frame E143 35 B
460 B 134ms
134ms Image
image/gif 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bmcdn6.com/pv/64caa455309a564137aa07ee/?source=https%253A%252F%252Fthebrightlamps.com%252F4.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0&pageViewUuid=ddecc21d-6c67-435f-8f23-12c9235d8b2a&version=1696485803911

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
strict-transport-security: max-age=15768000
accept-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgEOyM6f42p4Qwg8bHx3I1WK44NEPfY3uwWbEGvcmHUQl6uxpMNEJiuBsCT112I3ifxP4PdliRlGOSzVSlsjo7sAE7tIvCjYfAlvA6Gluq1hVVNmoYVXXWQELJNfcdvm%2FbKxLJRyj2uT6HAMaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cf-ray: 811376128e0f5d8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
cdn.bmcdn6.com/pb/64caa455309a564137aa07ee/64e8d142eeef798b56886b9b/ Frame E143 0
421 B 121ms
120ms Image
text/plain 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bmcdn6.com/pb/64caa455309a564137aa07ee/64e8d142eeef798b56886b9b/?type=iframe&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&sourceid=551715822132&source=https%253A%252F%252Fthebrightlamps.com%252F4.html&pageViewUuid=ddecc21d-6c67-435f-8f23-12c9235d8b2a&version=1696485803911

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thebrightlamps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvoaksPfbXK9sHy0c5VD%2BHd%2B%2FK%2FxkU%2BC4nv3GOkB1tUT9MgjRn6rrg2DtYv4NCwl8qYh5Qa60gzWjPhX66osMjwSlo42dvm8f0qCI9ZL0FYCtvKYogGDKk5UjtEojO5EOe%2BYJ5yciOigblaXRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 811376128e115d8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 img.css
static.bmcdn6.com/css/ Frame 2E64 27 KB
15 KB 62ms
43ms Stylesheet
text/css 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn6.com/css/img.css?v=v1.25.19
Requested by: Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/p/64da33b5bcf8238e664bb4e5/?source=https%253A%252F%252Fthebrightlamps.com%252F2.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=1b980909-8f8e-42b3-9a4b-f5c356668c9b&sessionId=36593232-f357-45c8-9030-78d7eb55a099&pageViewUuid=b559caa0-0d75-4920-b9f6-ed203d9f83a7&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.bmcdn6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3861
etag: W/"6399ae7d-6a64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vuw53sVuhqrGG7Oef6SPxX8dy5YSMgPyY9mhoI%2BurtyRVJPRNBVb3Gyg8uFMWyOeg%2FSbY910T4cdrRR2I0AxSNnrGzIgvFtN8hoLDobOD1ouFnnDW4n5ALYIXJpxQUEXWYka2GVte9%2FrOX71dOAxzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 811376138c544d59-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 da36a6a0-62c8-11ee-a77f-8b5f711747e1ca9637a1-af26-4eab-b08a-641ed45c49a861a3ad71a23746001a78a57b.png
media.bmcdn6.com/static/ Frame 2E64 132 KB
132 KB 51ms
31ms Image
image/png 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.bmcdn6.com/static/da36a6a0-62c8-11ee-a77f-8b5f711747e1ca9637a1-af26-4eab-b08a-641ed45c49a861a3ad71a23746001a78a57b.png

Requested by

Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/p/64da33b5bcf8238e664bb4e5/?source=https%253A%252F%252Fthebrightlamps.com%252F2.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=1b980909-8f8e-42b3-9a4b-f5c356668c9b&sessionId=36593232-f357-45c8-9030-78d7eb55a099&pageViewUuid=b559caa0-0d75-4920-b9f6-ed203d9f83a7&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9b1d48625a89ae91071e7ee814a2e471388877716c554d21ceb19334780eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.bmcdn6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000aa90cf14e7d65737-00651d906f-7a12c4f2-nyc3c
age: 7066
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 134819
last-modified: Wed, 04 Oct 2023 15:15:28 GMT
server: cloudflare
etag: "8bcb445e1284b83dab587a0a195cd960"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlAGzrbnWp6ObtJ6%2Bmsnz9ommu%2FrVgwBv5%2FVy7COIi9h%2FJaospWGs8ajndOYwndiU7GOOwPvdPGXwgSkBJ9H7asFbMVlBEIt1XAj8CZlTevj0cnnfFt005EN1LFzxKiC5yRqhNoR4lhwYAfS%2FcTH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 811376138c564d59-FRA

GET
H2 200 img.css
static.bmcdn6.com/css/ Frame 5557 27 KB
15 KB 40ms
39ms Stylesheet
text/css 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bmcdn6.com/css/img.css?v=v1.25.19
Requested by: Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/p/64e8d142eeef798b56886b9b/?source=https%253A%252F%252Fthebrightlamps.com%252F4.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=d4a3b807-dbcc-4ff6-99f9-26d42eddc790&sessionId=4473c569-e4e0-4b2d-aa79-01b9716778d7&pageViewUuid=ddecc21d-6c67-435f-8f23-12c9235d8b2a&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.bmcdn6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 11:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3861
etag: W/"6399ae7d-6a64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVN9Y4naL28DanTDUrz87P8PhHUFQhgwsQnv6vej6S1YKPnV3edpBlTsFUuor5Kp6AGX0OMiLoBxBxX5DMdiL1NFRVbxaLf%2FddNo91Uksw0Y90d6wHI0s6Pfb3eweyYeMJZ75zPVlrLDuZwlfz2Edw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 811376139c6a4d59-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 4a9dc960-62c8-11ee-a77f-8b5f711747e1cc8c23fd-a66c-459e-b5a2-7015be5620bb61a3ad71a23746001a78a57b.png
media.bmcdn6.com/static/ Frame 5557 83 KB
83 KB 46ms
46ms Image
image/png 2606:4700:e0::ac40:6e1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.bmcdn6.com/static/4a9dc960-62c8-11ee-a77f-8b5f711747e1cc8c23fd-a66c-459e-b5a2-7015be5620bb61a3ad71a23746001a78a57b.png

Requested by

Host: cdn.bmcdn6.com
URL: https://cdn.bmcdn6.com/p/64e8d142eeef798b56886b9b/?source=https%253A%252F%252Fthebrightlamps.com%252F4.html&sourceid=551715822132&ent=&we=0&fid=af5fcfe344fd94c1e5f9d88d21cc3ea7&fidnoua=65e598b5f9f7a298195d65462c89e609&impid=d4a3b807-dbcc-4ff6-99f9-26d42eddc790&sessionId=4473c569-e4e0-4b2d-aa79-01b9716778d7&pageViewUuid=ddecc21d-6c67-435f-8f23-12c9235d8b2a&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F117.0.5938.132%2520Safari%252F537.36&sig=0x00000&blocksubid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6e1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58aeaee16b824edb5cc1d9dda2e9246c7353ff7275f161cd2cd7738c0d370dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.bmcdn6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:03:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000bcac8234d081910a-00651d8fc7-7a12c40c-nyc3c
age: 7066
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
content-length: 84806
last-modified: Wed, 04 Oct 2023 15:11:28 GMT
server: cloudflare
etag: "994b417859cf649133f48fd1994edc03"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANmZLBMi9Qc66vf4pdgkoDt7p%2FHUXhaAHdXEf%2FWBrrQXp11zwQ%2FAY%2B5EqgVgO5dhHnk30lzuY8SUn7K%2FGd8T8Kn51Cq%2FVPtEUCCd1muuyxno3GVlRJZZ0hUXgK7yqgaSPkZ5PIgsFlIynAYeEBRw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 811376139c6c4d59-FRA

GET
DATA 200
OK truncated
/ Frame 2E64 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2E64 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5557 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5557 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
websort.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6e9b61735d192e3fc9e9bfcc696e5da0
websort.site/	1970-01-20 15:14:52	Name: PT_REF_ID Value: 1
.websort.site/	1970-01-21 00:50:45	Name: _ga_T6VQNVWV7D Value: GS1.1.1696485800.1.0.1696485800.0.0.0
.websort.site/	1970-01-21 00:50:45	Name: _ga Value: GA1.1.1944073412.1696485800
.beycoin.xyz/	1970-01-21 00:00:21	Name: cf_clearance Value: 9uyKHWTprNJoGWMUnlpACoBpO15fnW2_phoh_XNSZSI-1696485801-0-1-2581fa01.6c2c7e67.bcb89778-0.2.1696485801
linkx.ix.tc/	1970-01-21 00:00:21	Name: OAID Value: 01000111010001000101000001010010

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
ayelads.click
ayelads.com
beycoin.xyz
cdn.bmcdn6.com
cdn.jsdelivr.net
d3u598arehftfk.cloudfront.net
ka-f.fontawesome.com
kit.fontawesome.com
linkx.ix.tc
media.bmcdn6.com
rapid-faucet.site
region1.google-analytics.com
static.a-ads.com
static.bmcdn6.com
static.surfe.pro
thebrightlamps.com
websort.site
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
136.243.4.18
162.0.235.250
198.91.81.11
2001:4860:4802:32::36
2600:9000:223f:5c00:1f:946:f000:21
2604:9a00:2010:a035:5::1
2606:4700:3032::ac43:ddae
2606:4700::6810:5914
2606:4700::6812:1734
2606:4700:e0::ac40:6e1c
2606:4700:e2::ac40:8309
2a00:1450:4001:81c::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a06:98c1:3121::3
2a0d:da00:a:4018::
2a0d:da00:a:401c::
52.222.236.94
67.223.118.72
69.57.162.10
0559b173b0cdb855e939f4f0032284978a5a52d4d75091b4888b476da58d6ae1
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
103a02e7d27f4a02b014b9b0270378a3235fe387432a0bd8b922211fe0d16c5f
1889d91703a8292dfbee2ad79315c4efb43030502e23b8cae3497bdeaf912a13
20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f
2f193d706417bcf72a130968908edcd09a192c51f4b592114ea4697ee4dfe85b
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
305cfd6d3c23a7a9f2d1841c88eb1b28ac1e15749620e6a2f904f9601826af7a
331439e89b8d6a17d5515b52792e87d51e1535a8c992e55c13ad0c70a3067b11
35e0589c4787a8852d5a6b21fc4e9c0363ddcd552c9a1d6073b39f7824cd9c84
38a888418ce22074f7ac0f5a57b644c07cd4f07f0a38d30807e314c163c12ba7
3a99b62e73fc29f7f242b2f10c871ad19e57970587f17baa4c5025f0c8e0599a
3b6f6b458291d9443555d6ef4d361e4b274e9932b051bec3b84facb8dd9898f4
3ba09270c6fdc3ed20c9d799e16919aa55fb891bbca6f607e71b6dfd6a62c900
402179b88fa6e0b17851d64725ec39658d804bd6cc9b8ba227e27bd3b4cca459
4602f2db586780f1ed4ed91e1d9b96322bbdf638a971c85f587124c6356d5409
48ee57f66218d64b0e9577194cbf7a6b572197243828608c3ae4b2f2e1540cb2
49fe4fdf2dc5f6f5fbdb10b227baae98577545b9f2f82c047b647bd88efd089e
4aa8434be85e0a5e726cbc3be7b9e7f4a217334cdf3e1cd6a6d3e1bc7d907494
4dbfeb49ca2c4e9bf0f0f7e600e25ae042cb463aa4a4dd29bdaa2bc9a08c9d18
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54ff068f75ab9c67ef582a75bc9117ebee2bc972450f961051b24858d2a975e6
568e3768feba91a7ff887286c94fd678b82349af9a49d2012160b08dd1ace8e8
58aeaee16b824edb5cc1d9dda2e9246c7353ff7275f161cd2cd7738c0d370dc4
58d2cd4dff12c726eec16d19ab7fe6e82885c8580175e7b9e4d122d83bdf98ef
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
609fb623ac7aed76b97604d0bd50b7663d4e9863e2d5cf0b7bb94b2c8e583968
628f9530cfbc5c8c8516eb4627a4de6ade35acbc0c3e244a704906e308219582
681ff2bbbaf918f433b48ee3c8b0e903c79fa75af8431a290a522f546e254ad2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
6e5bba4cc6a78cfef533422a80f455c3fe44be425b9fd62f57c108d2a6ad8ebe
6ef89212d9480c51f6a14b9883ae3fcae6a77af0533078e432f0782f5d366d33
6fcf2a1cc0b01c13837cd5c8110ef9960ecdf7d45f37d2a4319b81eebd56db06
71b58c684e74f8b8a72eeab2d19b447554b3245f65c7331b7a518f4a2bee555f
7295975031c881e32eff9b230d68eb695d3b23ac892d7ee193d025eaf44772aa
75511c24c556201d2a91dace62fd5954c046dff99b94b49d5846ee3ec19543d0
7667d41929dbee536024b3381aa9e72c4c711d03c5c75fdf227a0537483bbf99
770b1c8b52c11e3601bd26a87497244209d0c3d7d8597323201fb3198a759616
7725580c9dc412e32c173e8059b9f31be09bd75749cd40a2f9b5b64efaca63e1
77d6648306d2e681cb2c64d00ba665bf5d40fe5bde62a79590e4efedcbfc0565
785401b0b09d6ab3503b34e8f73c06c0fd9a91a8dc148ab1fcd123ac00300388
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a379238b7bbcf09f14337120593aaa06c0f954993204c8f06b7deee616594e2
7e9b1d48625a89ae91071e7ee814a2e471388877716c554d21ceb19334780eb4
808adc74c8c2c7a45e2e6d5eed2e427723a4890732168915a15d37ac81bcb9a1
9285b75776f2f445417b1386a2f4f7973f6e6185942a9d94e35ed0220accfef3
96533c2166d3421ce6cdeef8e9d1c3ff7414ae53d94615af15f86cc80e62b882
990819bfd2e07fdd7cb56d54f5e7e3fe11d792e70f865876b8e9e1cabaf3efe8
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
9a6f9e1bd4b056332615cccc75cb365f3b8450316d530ca81edb09e55e672802
9e3d649a3e9159e2e9fce9408aa869910edebcb07a10fafc85adddea1563e820
9f615d160150ee0ad8ec3d24afefb9f11d851331e56ea7147abe004f64968071
b1e5016a4102995269457410b587b64a153b2ad58189c3aee63a836dfd27fe52
b2e7997d147d7bf8f23b1463537f0ee0d3c72bae029326a40523990f0c8f8876
b4a1573e61fab53f08a7f3e88f085b74a4791476d21bba0f4b31a50e1f85e998
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b84d375a52e9a11d9ca9720252873a904384bdcbc9b8dba2c3677d278b8850da
ca602652996c4dd46bac439378d0c83815e9f6914d7d8893df7425a361897956
cbaa8ea097e67b8df9108f6b71c061d843570094fd0685bdfbeafc483d360da8
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d7ad0db07f363e69a0d545f2e75d26532885fbddf70db53cfee9216f0b56e0af
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156
f24251f2c97427d7777234c44a9493d33c22682e2dde22bd1f4f4c87dc766aeb
fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

websort.site Open in urlscan Pro 2604:9a00:2010:a035:5::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

99 %HTTPS

71 %IPv6

19 Domains

25 Subdomains

22 IPs

3 Countries

3765 kBTransfer

6519 kBSize

6 Cookies

2 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

websort.site Open in urlscan Pro
2604:9a00:2010:a035:5::1 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

99 %
HTTPS

71 %
IPv6

19
Domains

25
Subdomains

22
IPs

3
Countries

3765 kB
Transfer

6519 kB
Size

6
Cookies

99 HTTP transactions
10 data transactions