urlscan.io logo urlscan.io
SecurityTrails logo

xcraft.net Open in urlscan Pro
51.195.106.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.googleadservices.com/pagead/aclk?nis=4&sa=L&ai=C54nn4q69ZN2dFeDRxtYPxZOYgAvru9SscMz1_KmdDNvZHhABIJXenAxgycbEh-CjtBCgA...
Effective URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheu...
Submission: On July 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 8 countries across 18 domains to perform 53 HTTP transactions. The main IP is 51.195.106.115, located in France and belongs to OVH, FR. The main domain is xcraft.net.
TLS certificate: Issued by R3 on July 21st 2023. Valid for: 3 months.
This is the only time xcraft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
5    51.195.106.115 (France)

ASN16276 (OVH, FR)
PTR: xcraft.ru
xcraft.net
15    2606:4700:3034::ac43:d793 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.xcraft.net
6    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
telegram.org
oauth.telegram.org
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
4    46.105.175.30 (France)

ASN16276 (OVH, FR)
PTR: lb2.clfg.ru
stat.clickfrog.ru
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    2001:41d0:203:bb5::4 (France)

ASN16276 (OVH, FR)
clfg.ru
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
20 xcraft.net
xcraft.net
cdn.xcraft.net
527 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 11187
3 KB
6 telegram.org
telegram.org — Cisco Umbrella Rank: 10003
oauth.telegram.org — Cisco Umbrella Rank: 194322
65 KB
4 clickfrog.ru
stat.clickfrog.ru
24 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 879
trc.taboola.com — Cisco Umbrella Rank: 611
trc-events.taboola.com — Cisco Umbrella Rank: 1910
21 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 382
13 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4002
59 KB
2 clfg.ru
clfg.ru
1 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11639
3 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 559
7 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 501
17 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1202
634 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1459
637 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5791
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
484 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 120
379 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1338
8 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 161
1 KB
53 18
Domain Requested by
15 cdn.xcraft.net xcraft.net
cdn.xcraft.net
7 mc.yandex.com 3 redirects xcraft.net
5 telegram.org xcraft.net
oauth.telegram.org
telegram.org
5 xcraft.net xcraft.net
cdn.xcraft.net
4 stat.clickfrog.ru xcraft.net
stat.clickfrog.ru
3 bat.bing.com xcraft.net
bat.bing.com
3 mc.yandex.ru 2 redirects xcraft.net
2 trc-events.taboola.com cdn.taboola.com
2 clfg.ru stat.clickfrog.ru
2 counter.yadro.ru 1 redirects xcraft.net
2 s.yimg.com xcraft.net
s.yimg.com
2 ssl.google-analytics.com 1 redirects xcraft.net
1 sp.analytics.yahoo.com xcraft.net
1 oauth.telegram.org telegram.org
1 alb.reddit.com xcraft.net
1 www.google.de xcraft.net
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com xcraft.net
1 www.redditstatic.com xcraft.net
1 www.googleadservices.com 1 redirects
53 22

This site contains links to these domains. Also see Links.

Domain
novaart.ru
liveinternet.ru
Subject Issuer Validity Valid
xcraft.net
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2022-08-10 -
2023-09-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-03 -
2023-08-23		 2 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
stat.clickfrog.ru
R3		 2023-07-15 -
2023-10-13		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
clfg.ru
R3		 2023-07-15 -
2023-10-13		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-30 -
2023-11-22		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Frame ID: 230D2BD1158F29AD77F2A664AEF36519
Requests: 42 HTTP requests in this frame

Frame: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&size=small&userpic=false&radius=4
Frame ID: BB4C8718BBF71B91FE033320E6994A44
Requests: 6 HTTP requests in this frame

Frame: https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
Frame ID: 20D4AEE3B8E741A7E829D74829AD16EA
Requests: 4 HTTP requests in this frame

Frame: https://clfg.ru/3dpc.php?rnd=0&c=5727546625662347783-1690152708&set=1
Frame ID: E590E1B62411A59224735621162368D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xcraft - Registrierung

Page URL History Show full URLs

  1. https://www.googleadservices.com/pagead/aclk?nis=4&sa=L&ai=C54nn4q69ZN2dFeDRxtYPxZOYgAvru9SscMz1_KmdDNvZHhABI... HTTP 302
    https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

89 %
HTTPS

58 %
IPv6

18
Domains

22
Subdomains

17
IPs

8
Countries

747 kB
Transfer

18865 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.googleadservices.com/pagead/aclk?nis=4&sa=L&ai=C54nn4q69ZN2dFeDRxtYPxZOYgAvru9SscMz1_KmdDNvZHhABIJXenAxgycbEh-CjtBCgAa6YiqICyAEJqQKxDkeLwqmyPqgDAcgDywSqBOsBT9DR1ma5I_E-YdWi1POXMJeoC86dSWoUM4SUPqUDS-2bRm9NQtUHzZwxyrdPqOHTtjkNWfkXbRe9xY2_FJR-e0Wb5_dSwgkKGdL0xMPbRLfKSlxpy_Yb3BRKUjhrQm4AeooKE8aihM1Y14LpPb-ELfwejSUNkcMrDinJruvLauDAnLpKTBVvNIEu3VyEL1KOfIu7JXxB9eHFcm8Z44QFMF3ukUyaL3tGALkgxkjFkNL8Q7MGwaERGRyL46peR8Aa1QL9dGGuZ6xdlbeHF_OKQTpntjUrO5E_aI5GTpBuuuxyrbBgsRiNf5v8AcAEgb6MhZ4DoAYugAe65_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwDSCCAIgIGAQBABGB4yBIOAgA46Cp_QgICAgISAIBBIvf3BOrEJatUQy_zRLMeACgGYCwHICwGADAG4DAHaDBEKCxCg3fzfxcqosYYBEgIBA6oNAlVT2BMMiBQC0BUB-BYBgBcB&ae=1&ase=2&num=1&cid=CAQSKQBpAlJWnmbnghkebT4l6dx9baZ5Ex9L5Tj494KJpaFsE8DC43641LilGAE&sig=AOD64_0J0S9iTMG9b-NpciH6csCZOafVGg&client=ca-pub-4210270732118289&rf=1&nb=8&adurl=https://xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE HTTP 302
    https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://counter.yadro.ru/hit?t22.4;r;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE;0.38829023870396195 HTTP 302
  • https://counter.yadro.ru/hit?q;t22.4;r;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE;0.38829023870396195
Request Chain 27
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=213673853&utmhn=xcraft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Xcraft%20-%20Registrierung&utmhid=1825206263&utmr=-&utmp=%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&utmht=1690152708393&utmac=UA-32348388-2&utmcc=__utma%3D137179577.152923694.1690152708.1690152708.1690152708.1%3B%2B__utmz%3D137179577.1690152708.1.1.utmcsr%3Dadwords%7Cutmgclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE%7Cutmccn%3DENG_look_alike%7Cutmcmd%3Dcpc%7Cutmctr%3Drebuildtheuniverse.com%7Cutmcct%3D462479415558%3B&utmjid=1579829613&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853&slf_rd=1&random=3923969672
Request Chain 45
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10073.C-GVM6o27GVzKekZRz7iR7jKllnXuyf2kBTsSdZDHEB-GtSdikaGjNXN3P30Afpk.h0b8KyERYc0R2q5VWVxcVfZkQjY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10073.TqauRYMGaUbL7sQyAQJACd9DDKTmA8OESHTAGZ3dGJ4J6LHpy7MWTL2xMoWe3ys3KOocd6VI3pm7TBLW1YEcYvssvOhu6w7uXEk5VJAEL9k%2C.ojPywdwESC-d76esATTpeiQPRvM%2C
Request Chain 49
  • https://mc.yandex.com/watch/2135185?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A581%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A53450251027%3Ahid%3A724749227%3Az%3A0%3Ai%3A20230723225149%3Aet%3A1690152709%3Ac%3A1%3Arn%3A408652686%3Arqn%3A1%3Au%3A1690152709169047566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C89%2C51%2C1%2C225%2C0%2C%2C192%2C0%2C%2C%2C%2C576%3Aco%3A0%3Acpf%3A1%3Ans%3A1690152707656%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690152709%3At%3AXcraft%20-%20Registrierung&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A581%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A53450251027%3Ahid%3A724749227%3Az%3A0%3Ai%3A20230723225149%3Aet%3A1690152709%3Ac%3A1%3Arn%3A408652686%3Arqn%3A1%3Au%3A1690152709169047566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C89%2C51%2C1%2C225%2C0%2C%2C192%2C0%2C%2C%2C%2C576%3Aco%3A0%3Acpf%3A1%3Ans%3A1690152707656%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690152709%3At%3AXcraft%20-%20Registrierung&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 50
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10073.IoC0DBYlmw_DYvgUQx7mr6iBEBJnN3KQ1ISBUy_r4DIuEduK25VLuI3h8_nV6kUO.3wblnrjVj3ndefoh4Hpol1yb0mQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10073.p-Nu85uyombaGyJ-9OBjshl5E8-aeF9MHCic2r7ePybhLbJ-vIQulAv_5g8VT24FN2EkWxghh9Qlgp3htshLZ_Xhlpuo0arXo6ez3XQwKDM%2C.bbl2uh1tYMqM-pcrJYQZ5i_1rY8%2C

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xcraft.net/registration/
Redirect Chain
  • https://www.googleadservices.com/pagead/aclk?nis=4&sa=L&ai=C54nn4q69ZN2dFeDRxtYPxZOYgAvru9SscMz1_KmdDNvZHhABIJXenAxgycbEh-CjtBCgAa6YiqICyAEJqQKxDkeLwqmyPqgDAcgDywSqBOsBT9DR1ma5I_E-YdWi1POXMJeoC86dS...
  • https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChM...
14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
1e24922e73947bbd99092c5967cea5343db3fa2091320098ae6c775f002e43f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 22:51:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x9f2d5a3b0b32f870000000000000000","2":"0x7f8f3f2dccc648900000000000000000","5":"0x7c69dcc69e429d430000000000000000"},"debug_key":"5358373115960536525","debug_reporting":true,"destination":["https://xcraft.net"],"expiry":"2592000","filter_data":{"2":["608341038"],"20":[],"3":["07-23"],"6":["true"]},"priority":"700","source_event_id":"9683480632004390560"}
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 22:51:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
adclick_server
x-content-type-options
nosniff
x-xss-protection
0
registration.terran.css
cdn.xcraft.net/assets/build/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
168f9aeb39507b0c3417cd02abf4018a01abf1513e24ed9157c7f1dc670400ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39201
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Jan 2023 08:19:15 GMT
server
cloudflare
etag
W/"63b53683-2901"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PebSQ%2FWjCGQk3IbeYKLMrWpxqvRwwqOaQNsRc%2B3BJTrBa88o6D9RNvx8r%2BolAMW7HHTQ9ag%2FkyaQVcpfR7gneG9hXnWl3yYW6CNos24vznZbFE2ghK16iIKhikmXeo5R%2F6gr%2B1PnxMQ2%2FwRlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7eb77d7a0e2b3aa4-FRA
expires
Mon, 24 Jul 2023 11:58:27 GMT
lgr.min.js
xcraft.net/assets/build/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/assets/build/js/lgr.min.js?v=13036
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
02e66cb6ed9cadd2b5602eb1b262b739e7b86027581ec25bdf5e77f87cced7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
gzip
last-modified
Wed, 19 Jul 2023 05:42:51 GMT
server
nginx
etag
W/"64b777db-1603"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
expires
Tue, 22 Aug 2023 22:51:48 GMT
cdn.min.js
xcraft.net/assets/build/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/assets/build/js/cdn.min.js?v=13036
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
b42043d4ebcbff2c1e140ba0a80d2c817e9a213d558adbb44f9343dcf1766746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
gzip
last-modified
Wed, 19 Jul 2023 05:42:50 GMT
server
nginx
etag
W/"64b777da-702"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
expires
Tue, 22 Aug 2023 22:51:48 GMT
autoloader.es8.min.js
cdn.xcraft.net/assets/build/js/es8/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=13036
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adcd52a30bb9d688e16810264e27c369e227b9cf6e88c5add5e430bf50ed3141

Request headers

Referer
https://xcraft.net/
Origin
https://xcraft.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61252
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Jul 2023 05:43:39 GMT
server
cloudflare
etag
W/"64b7780b-112a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGAktwhOg5pqQztX3IHTZMLvo7fG4CrwBb7xrGsVD63PySXYjcFEZJV8DSAr9X%2BWF4rRoe2vfs8TJFCzfU3xcrZrFuO7pLvBVRCm3%2BJ%2B8HOHsMWlaHFfSrT4jqnUgYeEIbJC2ETH%2FHBegA%2B8gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7eb77d7a097c35f1-FRA
expires
Mon, 24 Jul 2023 05:50:56 GMT
logo_terran_small.png
cdn.xcraft.net/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/images/logo_terran_small.png
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca8e83cf504aebda19344290f6df4a189eb2e2e5bde5cd43ec96d63b3ba2ea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1511025
alt-svc
h3=":443"; ma=86400
content-length
17329
last-modified
Mon, 02 Jul 2018 09:22:17 GMT
server
cloudflare
etag
"5b39eec9-43b1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF16ZLK%2B3K%2FPvYPQfIV4UET%2FCVQQwBBmh0pxdmm4IDZf5YP1TMxNdiopfuWHCpt1oO1JRrBbERJBY4R5s7gfToyXioEB3lbFil6TGToIueByEUBGX0bvITER0bHwR%2FDzrtwP2%2BrQ5TIpLs5Xeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7a5e7b3aa4-FRA
expires
Sat, 05 Aug 2023 11:08:03 GMT
telegram-widget.js
telegram.org/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-widget.js?9
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
etag
W/"642abc84-4ff5"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Jul 2023 22:51:48 GMT
cnd_test.png
cdn.xcraft.net/images/ 		67 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/cnd_test.png?v1690152708215
Requested by
Host: xcraft.net
URL: https://xcraft.net/assets/build/js/cdn.min.js?v=13036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
67
last-modified
Mon, 02 Jul 2018 09:22:15 GMT
server
cloudflare
etag
"5b39eec7-43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lscFjkYXnxS1PI9pbOjSEBZ8ETk3IjtEB8IqnEhFbXqsOU1iDAPhT%2Blh%2FRd6YRKldUfjkvudH3sK%2F1GjIcJLdgB3xo1y72oSG6%2BomsRtzJiUchDaOH2OGvsRJJvlAy2EP82Yaq4OikircCxE1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7a79fb35f1-FRA
expires
Tue, 22 Aug 2023 22:51:48 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 23 Jul 2023 20:52:00 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7188
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 23 Jul 2023 22:52:00 GMT
watch.js
mc.yandex.ru/metrika/ 		166 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ac9c288761ebc7cfd5f241861b1e14d8f57ff6e9c5fbfb297202989f2625d950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 12 Jul 2023 11:40:09 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64ae66e9-e882"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
59522
expires
Sun, 23 Jul 2023 23:51:48 GMT
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:50:25 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
SWBFC56XZQ3WH9K4
age
84
x-amz-server-side-encryption
AES256
x-amz-id-2
MYxB38RGOHtj8z4JkA+3i2vGjNx5Ax7//UJXpA8iGEtHV90vaUhU2a9cwOQK7TQHSXZt86YdxJIFhRobW2rEbRe2H7e/70JU
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
tfa.js
cdn.taboola.com/libtrc/unip/1381512/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e56b62c7441173ee1d36c4a8863bd2f6e58a44cd09fcca65cea2d4c729346200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
B9P6g_0ixfLW5OK23OtgcwEmfYuTKBWi
content-encoding
gzip
via
1.1 varnish
date
Sun, 23 Jul 2023 22:51:48 GMT
x-amz-request-id
787KBGGAXXCD8NQM
age
146
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18350
x-amz-id-2
5Mi8r/yRy7QK6qbxDxoIpNPGufps39/5M9kf6wLiMQBVeh3tWL1FVQg7ozjI8YZ2OsKXSbYfd/k=
x-served-by
cache-fra-eddf8230069-FRA
last-modified
Sun, 09 Jul 2023 11:14:11 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690152708.340448,VS0,VE1
etag
"041e6f6e68dc5c33b1aa31520debc47c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
bat.js
bat.bing.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 23 Jul 2023 22:51:47 GMT
last-modified
Mon, 17 Jul 2023 22:20:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 07EB7B0618574A979967FBBA373E564E Ref B: FRA31EDGE0121 Ref C: 2023-07-23T22:51:48Z
etag
"060e2effcb8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12438
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t22.4;r;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%...
  • https://counter.yadro.ru/hit?q;t22.4;r;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.co...
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t22.4;r;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE;0.38829023870396195
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
74e58aa7f131b62382d19ab1d8c07f231b972f8136fcb3622f8d49499dd3f701
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:51:48 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
1302
Expires
Sat, 23 Jul 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Jul 2023 22:51:48 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t22.4;r;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE;0.38829023870396195
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 23 Jul 2022 21:00:00 GMT
c.js
stat.clickfrog.ru/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/c.js?r=0.5103257989940622
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
2c1522524f44c38c3ebcefb6b8fe775419b81f43cad9a0711aca03fae65a5520

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
text/javascript;charset=UTF-8
pragma
no-cache
date
Sun, 23 Jul 2023 22:51:48 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx
expires
Sun, 23 Jul 2023 22:51:48 GMT
lang-icons.png
xcraft.net/images/lang/ 		443 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xcraft.net/images/lang/lang-icons.png
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
ed143f7b3f3662966939b1e762ba4502462378864f05d06c970ecf4023aa8154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
last-modified
Mon, 16 Aug 2021 07:55:35 GMT
server
nginx
etag
"611a19f7-1bb"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
443
expires
Tue, 22 Aug 2023 22:51:48 GMT
registry_form_top.png
cdn.xcraft.net/templates/Terran/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/templates/Terran/img/registry_form_top.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97364319377b586c564c2fddf2a50e0e5905dd98123ff8dc4595fe9b0a71773a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
alt-svc
h3=":443"; ma=86400
content-length
12317
last-modified
Thu, 02 Aug 2018 11:39:21 GMT
server
cloudflare
etag
"5b62ed69-301d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1pfXJsQwtZER3RDMjTBwC1M90YgEdRPgEtnDZsBGC5bwclMZzAyWHu6YpkkJv%2BLax73DK%2BB1efVuptTqB7Rx9vO8H6VRen46stEZjxQQbQWOO4vkV6u2WMKoYJTrukG1rOMaiYVGfvQOcLJvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7a8e973aa4-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
registry_form-2inputs.png
cdn.xcraft.net/templates/Terran/img/ 		408 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/templates/Terran/img/registry_form-2inputs.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f93f586d7386ea1022b9245398d3a07828f6d8ca37c0ea259de58a71a77465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
alt-svc
h3=":443"; ma=86400
content-length
417341
last-modified
Thu, 23 Jan 2020 09:07:37 GMT
server
cloudflare
etag
"5e296259-65e3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BkEqbQavvEdI%2Bjse1SJVV%2FsdqVReb%2FofEqDQWWylzgqal2k2uCSL87O%2F1gBAnyYnPxkfwo6nihXPY10IH0te5I838TLFPAcZ83DdZsYGNEp6wlR6%2FnRSnsw8ZB4NFQmVdYUPPjn4h6T0l%2BOhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7a8e9a3aa4-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
oauth_sprite.png
cdn.xcraft.net/images/index/template/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/images/index/template/oauth_sprite.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09336f108b44e0db155c8fa9d4206c230525db46e9a0603e5adcb0dd826f0127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
alt-svc
h3=":443"; ma=86400
content-length
3363
last-modified
Thu, 07 Feb 2019 08:28:18 GMT
server
cloudflare
etag
"5c5bec22-d23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra0WPnja0JvVChjUKWBHoIwebcQkRkRSpuSAF1Xzl3FU7kHWQ9ByJEDEp79wOdk7upfBGsY53j3SmkgCvayqaavepuZBB91d49Szmyq%2F8oFdx8FT2xBfClZveNXMMejYUzwc0Pa0urJqv0ZFZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7a8e9c3aa4-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
360-button-play-light.png
cdn.xcraft.net/assets/js/lib/360-player/ 		477 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/assets/js/lib/360-player/360-button-play-light.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7d541976ce073a6d24ed3052118c8e6242ec73f3da08689b75e3d65d93f89a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
alt-svc
h3=":443"; ma=86400
content-length
477
last-modified
Mon, 02 Jul 2018 11:28:12 GMT
server
cloudflare
etag
"5b3a0c4c-1dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYnBBnZq%2FX37U%2Bzp3zKxAOczB4TZcMw2HsGZ%2BZdDyn3wJ10Ec8pWf%2BjezZaYl7otj2uqAdTD8yEgGU5Q4uY%2Bk6BkmHWeTIKtGjJ3I06qnloCyRd2NlpxkbYt44AIyHcAcBnq29CxoNuGU4KDxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7a8e9d3aa4-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
start.mp4
cdn.xcraft.net/tutorial/missions/1/ 		14 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/tutorial/missions/1/start.mp4
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4402
Content-Range
bytes 0-28984560/28984561
alt-svc
h3=":443"; ma=86400
Content-Length
28984561
last-modified
Thu, 02 Aug 2018 09:16:23 GMT
server
cloudflare
etag
"5b62cbe7-1ba44f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZo80WAtFoSz3lOJVSYJPkpR9i7okdmF0FFGUD1zqFJev%2BYrFbdBC71P5uNdJBL6Km0bKynP8dOcNHUOm97J39%2BfUKw0UBNaj44XXZ0s3ID8oe7IO2oi095ZeALj1IMWjG13Gd3wv8VidXlcBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cache-control
public
cf-ray
7eb77d7a9ead3aa4-FRA
Xcraft_terran_theme.mp3
cdn.xcraft.net/images/sound/ 		159 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/sound/Xcraft_terran_theme.mp3
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
Content-Range
bytes 0-6434171/6434172
alt-svc
h3=":443"; ma=86400
Content-Length
6434172
last-modified
Fri, 14 Apr 2023 00:08:18 GMT
server
cloudflare
etag
"64389972-622d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITnR7XwYeOZF6dCPvReFYO48Ol1ecssui5b5NDML5Os8dL0W5zjmnJNcnflphprRbwQ8hXykKyNy4%2BVyrXh4o%2FH94WbAok4wHCqCvX24jGxbiKFsL3OYXUOiM%2BQnIknm6rVR2F54SjALT7h%2Buw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
cf-ray
7eb77d7a9eaf3aa4-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
jquery.min.js
cdn.xcraft.net/assets/build/js/es8/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/js/es8/jquery.min.js?v=13036
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=13036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
826d82abcb34b5a7a5294519da1ea1d5d4730b50469161e52bfed730fb2f3b3c

Request headers

Referer
https://xcraft.net/
Origin
https://xcraft.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61252
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Jul 2023 05:43:11 GMT
server
cloudflare
etag
W/"64b777ef-175cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BeGmWNZGwViKWOrRiLNI5q9Fwt0bzx66Lb8NCNVD5aQ4GFbRgiLzTS8aoUGfe307QdtPbJwoNx994MJu%2Bl0N6QEpgHYGGW91%2FGlKOwEEcndKpQMFJRYPM5%2B%2F0gmDiapfZi1tk7vCD94VQOTjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7eb77d7a8a0f35f1-FRA
expires
Mon, 24 Jul 2023 05:50:56 GMT
cnd_test.png
cdn.xcraft.net/images/ 		67 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/images/cnd_test.png?v1690152708215
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
67
last-modified
Mon, 02 Jul 2018 09:22:15 GMT
server
cloudflare
etag
"5b39eec7-43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7L13EcWQGptjuu4wpM7nmdBcsdjLlHzJkXTYM5XrYok7%2BYrz98o7T2f%2FJGfVTVuO0BJX2HsoZu1SeWhJJZh1AVugOl06VqddGzLHaRtP4c7v%2FzRU3aSuj9U90K%2FK%2B6lYucb%2BSQefMf7uckcLaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7eb77d7afb8d1961-FRA
expires
Tue, 22 Aug 2023 22:51:48 GMT
registration.min.de.js
xcraft.net/assets/build/js/lang/ 		88 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/assets/build/js/lang/registration.min.de.js?v=13036
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=13036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
a38ebdbe4b572aff39090ab494bf1da69854b1b11c0162cce8093940dd1b989f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
last-modified
Wed, 19 Jul 2023 05:44:50 GMT
server
nginx
etag
"64b77852-58"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
88
expires
Tue, 22 Aug 2023 22:51:48 GMT
registration.min.js
cdn.xcraft.net/assets/build/js/es8/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/js/es8/registration.min.js?v=13036
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=13036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627b80b2ee002360a9a4bdf9f1ec70f842d159cf32b0cd8d6dba2f869ec45894

Request headers

Referer
https://xcraft.net/
Origin
https://xcraft.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60332
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Jul 2023 05:44:48 GMT
server
cloudflare
etag
W/"64b77850-1ac38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XN7Wq1HltQxAxRcY1yE1JSQXLHLW24Bm0Yc3oYv5mVAsinv0nmCyKjtknp5Nbja9BTv%2BLK%2FsQtUMLMKm%2FuNM7bgQWuzt4DdNhYyumWTW7hE4SAi7%2Fhv8Cg2iRlFu%2BoaGlM2rpSpdnb1bs10a3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7eb77d7b5aee18d1-FRA
expires
Mon, 24 Jul 2023 06:06:16 GMT
json
trc.taboola.com/1381512/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1381512/trc/3/json?tim=1690152708376&data=%7B%22id%22%3A663%2C%22ii%22%3A%22%2Fregistration%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1690152708372%2C%22cv%22%3A%2220230702-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dscroogefrog-xcraft-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1690152708376%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7cd672dbe72d08cefc195d98365875bc2a25918061978d9b4fe24c685ad351fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Sun, 23 Jul 2023 22:51:48 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7810
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230069-FRA
server
nginx
x-timer
S1690152708.410843,VS0,VE16
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=213673853&utmhn=xcraft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Xcraft%20-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853&slf_rd=1&random=3923969672
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853&slf_rd=1&random=3923969672
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:51:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:51:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=152923694.1690152708&jid=1579829613&_v=5.7.2&z=213673853&slf_rd=1&random=3923969672
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1690152708401&id=t2_9ce06eq1&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=a4695335-74e5-4bf7-a080-36f0646bc89f&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
XcraftNetLoginBot
oauth.telegram.org/embed/ Frame BB4C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&size=small&userpic=false&radius=4
Requested by
Host: telegram.org
URL: https://telegram.org/js/telegram-widget.js?9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d6b71e8dd3c23b6268b8b9b5008887467a89e31ee34ffaa9b5a9a63e7b3c930e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://xcraft.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options ALLOW-FROM https://xcraft.net

Request headers

Referer
https://xcraft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
904
content-security-policy
frame-ancestors https://xcraft.net
content-type
text/html; charset=utf-8
date
Sun, 23 Jul 2023 22:51:48 GMT
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
ALLOW-FROM https://xcraft.net
134610385.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134610385.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sun, 23 Jul 2023 22:51:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F744978D5B5B4118A1A4F4D9B24F23D0 Ref B: FRA31EDGE0121 Ref C: 2023-07-23T22:51:48Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134610385&Ver=2&mid=276cac02-595c-42fb-9ad5-2c197e041b7d&sid=8183a32029ab11ee9724790a6df341b4&vid=8183b90029ab11ee87ab8991d4fd05ce&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Xcraft%20-%20Registrierung&p=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&r=&lt=576&evt=pageLoad&sv=1&rn=585398
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Jul 2023 22:51:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6250851122C741468AB7F2D114FA759C Ref B: FRA31EDGE0121 Ref C: 2023-07-23T22:51:48Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
10135179.json
s.yimg.com/wi/config/ 		2 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135179.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:43:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
RRV8086200FYMC7A
age
509
content-length
2
x-amz-id-2
FsVum8eJGWVvIiHRuXTM2RB6b1mV0MriP54UjlMUi02vKFrDBww80Q1dCzev8g89z395cmSu08k=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
c_q2.php
stat.clickfrog.ru/queue2/ Frame 20D4 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/c.js?r=0.5103257989940622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
2def25ec9eb613edea6acb24d42b5d90a1fa27f62ea53d15038f7f698b0f9831

Request headers

Referer
https://xcraft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 23 Jul 2023 22:51:48 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
nginx
WorkerStarter.min.js
xcraft.net/assets/build/js/es8/ Frame 		0
0
font-roboto.css
telegram.org/css/ Frame BB4C 		6 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: oauth.telegram.org
URL: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&size=small&userpic=false&radius=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth.telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Thu, 27 Jul 2023 22:51:48 GMT
widget-frame.css
telegram.org/css/ Frame BB4C 		81 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/widget-frame.css?66
Requested by
Host: oauth.telegram.org
URL: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&size=small&userpic=false&radius=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth.telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 17:42:21 GMT
server
nginx/1.18.0
etag
W/"64286cfd-1456a"
content-type
text/css
cache-control
max-age=345600
expires
Thu, 27 Jul 2023 22:51:48 GMT
widget-frame.js
telegram.org/js/ Frame BB4C 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/widget-frame.js?62
Requested by
Host: oauth.telegram.org
URL: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&size=small&userpic=false&radius=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth.telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:46:51 GMT
server
nginx/1.18.0
etag
W/"6441889b-16f16"
content-type
application/javascript
cache-control
max-age=345600
expires
Thu, 27 Jul 2023 22:51:48 GMT
Xcraft_terran_theme.mp3
cdn.xcraft.net/images/sound/ 		11 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/sound/Xcraft_terran_theme.mp3
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
Content-Range
bytes 0-6434171/6434172
alt-svc
h3=":443"; ma=86400
Content-Length
6434172
last-modified
Fri, 14 Apr 2023 00:08:18 GMT
server
cloudflare
etag
"64389972-622d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6GQP%2FCEdM1C8PrarLECSTq3bWH7gm%2Fc%2FIYVCvvfD5ui3pVyjKadlkm2KifqPfhfxaveY8pIHcW3J43b8HXpK9GbljUx%2BpXZZhq8evz%2F2hKkSEe6nVdX8s5vjGgwkBoQuoE42HqtvMlEzl32IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
cf-ray
7eb77d7c7ceb1961-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
3dpc.php
clfg.ru/ Frame 20D4 		16 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clfg.ru/3dpc.php?rnd=1303355744
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:203:bb5::4 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
48f2c01b36605f044f49e76724692d46b9c1911940a936dda14f39c8fe5bc7b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stat.clickfrog.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:51:48 GMT
last-modified
Sun, 23 Jul 2023 22:51:48 GMT
server
nginx
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2023%20Jul%202023%2022%3A51%3A48%20GMT&n=0&b=Xcraft%20-%20Registrierung&.yp=10135179&f=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&enc=UTF-8&yv=1.15.1
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:51:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sun, 23 Jul 2023 22:51:48 GMT
Xcraft_terran_theme.mp3
cdn.xcraft.net/images/sound/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/sound/Xcraft_terran_theme.mp3
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d793 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range
bytes=131072-

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1510862
Content-Range
bytes 131072-6434171/6434172
alt-svc
h3=":443"; ma=86400
Content-Length
6303100
last-modified
Fri, 14 Apr 2023 00:08:18 GMT
server
cloudflare
etag
"64389972-622d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93HBcOW%2FYjvw0nmSmV%2BEQNkftls8kHyDT23Ew6A7eZKREzoNfas2TnpCIrgpMx38cnz8FMBNFgGI2RpDyHdx1Nt8AwsmTNom75XndqAJ3k3sG0sWhUgoCwuUT%2BGX4oky94TlieaLZwprFqYOWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
cf-ray
7eb77d7ccd261961-FRA
expires
Sat, 05 Aug 2023 11:10:46 GMT
truncated
/ Frame BB4C 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5df09ceb29f5fa499b25f7039c336281ebeafc1f76672adfd856f6c512ed1e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame BB4C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://oauth.telegram.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:48 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Thu, 27 Jul 2023 22:51:48 GMT
action_quick_q2.php
stat.clickfrog.ru/queue2/ Frame 20D4 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/queue2/action_quick_q2.php
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer
https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:51:49 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10073.C-GVM6o27GVzKekZRz7iR7jKllnXuyf2kBTsSdZDHEB-GtSdikaGjNXN3P30Afpk.h0b8KyERYc0R2q5VWVxcVfZkQjY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10073.TqauRYMGaUbL7sQyAQJACd9DDKTmA8OESHTAGZ3dGJ4J6LHpy7MWTL2xMoWe3ys3KOocd6VI3pm7TBLW1YEcYvssvOhu6w7uXEk5VJAEL9k%2C.ojPywdwESC-d76esATTpeiQPRvM%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10073.TqauRYMGaUbL7sQyAQJACd9DDKTmA8OESHTAGZ3dGJ4J6LHpy7MWTL2xMoWe3ys3KOocd6VI3pm7TBLW1YEcYvssvOhu6w7uXEk5VJAEL9k%2C.ojPywdwESC-d76esATTpeiQPRvM%2C
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10073.TqauRYMGaUbL7sQyAQJACd9DDKTmA8OESHTAGZ3dGJ4J6LHpy7MWTL2xMoWe3ys3KOocd6VI3pm7TBLW1YEcYvssvOhu6w7uXEk5VJAEL9k%2C.ojPywdwESC-d76esATTpeiQPRvM%2C
date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?utm_source=adwords&utm_medium=cpc&utm_campaign=ENG_look_alike&utm_term=rebuildtheuniverse.com&utm_content=462479415558&utm_campaign_id=11057218705&gclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 12 Jul 2023 11:40:09 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64ae66e9-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 23 Jul 2023 23:51:49 GMT
3dpc.php
clfg.ru/ Frame E590 		497 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clfg.ru/3dpc.php?rnd=0&c=5727546625662347783-1690152708&set=1
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:203:bb5::4 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
fbfbeeea9f176a50a27aedcb926ed131f3cee7341c8c399e5787605978806eda

Request headers

Referer
https://stat.clickfrog.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 22:51:49 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 23 Jul 2023 22:51:49 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
nginx
action_slow_q2.php
stat.clickfrog.ru/queue2/ Frame 20D4 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/queue2/action_slow_q2.php
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer
https://stat.clickfrog.ru/queue2/c_q2.php?sid=1986938328&u=https%3A//xcraft.net/registration/%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ref=0&mm=0&c8pad=&ga=&fr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 22:51:49 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
1
mc.yandex.com/watch/2135185/
Redirect Chain
  • https://mc.yandex.com/watch/2135185?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniv...
  • https://mc.yandex.com/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheun...
447 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A581%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A53450251027%3Ahid%3A724749227%3Az%3A0%3Ai%3A20230723225149%3Aet%3A1690152709%3Ac%3A1%3Arn%3A408652686%3Arqn%3A1%3Au%3A1690152709169047566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C89%2C51%2C1%2C225%2C0%2C%2C192%2C0%2C%2C%2C%2C576%3Aco%3A0%3Acpf%3A1%3Ans%3A1690152707656%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690152709%3At%3AXcraft%20-%20Registrierung&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ddb4fc2c31c3a39ffac86ac95c896adb18dba2f208273db61a8a611215e7f321
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 23-Jul-2023 22:51:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xcraft.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sun, 23-Jul-2023 22:51:49 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 23-Jul-2023 22:51:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A581%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A53450251027%3Ahid%3A724749227%3Az%3A0%3Ai%3A20230723225149%3Aet%3A1690152709%3Ac%3A1%3Arn%3A408652686%3Arqn%3A1%3Au%3A1690152709169047566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A16%2C89%2C51%2C1%2C225%2C0%2C%2C192%2C0%2C%2C%2C%2C576%3Aco%3A0%3Acpf%3A1%3Ans%3A1690152707656%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690152709%3At%3AXcraft%20-%20Registrierung&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://xcraft.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 23-Jul-2023 22:51:49 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10073.IoC0DBYlmw_DYvgUQx7mr6iBEBJnN3KQ1ISBUy_r4DIuEduK25VLuI3h8_nV6kUO.3wblnrjVj3ndefoh4Hpol1yb0mQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10073.p-Nu85uyombaGyJ-9OBjshl5E8-aeF9MHCic2r7ePybhLbJ-vIQulAv_5g8VT24FN2EkWxghh9Qlgp3htshLZ_Xhlpuo0arXo6ez3XQwKDM%2C.bbl2uh1tYMqM-pcrJ...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10073.p-Nu85uyombaGyJ-9OBjshl5E8-aeF9MHCic2r7ePybhLbJ-vIQulAv_5g8VT24FN2EkWxghh9Qlgp3htshLZ_Xhlpuo0arXo6ez3XQwKDM%2C.bbl2uh1tYMqM-pcrJYQZ5i_1rY8%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10073.p-Nu85uyombaGyJ-9OBjshl5E8-aeF9MHCic2r7ePybhLbJ-vIQulAv_5g8VT24FN2EkWxghh9Qlgp3htshLZ_Xhlpuo0arXo6ez3XQwKDM%2C.bbl2uh1tYMqM-pcrJYQZ5i_1rY8%2C
date
Sun, 23 Jul 2023 22:51:49 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
unip
trc-events.taboola.com/1381512/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1381512/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1690152708374&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1690152709927&vi=1690152708372&ri=5091f26f374e9494ce35afe692ab101e&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
https://xcraft.net
pragma
no-cache
date
Sun, 23 Jul 2023 22:51:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1381512/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1381512/log/3/unip?en=pre_d_eng_tb&tos=4554&scd=0&ssd=1&est=1690152708374&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1690152712929&vi=1690152708372&ri=5091f26f374e9494ce35afe692ab101e&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Futm_source%3Dadwords%26utm_medium%3Dcpc%26utm_campaign%3DENG_look_alike%26utm_term%3Drebuildtheuniverse.com%26utm_content%3D462479415558%26utm_campaign_id%3D11057218705%26gclid%3DEAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
https://xcraft.net
pragma
no-cache
date
Sun, 23 Jul 2023 22:51:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xcraft.net
URL
https://xcraft.net/assets/build/js/es8/WorkerStarter.min.js?v=1&path=/assets/build/js/es8/WorkerProcess.min.js?v=1&

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| data function| require object| jsAutoRequire function| readyResolver object| readyPromise function| $ object| Main object| _gaq object| dotq function| rdt object| _tfa object| uetq string| clickfrogru_uidh boolean| IS_REQUIRE_ES8 object| __xRequireLoaded function| xRequire function| jQuery object| __xLang function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| _gat object| gaGlobal object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| __parseFunction object| Telegram function| UET function| UET_init function| UET_push object| ueto_bebe122746 object| YAHOO function| CLFGbindReady function| CLFGonReady object| CLFGreadyList object| Interface function| WebSocketClient object| xLang function| ModalBox function| fadeBox function| setCookie function| getCookie function| RegistrationCaptcha object| Ya object| yaCounter2135185 number| n

38 Cookies

Domain/Path Name / Value
www.googleadservices.com/pagead/conversion/608341038/ Name: Conversion
Value: EgwIABUAAAAAHQAAAAAYASCYl4Ll4KqasnxIAWo3RUFJYUlRb2JDaE1JM1phVnJ2V2xnQU1WNEtqUkJCM0ZDUWF3RUFFWUFTQUFFZ0tVVl9EX0J3RXD59o259aWAA5ABzPX8qZ0MmAEB
.googleadservices.com/ Name: ar_debug
Value: 1
xcraft.net/ Name: PHPSESSID
Value: bl1fl5jjieupq8ht22q9vif9d4
xcraft.net/ Name: x_utm_source
Value: adwords
xcraft.net/ Name: x_utm_term
Value: rebuildtheuniverse.com
xcraft.net/ Name: x_utm_content
Value: 462479415558
xcraft.net/ Name: x_utm_campaign
Value: 11057218705
xcraft.net/ Name: x_utm_campaign_name
Value: ENG_look_alike
xcraft.net/ Name: aab_m2martin
Value: 3025603%3A2
.xcraft.net/ Name: __utma
Value: 137179577.152923694.1690152708.1690152708.1690152708.1
.xcraft.net/ Name: __utmc
Value: 137179577
.xcraft.net/ Name: __utmz
Value: 137179577.1690152708.1.1.utmcsr=adwords|utmgclid=EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE|utmccn=ENG_look_alike|utmcmd=cpc|utmctr=rebuildtheuniverse.com|utmcct=462479415558
.xcraft.net/ Name: _gac_UA-32348388-2
Value: 1.1690152708.EAIaIQobChMI3ZaVrvWlgAMV4KjRBB3FCQawEAEYASAAEgKUV_D_BwE
.xcraft.net/ Name: __utmt
Value: 1
.xcraft.net/ Name: __utmb
Value: 137179577.1.10.1690152708
.xcraft.net/ Name: _rdt_uuid
Value: 1690152708400.a4695335-74e5-4bf7-a080-36f0646bc89f
.xcraft.net/ Name: _uetsid
Value: 8183a32029ab11ee9724790a6df341b4
.xcraft.net/ Name: _uetvid
Value: 8183b90029ab11ee87ab8991d4fd05ce
.bing.com/ Name: MUID
Value: 11DF5F418DEC658B026F4C168C40645F
oauth.telegram.org/ Name: stel_ssid
Value: d142b7ee8decb36d68_13150460424068008186
.yadro.ru/ Name: FTID
Value: 1alQy40RT98b1alQy40035xI
.yadro.ru/ Name: VID
Value: 1p1doD0522ub1alQy40035x-
.yahoo.com/ Name: A3
Value: d=AQABBASvvWQCEHjmzqMPPzZJdoNjP7ipSosFEgEBAQEAv2THZOAYyiMA_eMAAA&S=AQAAAjtwlsGnTaMZhvQYptzvC6g
.xcraft.net/ Name: _ym_uid
Value: 1690152709169047566
.xcraft.net/ Name: _ym_d
Value: 1690152709
.xcraft.net/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1602540650fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 245236866fake
stat.clickfrog.ru/ Name: mysc
Value: 5727546625662347783-1690152708
.clfg.ru/ Name: bal3C
Value: 5727546625662347783-1690152708
clfg.ru/ Name: bal3C
Value: 5727546625662347783-1690152708
mc.yandex.com/ Name: yabs-sid
Value: 138685441690152709
.yandex.com/ Name: i
Value: SyryCOj+Mlv4fawKmtJMNEHvNuJ78Q9ekFPA+dvKEzou5RRPQ5vXw7xzClglb0DOyDDS83zBi++JzzGMuNyRPP2D0m0=
.yandex.com/ Name: yandexuid
Value: 9591835071690152709
.yandex.com/ Name: yuidss
Value: 9591835071690152709
.yandex.com/ Name: ymex
Value: 1721688709.yc.1690152709#1721688709.yrts.1690152709#1721688709.yrtsi.1690152709
.yandex.com/ Name: bh
Value: KgI/MA==
.xcraft.net/ Name: _ym_visorc
Value: b

2 Console Messages

Source Level URL
Text
other warning URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
bat.bing.com
cdn.taboola.com
cdn.xcraft.net
clfg.ru
counter.yadro.ru
mc.yandex.com
mc.yandex.ru
oauth.telegram.org
s.yimg.com
sp.analytics.yahoo.com
ssl.google-analytics.com
stat.clickfrog.ru
stats.g.doubleclick.net
telegram.org
trc-events.taboola.com
trc.taboola.com
www.google.com
www.google.de
www.googleadservices.com
www.redditstatic.com
xcraft.net
xcraft.net
141.226.228.48
142.250.186.66
151.101.129.44
151.101.65.140
2001:41d0:203:bb5::4
2001:67c:4e8:f004::9
212.82.100.181
2606:4700:3034::ac43:d793
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:400c:c09::9b
2a02:6b8::1:119
2a04:4e42:200::396
46.105.175.30
51.195.106.115
88.212.202.52
02e66cb6ed9cadd2b5602eb1b262b739e7b86027581ec25bdf5e77f87cced7a9
09336f108b44e0db155c8fa9d4206c230525db46e9a0603e5adcb0dd826f0127
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
168f9aeb39507b0c3417cd02abf4018a01abf1513e24ed9157c7f1dc670400ad
1e24922e73947bbd99092c5967cea5343db3fa2091320098ae6c775f002e43f1
2c1522524f44c38c3ebcefb6b8fe775419b81f43cad9a0711aca03fae65a5520
2def25ec9eb613edea6acb24d42b5d90a1fa27f62ea53d15038f7f698b0f9831
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48f2c01b36605f044f49e76724692d46b9c1911940a936dda14f39c8fe5bc7b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ca8e83cf504aebda19344290f6df4a189eb2e2e5bde5cd43ec96d63b3ba2ea1
5df09ceb29f5fa499b25f7039c336281ebeafc1f76672adfd856f6c512ed1e76
627b80b2ee002360a9a4bdf9f1ec70f842d159cf32b0cd8d6dba2f869ec45894
62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df
74e58aa7f131b62382d19ab1d8c07f231b972f8136fcb3622f8d49499dd3f701
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7cd672dbe72d08cefc195d98365875bc2a25918061978d9b4fe24c685ad351fb
7e7d541976ce073a6d24ed3052118c8e6242ec73f3da08689b75e3d65d93f89a
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
826d82abcb34b5a7a5294519da1ea1d5d4730b50469161e52bfed730fb2f3b3c
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
97364319377b586c564c2fddf2a50e0e5905dd98123ff8dc4595fe9b0a71773a
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
a38ebdbe4b572aff39090ab494bf1da69854b1b11c0162cce8093940dd1b989f
ac9c288761ebc7cfd5f241861b1e14d8f57ff6e9c5fbfb297202989f2625d950
adcd52a30bb9d688e16810264e27c369e227b9cf6e88c5add5e430bf50ed3141
b42043d4ebcbff2c1e140ba0a80d2c817e9a213d558adbb44f9343dcf1766746
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
d6b71e8dd3c23b6268b8b9b5008887467a89e31ee34ffaa9b5a9a63e7b3c930e
d7f93f586d7386ea1022b9245398d3a07828f6d8ca37c0ea259de58a71a77465
ddb4fc2c31c3a39ffac86ac95c896adb18dba2f208273db61a8a611215e7f321
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b62c7441173ee1d36c4a8863bd2f6e58a44cd09fcca65cea2d4c729346200
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ed143f7b3f3662966939b1e762ba4502462378864f05d06c970ecf4023aa8154
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbfbeeea9f176a50a27aedcb926ed131f3cee7341c8c399e5787605978806eda