urlscan.io logo urlscan.io
SecurityTrails logo

xcraft.net Open in urlscan Pro
51.195.106.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://as.adsoniris.com/click/2/44868/46c89cde4fda01c5b890a86f7f72259e/293202?segment=293202
Effective URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_sr...
Submission: On May 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 9 countries across 20 domains to perform 54 HTTP transactions. The main IP is 51.195.106.115, located in France and belongs to OVH, FR. The main domain is xcraft.net.
TLS certificate: Issued by R3 on March 5th 2023. Valid for: 3 months.
This is the only time xcraft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    34.160.245.57 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 57.245.160.34.bc.googleusercontent.com
as.adsoniris.com
1    2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)
clck.mgid.com
1    2001:41d0:203:bb7::16 (France)

ASN16276 (OVH, FR)
r.clickfrog.org
6    51.195.106.115 (France)

ASN16276 (OVH, FR)
PTR: xcraft.ru
xcraft.net
15    2606:4700:3032::6815:10c3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.xcraft.net
6    2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)
telegram.org
oauth.telegram.org
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
4    46.105.175.30 (France)

ASN16276 (OVH, FR)
PTR: lb2.clfg.ru
stat.clickfrog.ru
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2001:41d0:203:bb6::8 (France)

ASN16276 (OVH, FR)
clfg.ru
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
21 xcraft.net
xcraft.net
cdn.xcraft.net
529 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9507
3 KB
6 telegram.org
telegram.org — Cisco Umbrella Rank: 10214
oauth.telegram.org — Cisco Umbrella Rank: 210628
65 KB
4 clickfrog.ru
stat.clickfrog.ru — Cisco Umbrella Rank: 861419
24 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 899
trc.taboola.com — Cisco Umbrella Rank: 635
trc-events.taboola.com — Cisco Umbrella Rank: 1846
20 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 343
13 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3734
58 KB
2 clfg.ru
clfg.ru
1 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 10747
3 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 558
7 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 427
17 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1480
157 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099
634 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6080
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
485 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
380 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1323
8 KB
1 clickfrog.org
r.clickfrog.org
260 B
1 mgid.com
clck.mgid.com — Cisco Umbrella Rank: 28345
2 KB
1 adsoniris.com
as.adsoniris.com — Cisco Umbrella Rank: 253525
483 B
54 20
Domain Requested by
15 cdn.xcraft.net xcraft.net
cdn.xcraft.net
7 mc.yandex.com 3 redirects xcraft.net
6 xcraft.net 1 redirects clck.mgid.com
xcraft.net
cdn.xcraft.net
5 telegram.org xcraft.net
oauth.telegram.org
telegram.org
4 stat.clickfrog.ru xcraft.net
stat.clickfrog.ru
3 bat.bing.com xcraft.net
bat.bing.com
3 mc.yandex.ru 2 redirects xcraft.net
2 trc-events.taboola.com cdn.taboola.com
2 clfg.ru stat.clickfrog.ru
2 counter.yadro.ru 1 redirects xcraft.net
2 s.yimg.com xcraft.net
s.yimg.com
2 ssl.google-analytics.com 1 redirects xcraft.net
1 alb.reddit.com xcraft.net
1 sp.analytics.yahoo.com xcraft.net
1 www.google.de xcraft.net
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 oauth.telegram.org telegram.org
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com xcraft.net
1 www.redditstatic.com xcraft.net
1 r.clickfrog.org 1 redirects
1 clck.mgid.com
1 as.adsoniris.com 1 redirects
54 24

This site contains links to these domains. Also see Links.

Domain
novaart.ru
liveinternet.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
xcraft.ru
R3		 2023-03-05 -
2023-06-03		 3 months crt.sh
xcraft.net
E1		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2022-08-10 -
2023-09-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-10 -
2023-05-31		 2 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
stat.clickfrog.ru
R3		 2023-05-15 -
2023-08-13		 3 months crt.sh
clfg.ru
R3		 2023-05-15 -
2023-08-13		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Frame ID: B897BFF25ED1D65BEA8A996C5484F236
Requests: 43 HTTP requests in this frame

Frame: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&size=small&userpic=false&radius=4
Frame ID: E0A6133F9F81ABDE36425747B1EE5ED2
Requests: 6 HTTP requests in this frame

Frame: https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
Frame ID: 8C297BC52F4A7B693EF881469061333F
Requests: 4 HTTP requests in this frame

Frame: https://clfg.ru/3dpc.php?rnd=0&c=13779727831799162384-1684338009&set=1
Frame ID: 2AF805D6ED229680566F3FB7CCD57D04
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xcraft - Registrierung

Page URL History Show full URLs

  1. https://as.adsoniris.com/click/2/44868/46c89cde4fda01c5b890a86f7f72259e/293202?segment=293202 HTTP 302
    https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0Qghj... Page URL
  2. https://r.clickfrog.org/xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&ut... HTTP 301
    http://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_regio... HTTP 301
    https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_regio... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

89 %
HTTPS

62 %
IPv6

20
Domains

24
Subdomains

18
IPs

9
Countries

748 kB
Transfer

18854 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://as.adsoniris.com/click/2/44868/46c89cde4fda01c5b890a86f7f72259e/293202?segment=293202 HTTP 302
    https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd6826564&tt=Direct&att=3&pubsrcid=44868&cpm=1&prid=1&ct=1&st=120&h2=e1XM3196A8glic_xlUkOIR_2ou8s9-Gty8Oc44FhMVA* Page URL
  2. https://r.clickfrog.org/xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your+Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv HTTP 301
    http://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv HTTP 301
    https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://as.adsoniris.com/click/2/44868/46c89cde4fda01c5b890a86f7f72259e/293202?segment=293202 HTTP 302
  • https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd6826564&tt=Direct&att=3&pubsrcid=44868&cpm=1&prid=1&ct=1&st=120&h2=e1XM3196A8glic_xlUkOIR_2ou8s9-Gty8Oc44FhMVA*
Request Chain 14
  • https://counter.yadro.ru/hit?t22.4;rhttps%3A//clck.mgid.com/;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv;0.0060040403981986845 HTTP 302
  • https://counter.yadro.ru/hit?q;t22.4;rhttps%3A//clck.mgid.com/;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv;0.0060040403981986845
Request Chain 29
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417193888&utmhn=xcraft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Xcraft%20-%20Registrierung&utmhid=1186078183&utmr=https%3A%2F%2Fclck.mgid.com%2F&utmp=%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%252520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&utmht=1684338009768&utmac=UA-32348388-2&utmcc=__utma%3D137179577.2113704247.1684338010.1684338010.1684338010.1%3B%2B__utmz%3D137179577.1684338010.1.1.utmcsr%3Dmgid_ru%7Cutmccn%3DXCraft_DEU%7Cutmcmd%3Dcpc%7Cutmctr%3D57776380s44868%7Cutmcct%3D15150910%3B&utmjid=1115696374&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888&slf_rd=1&random=2210053730
Request Chain 44
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10006.wFtNdtmLPEDdC4DegGOw7Vh6iFFElUYlaJx4IrW1Dj8poC1zEZu0bjZgaVjP3fbm.eVr3hf44sHRR0LSupiHyxKLYGwY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10006.87x1sCJmCPkdp39EGWTomkDbRNhn6jPwwZfX5CPKpehlcQo39hYaJKGvcowFnnmQaDxSofENlwv7gLb-1NPl2UAfUdaBUIKE__Lao8C8GzU%2C.9R_5WLbNjrfYpqJrnkwqpS2Bvwk%2C
Request Chain 48
  • https://mc.yandex.com/watch/2135185?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&page-ref=https%3A%2F%2Fclck.mgid.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1603914238104%3Ahid%3A48550843%3Az%3A0%3Ai%3A20230517154010%3Aet%3A1684338010%3Ac%3A1%3Arn%3A26812416%3Arqn%3A1%3Au%3A1684338010976703831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C43%2C30%2C1%2C247%2C0%2C%2C102%2C0%2C%2C%2C%2C425%3Aco%3A0%3Acpf%3A1%3Ans%3A1684338009217%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684338010%3At%3AXcraft%20-%20Registrierung&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&page-ref=https%3A%2F%2Fclck.mgid.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1603914238104%3Ahid%3A48550843%3Az%3A0%3Ai%3A20230517154010%3Aet%3A1684338010%3Ac%3A1%3Arn%3A26812416%3Arqn%3A1%3Au%3A1684338010976703831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C43%2C30%2C1%2C247%2C0%2C%2C102%2C0%2C%2C%2C%2C425%3Aco%3A0%3Acpf%3A1%3Ans%3A1684338009217%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684338010%3At%3AXcraft%20-%20Registrierung&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 51
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10006.hsQ3xB5Rza75FUde3rpJXNkyTPromESyubPyNwahIhZNdXdH6-MEX8_L5PNglEus.xfvXUsrrtoHHVKW-gEeo50DCtww%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10006.eTOtUaunhRK7GHRh1MWN-NzchwuZZxJDvSjrU_xSnt_sHK4gk3UadVtr4RffHzH_PQmmgk3ybWcGDQWIIEJiq3sbJZEEVnjsV1-Ayi8V4So%2C.tDOSFOv3UbAZ-D5IC22g_1ceoDI%2C

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1
clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/
Redirect Chain
  • https://as.adsoniris.com/click/2/44868/46c89cde4fda01c5b890a86f7f72259e/293202?segment=293202
  • https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd682656...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd6826564&tt=Direct&att=3&pubsrcid=44868&cpm=1&prid=1&ct=1&st=120&h2=e1XM3196A8glic_xlUkOIR_2ou8s9-Gty8Oc44FhMVA*
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7c8cf50c3d7abbbf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 15:40:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
vary
Accept-Encoding
x-mg-click-uuid
37e102bb-57f3-4543-ee7a-7967e3b34296
x-robots-tag
noindex

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 15:40:08 GMT
location
//clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd6826564&tt=Direct&att=3&pubsrcid=44868&cpm=1&prid=1&ct=1&st=120&h2=e1XM3196A8glic_xlUkOIR_2ou8s9-Gty8Oc44FhMVA*
server
nginx
via
1.1 google
x-trace
2B9DEAB7FBAA55D0250E83F8FF46270FD41824BC270F119DD72D5ED1DE00
Primary Request /
xcraft.net/registration/
Redirect Chain
  • https://r.clickfrog.org/xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your+Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCra...
  • http://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term...
  • https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_ter...
14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd6826564&tt=Direct&att=3&pubsrcid=44868&cpm=1&prid=1&ct=1&st=120&h2=e1XM3196A8glic_xlUkOIR_2ou8s9-Gty8Oc44FhMVA*
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
be1a2bfced05e7aa3286af13c78488ee3cb4c7f3f819fb3e55a628e4169dc751

Request headers

Referer
https://clck.mgid.com/ghits/15150910/i/57776380/0/src/44868/pp/2/1?h=1ksA_a_yKG70hMiSPkYR1CIq0QghjSAjoeXSEOn5nlv6zEYUCSBkH5FXyjHy3CrPbEYD-39EyNgS_QdUu8tOfQ**&rid=15c5d2c3-f4c9-11ed-bcb7-c84bd6826564&tt=Direct&att=3&pubsrcid=44868&cpm=1&prid=1&ct=1&st=120&h2=e1XM3196A8glic_xlUkOIR_2ou8s9-Gty8Oc44FhMVA*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 15:40:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 17 May 2023 15:40:09 GMT
Location
https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Server
nginx
registration.terran.css
cdn.xcraft.net/assets/build/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32dc10524d842d34f6f2691fde22fa0703961714b241935265aff5b45b8ae08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Jan 2023 08:19:15 GMT
server
cloudflare
etag
W/"63b53683-2901"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bGKj5%2BxTLvUBmOro%2BzVCcWH7c2MDrNSXriguwYrwqIQrDjGWNak7froBgUKL9JD6sosGEEUhkOQbTPH8MmH7AYA8Q9FDChkwlEWf%2FIwtqS2t8txmXLxipWdiJkIIAesPZIUPxklRXHGRNbxcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7c8cf5100ffe368c-FRA
expires
Thu, 18 May 2023 11:23:20 GMT
lgr.min.js
xcraft.net/assets/build/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/assets/build/js/lgr.min.js?v=12987
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
fffd0340b996a97b53ddbbc92f5c5d70876fbb2aabc3d09367e22ad50a86da23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
gzip
last-modified
Fri, 12 May 2023 00:25:04 GMT
server
nginx
etag
W/"645d8760-1607"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
expires
Fri, 16 Jun 2023 15:40:09 GMT
cdn.min.js
xcraft.net/assets/build/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/assets/build/js/cdn.min.js?v=12987
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
ac341c6e920f9cdd68213ecfaad1252de3bf3fb1b4ba8e8bbf5e36019c1da0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
gzip
last-modified
Fri, 12 May 2023 00:25:03 GMT
server
nginx
etag
W/"645d875f-702"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
expires
Fri, 16 Jun 2023 15:40:09 GMT
autoloader.es8.min.js
cdn.xcraft.net/assets/build/js/es8/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=12987
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adcd52a30bb9d688e16810264e27c369e227b9cf6e88c5add5e430bf50ed3141

Request headers

Referer
https://xcraft.net/
Origin
https://xcraft.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15341
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 May 2023 00:25:50 GMT
server
cloudflare
etag
W/"645d878e-112a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jr8aaJkzGgFOkNRwB16tsPWcWYbOAFKKIiCm%2F5SiiUuvITzPKk4KVQOGQLH93ou5L%2F2iUrVQnyMx3GetCkxzgUu9P3rHbpZJFHxErkNcrLNqxkG8NKNPekIXIFK1XbrFRtidFejQ9SLXE9h8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7c8cf5100d4b0410-FRA
expires
Thu, 18 May 2023 11:24:28 GMT
logo_terran_small.png
cdn.xcraft.net/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/images/logo_terran_small.png
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca8e83cf504aebda19344290f6df4a189eb2e2e5bde5cd43ec96d63b3ba2ea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15426
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17329
last-modified
Mon, 02 Jul 2018 09:22:17 GMT
server
cloudflare
etag
"5b39eec9-43b1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKF5lFuElt%2BPDYEAO74HRB3r2TRcWWJF5SCKZWq9xG1KBEWnVFitkzhDjIhQ6lA%2BoI78GETO9fD2w3DkBO2VWbP05wzztgwg92KBseVAw6h%2BU7VhyhRzEDI9AOgcIZbs1yhv5t6DuZtk9i14AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf5103828368c-FRA
expires
Fri, 16 Jun 2023 11:23:03 GMT
telegram-widget.js
telegram.org/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-widget.js?9
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
etag
W/"642abc84-4ff5"
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 21 May 2023 15:40:09 GMT
cnd_test.png
cdn.xcraft.net/images/ 		67 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/cnd_test.png?v1684338009632
Requested by
Host: xcraft.net
URL: https://xcraft.net/assets/build/js/cdn.min.js?v=12987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67
last-modified
Mon, 02 Jul 2018 09:22:15 GMT
server
cloudflare
etag
"5b39eec7-43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FCuljr%2B5MicjSdGMkGuBnNlzlLdze0JWNZE1iAZe3vRHbd7EFkVhxfqsrc8V0%2F5xU2B1XkMoBPakvr4o38XW57pDkVQ8w4WxEmSTUWloWBmzcwCNWJ07EB6AYIOlUD8EJ4bJUB4aBEFcTLqbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf5103d940410-FRA
expires
Fri, 16 Jun 2023 15:40:09 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 14:10:26 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5383
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 17 May 2023 16:10:26 GMT
watch.js
mc.yandex.ru/metrika/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 16 May 2023 13:45:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64635ec8-e583"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58755
expires
Wed, 17 May 2023 16:40:09 GMT
ytc.js
s.yimg.com/wi/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:39:34 GMT
x-amz-version-id
JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
RTMDXQMNYCCD0XEJ
age
36
x-amz-server-side-encryption
AES256
x-amz-id-2
sEtCO+HVi81T4h2q8DCFq9kRoHcwdo5yuQpDgzlMkT4f1P5nz9RKiE9WERNO9ZMfKkaqhpTWInc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 26 Apr 2023 11:08:30 GMT
server
ATS
etag
"e896178ac557f4e393e0a05405c33633-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
tfa.js
cdn.taboola.com/libtrc/unip/1381512/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a00d21fe5da0003851ba7876c77c148238da913fdd58bc625ba7e6bda305b734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
93FMDR7X9cf3tUDeEJaLjqxMgBci4Gg1
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 May 2023 15:40:09 GMT
x-amz-request-id
24FM5QFH4Q3M5Z2F
age
63
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
18217
x-amz-id-2
DI9n55FFuJW+c7pKxfVaJMeXi/IJPruolmPg9gQGdVGe/h6+IJPYxtLN/vGyFOsmSkpuwBUEKVI=
x-served-by
cache-fra-etou8220069-FRA
last-modified
Sun, 14 May 2023 11:05:37 GMT
server
AmazonS3
x-timer
S1684338010.701816,VS0,VE5
etag
"01d11e8e780f05b91e823d445e86ad93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
32
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 17 May 2023 15:40:09 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E7D53D50C1B74B81AC89B839CA84FC7D Ref B: FRAEDGE1315 Ref C: 2023-05-17T15:40:09Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t22.4;rhttps%3A//clck.mgid.com/;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520A...
  • https://counter.yadro.ru/hit?q;t22.4;rhttps%3A//clck.mgid.com/;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%252...
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t22.4;rhttps%3A//clck.mgid.com/;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv;0.0060040403981986845
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
803292868959e80da6ad30c66f01e37a04c8b3645879725721f3d712ad153ee1
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 15:40:09 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
1305
Expires
Mon, 16 May 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 May 2023 15:40:09 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t22.4;rhttps%3A//clck.mgid.com/;s1600*1200*24;uhttps%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv;0.0060040403981986845
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 16 May 2022 21:00:00 GMT
c.js
stat.clickfrog.ru/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/c.js?r=0.9654237553226086
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
d20cfbf665a0560dac52d4bf7e9ae66d5ee78016bab5ae85b7df7e8471a714f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/javascript;charset=UTF-8
pragma
no-cache
date
Wed, 17 May 2023 15:40:09 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx
expires
Wed, 17 May 2023 15:40:09 GMT
start.mp4
cdn.xcraft.net/tutorial/missions/1/ 		14 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/tutorial/missions/1/start.mp4
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6012
Content-Range
bytes 0-28984560/28984561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
28984561
last-modified
Thu, 02 Aug 2018 09:16:23 GMT
server
cloudflare
etag
"5b62cbe7-1ba44f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GTlXJJTDLA%2Feg6mQ2epMy4N02fBqdVFb42FR8FcdY4zkBtAh5VdkCMvCE32ToS5IyE88EMqupzFFPxC865grl%2BuGXrvVvsB4Ak4SpVTyNdCgJUGn2Lgq9klmls6cvKiD3necDlrRDzNte%2BgrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cache-control
public
cf-ray
7c8cf5104834368c-FRA
Xcraft_terran_theme.mp3
cdn.xcraft.net/images/sound/ 		159 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/sound/Xcraft_terran_theme.mp3
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15194
Content-Range
bytes 0-6434171/6434172
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6434172
last-modified
Fri, 14 Apr 2023 00:08:18 GMT
server
cloudflare
etag
"64389972-622d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKuizYmALgghLXn2fKd8b6YdZrPhJmsrbm9aFrdO4W2WPvMXvBm7oi7h%2BhhPg%2FFyx0FDL2QaBvc4Lak4ZFDddVlMpKFAA47IHYRaDO2AAQhsL%2B18mZcjvA0RIcoAnKMQUD%2Bv44lsNx6XzTz3vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
cf-ray
7c8cf5104837368c-FRA
expires
Fri, 16 Jun 2023 11:26:55 GMT
jquery.min.js
cdn.xcraft.net/assets/build/js/es8/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/js/es8/jquery.min.js?v=12987
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=12987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af2d1fb0a11bd03d2b3e23d6a1bd664cf924b7b3f5e80a4df92c7528323590d

Request headers

Referer
https://xcraft.net/
Origin
https://xcraft.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15340
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 May 2023 00:25:21 GMT
server
cloudflare
etag
W/"645d8771-1829e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq7EM4Un8yRTFjWnBGcZEheTFZSwtBW6hU7HjQ%2FMHID9NFHo69AdHI6ilremUUlRJKdqPeymAiObEs3cq9so05eRE%2FYzF2YmjCpAi%2Bf09jiDS95%2Fu1mNDrGS6GvHzJlNV5xwEPGGy0RdHWZTbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7c8cf5104da20410-FRA
expires
Thu, 18 May 2023 11:24:29 GMT
lang-icons.png
xcraft.net/images/lang/ 		443 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xcraft.net/images/lang/lang-icons.png
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
ed143f7b3f3662966939b1e762ba4502462378864f05d06c970ecf4023aa8154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
last-modified
Mon, 16 Aug 2021 07:55:35 GMT
server
nginx
etag
"611a19f7-1bb"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
443
expires
Fri, 16 Jun 2023 15:40:09 GMT
registry_form_top.png
cdn.xcraft.net/templates/Terran/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/templates/Terran/img/registry_form_top.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97364319377b586c564c2fddf2a50e0e5905dd98123ff8dc4595fe9b0a71773a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12317
last-modified
Thu, 02 Aug 2018 11:39:21 GMT
server
cloudflare
etag
"5b62ed69-301d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laeA%2FTvvIAUGFmjIfTBYMZAGnBAZbP7zODi%2FZzJpBezLu0Rcr5s5utbTO6HlBrq4BYNbQG2Xnn%2FjzD4Prhr9WqZl6%2F5KhBNHLI6XBJERYIN4CASsA0k3mzRxK5Fns2gKmK8Ga9elStLh%2BEmM9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf5105845368c-FRA
expires
Fri, 16 Jun 2023 11:32:19 GMT
registry_form-2inputs.png
cdn.xcraft.net/templates/Terran/img/ 		408 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/templates/Terran/img/registry_form-2inputs.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f93f586d7386ea1022b9245398d3a07828f6d8ca37c0ea259de58a71a77465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
417341
last-modified
Thu, 23 Jan 2020 09:07:37 GMT
server
cloudflare
etag
"5e296259-65e3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPu2kwyvAK0wzotwolnGEVoUpCRzrIYvMqMYyCVh1zfQYTl6XRDlAOUWvPitPq8m0aFNGneSBXe8RnPOs99qzHaatnxYO%2FJMBzr5mD9k8tFXDIREiWWIilbjljcmiUibdQfuelPysnGZxgiIrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf5105849368c-FRA
expires
Fri, 16 Jun 2023 11:32:19 GMT
oauth_sprite.png
cdn.xcraft.net/images/index/template/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/images/index/template/oauth_sprite.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09336f108b44e0db155c8fa9d4206c230525db46e9a0603e5adcb0dd826f0127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3363
last-modified
Thu, 07 Feb 2019 08:28:18 GMT
server
cloudflare
etag
"5c5bec22-d23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy0EB6rBCeu9kSXxJzUZwP4vWQzpqrY2yARJGa7SEs6zbeTC5gPQofp8krV45p7zfxPNECPwuei1150D6XOCj5RthTy7psktkbij%2FuFmpdbFYlnE%2B1wys79uvUcfhWBCkLeLn4jTqP5j14MZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf510584d368c-FRA
expires
Fri, 16 Jun 2023 11:31:14 GMT
360-button-play-light.png
cdn.xcraft.net/assets/js/lib/360-player/ 		477 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/assets/js/lib/360-player/360-button-play-light.png
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7d541976ce073a6d24ed3052118c8e6242ec73f3da08689b75e3d65d93f89a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.xcraft.net/assets/build/css/registration.terran.css?v=3879
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15374
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
477
last-modified
Mon, 02 Jul 2018 11:28:12 GMT
server
cloudflare
etag
"5b3a0c4c-1dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsMI34fvci56B8YcSd%2BddA8uhcg%2FCVo%2B6bMlUeWhgalSoiaN26VKuWqthQCyqRFTsiWdSijt0XjtRLYHZJ56y%2BFcJ%2FBNIJClwFRE1m23mkIpkSjMSUDkHvnEjU1OExT5FCd1sPLUoBP3bpZBPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf510584f368c-FRA
expires
Fri, 16 Jun 2023 11:23:55 GMT
registration.min.de.js
xcraft.net/assets/build/js/lang/ 		88 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xcraft.net/assets/build/js/lang/registration.min.de.js?v=12987
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=12987
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.106.115 , France, ASN16276 (OVH, FR),
Reverse DNS
xcraft.ru
Software
nginx /
Resource Hash
a38ebdbe4b572aff39090ab494bf1da69854b1b11c0162cce8093940dd1b989f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
last-modified
Fri, 12 May 2023 00:27:02 GMT
server
nginx
etag
"645d87d6-58"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
88
expires
Fri, 16 Jun 2023 15:40:09 GMT
cnd_test.png
cdn.xcraft.net/images/ 		67 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xcraft.net/images/cnd_test.png?v1684338009632
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67
last-modified
Mon, 02 Jul 2018 09:22:15 GMT
server
cloudflare
etag
"5b39eec7-43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5Q4oLg0CsmQdOM26MYMjXmFS1LlsmaItfaD5GObzF1Nn%2B19vlc2LglKM3V8tzVfqODUe%2FiSzoa81%2B8iTzt0PNtrPSdb4vmN1hkWiuaXGL0Ofe7CxqHAqCB7YXTV0tRy8fHKqYtTB%2FkQhnUa%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
7c8cf510a89a9262-FRA
expires
Fri, 16 Jun 2023 15:40:09 GMT
registration.min.js
cdn.xcraft.net/assets/build/js/es8/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/assets/build/js/es8/registration.min.js?v=12987
Requested by
Host: cdn.xcraft.net
URL: https://cdn.xcraft.net/assets/build/js/es8/autoloader.es8.min.js?v=12987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14dd36e24ba65e7cdb71e789b8a8aef526225c9bb3d95aba04cd321f0693b267

Request headers

Referer
https://xcraft.net/
Origin
https://xcraft.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15401
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 12 May 2023 00:27:00 GMT
server
cloudflare
etag
W/"645d87d4-1ac1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUxrHHw9Zd8LqjuPXGclOrnqi60QZ6BQF6u%2FaQbd36%2FogwEPTxylCq7wqze44JX%2FkZkDTDIWu3D8%2FWd9bXKUvDkR%2Fj6uW5pD1XlEciFkdD26S3wYIRk8kDA%2FgfMHay56Uc3ac4BBHIS69mtoMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
7c8cf510ceb618d8-FRA
expires
Thu, 18 May 2023 11:23:28 GMT
json
trc.taboola.com/1381512/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1381512/trc/3/json?tim=1684338009730&data=%7B%22id%22%3A770%2C%22ii%22%3A%22%2Fregistration%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1684338009725%2C%22cv%22%3A%2220230511-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv%22%2C%22e%22%3A%22https%3A%2F%2Fclck.mgid.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dscroogefrog-xcraft-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1684338009729%2C%22ref%22%3A%22https%3A%2F%2Fclck.mgid.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
432d81bfd06a55c6fbf4560f363ec732e14ab32ecec88ac8d4fd6a38a9876c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Wed, 17 May 2023 15:40:09 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-etou8220069-FRA
server
nginx
x-timer
S1684338010.755803,VS0,VE15
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
XcraftNetLoginBot
oauth.telegram.org/embed/ Frame E0A6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&size=small&userpic=false&radius=4
Requested by
Host: telegram.org
URL: https://telegram.org/js/telegram-widget.js?9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
06c014361211c3ae13cce4f586e537303aacc3a48758e8a55ed749ab8ce4739c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://xcraft.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options ALLOW-FROM https://xcraft.net

Request headers

Referer
https://xcraft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
883
content-security-policy
frame-ancestors https://xcraft.net
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 15:40:09 GMT
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
ALLOW-FROM https://xcraft.net
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417193888&utmhn=xcraft.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Xcraft%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888&slf_rd=1&random=2210053730
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888&slf_rd=1&random=2210053730
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 15:40:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 15:40:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32348388-2&cid=2113704247.1684338010&jid=1115696374&_v=5.7.2&z=1417193888&slf_rd=1&random=2210053730
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
134610385.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134610385.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 17 May 2023 15:40:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43DD5EDE84914DA7BFBE8CE0290B4CCA Ref B: FRAEDGE1315 Ref C: 2023-05-17T15:40:09Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134610385&Ver=2&mid=8637662b-bcee-49ff-a4cd-705d16d766c4&sid=1b0cae90f4c911ed99e633c7100f7c28&vid=1b0ca230f4c911eda94e7b2c3383250b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Xcraft%20-%20Registrierung&p=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&r=https%3A%2F%2Fclck.mgid.com%2F&lt=425&evt=pageLoad&sv=1&rn=510306
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 May 2023 15:40:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D17E5A7C2E2649A1A51F96DDCE739147 Ref B: FRAEDGE1315 Ref C: 2023-05-17T15:40:09Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
WorkerStarter.min.js
xcraft.net/assets/build/js/es8/ Frame 		0
0
10135179.json
s.yimg.com/wi/config/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135179.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:39:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
4ZWGF8WK299A97DJ
age
17
content-length
2
x-amz-id-2
uVn1i8nsjkIZ3vOm7IvEAsktjWXMnw82VuaaU7FfZTcmKxxgZlSjMAShWiKXAaT7JWAH574fWjc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
font-roboto.css
telegram.org/css/ Frame E0A6 		6 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: oauth.telegram.org
URL: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&size=small&userpic=false&radius=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth.telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Sun, 21 May 2023 15:40:09 GMT
widget-frame.css
telegram.org/css/ Frame E0A6 		81 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/widget-frame.css?66
Requested by
Host: oauth.telegram.org
URL: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&size=small&userpic=false&radius=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth.telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 17:42:21 GMT
server
nginx/1.18.0
etag
W/"64286cfd-1456a"
content-type
text/css
cache-control
max-age=345600
expires
Sun, 21 May 2023 15:40:09 GMT
widget-frame.js
telegram.org/js/ Frame E0A6 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/widget-frame.js?62
Requested by
Host: oauth.telegram.org
URL: https://oauth.telegram.org/embed/XcraftNetLoginBot?origin=https%3A%2F%2Fxcraft.net&return_to=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&size=small&userpic=false&radius=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth.telegram.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:46:51 GMT
server
nginx/1.18.0
etag
W/"6441889b-16f16"
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 21 May 2023 15:40:09 GMT
Xcraft_terran_theme.mp3
cdn.xcraft.net/images/sound/ 		626 B
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/sound/Xcraft_terran_theme.mp3
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15408
Content-Range
bytes 0-6434171/6434172
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6434172
last-modified
Fri, 14 Apr 2023 00:08:18 GMT
server
cloudflare
etag
"64389972-622d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1Xs9ypD9NJizD1J%2BtPtiKo36fUEHAYQXTiUhqhU4gpuFvPrVic8C8Rzq%2Bz62QtWgWZa0ryWVjsrCocT1oZ78Heyo9u84jVW6Q97APwitbG6QtGVzwoOolqBT%2B8%2FMtwa9RrtJi5hszrzTkMx5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
cf-ray
7c8cf51189739262-FRA
expires
Fri, 16 Jun 2023 11:23:21 GMT
c_q2.php
stat.clickfrog.ru/queue2/ Frame 8C29 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/c.js?r=0.9654237553226086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
1700df867546eb6b495487a7ac5ab49f80559e85a6cf1cd8fbe1127ec7bd6722

Request headers

Referer
https://xcraft.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 17 May 2023 15:40:09 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
nginx
Xcraft_terran_theme.mp3
cdn.xcraft.net/images/sound/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.xcraft.net/images/sound/Xcraft_terran_theme.mp3
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:10c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xcraft.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=131072-

Response headers

date
Wed, 17 May 2023 15:40:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15408
Content-Range
bytes 131072-6434171/6434172
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6303100
last-modified
Fri, 14 Apr 2023 00:08:18 GMT
server
cloudflare
etag
"64389972-622d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWjpKYEz6oz3n%2BNuPo8vfkXrVdN0cBdGWrNp0DSKZMsZDLffkEgJYQrc7hE8%2B1E3ux0EV82%2FkPEmZCk7RKn6QGeBBcpDkDifmfpVWnbpUWYccKyPWfro79qif%2B%2BKoYu6azQsyDj3oEQcd6%2FgVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
cf-ray
7c8cf511c9b49262-FRA
expires
Fri, 16 Jun 2023 11:23:21 GMT
3dpc.php
clfg.ru/ Frame 8C29 		16 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clfg.ru/3dpc.php?rnd=115834925
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:203:bb6::8 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
48f2c01b36605f044f49e76724692d46b9c1911940a936dda14f39c8fe5bc7b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stat.clickfrog.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 15:40:10 GMT
last-modified
Wed, 17 May 2023 15:40:10 GMT
server
nginx
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame E0A6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5df09ceb29f5fa499b25f7039c336281ebeafc1f76672adfd856f6c512ed1e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame E0A6 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://oauth.telegram.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:10 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Sun, 21 May 2023 15:40:10 GMT
action_quick_q2.php
stat.clickfrog.ru/queue2/ Frame 8C29 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/queue2/action_quick_q2.php
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer
https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 15:40:10 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10006.wFtNdtmLPEDdC4DegGOw7Vh6iFFElUYlaJx4IrW1Dj8poC1zEZu0bjZgaVjP3fbm.eVr3hf44sHRR0LSupiHyxKLYGwY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10006.87x1sCJmCPkdp39EGWTomkDbRNhn6jPwwZfX5CPKpehlcQo39hYaJKGvcowFnnmQaDxSofENlwv7gLb-1NPl2UAfUdaBUIKE__Lao8C8GzU%2C.9R_5WLbNjrfYpqJrnkwqpS2Bvwk%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10006.87x1sCJmCPkdp39EGWTomkDbRNhn6jPwwZfX5CPKpehlcQo39hYaJKGvcowFnnmQaDxSofENlwv7gLb-1NPl2UAfUdaBUIKE__Lao8C8GzU%2C.9R_5WLbNjrfYpqJrnkwqpS2Bvwk%2C
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10006.87x1sCJmCPkdp39EGWTomkDbRNhn6jPwwZfX5CPKpehlcQo39hYaJKGvcowFnnmQaDxSofENlwv7gLb-1NPl2UAfUdaBUIKE__Lao8C8GzU%2C.9R_5WLbNjrfYpqJrnkwqpS2Bvwk%2C
date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 16 May 2023 13:45:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64635ec8-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 16:40:10 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2017%20May%202023%2015%3A40%3A10%20GMT&n=0&b=Xcraft%20-%20Registrierung&.yp=10135179&f=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&e=https%3A%2F%2Fclck.mgid.com%2F&enc=UTF-8&yv=1.14.0
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 17 May 2023 15:40:10 GMT
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1684338010310&id=t2_9ce06eq1&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=5507ef2d-a82d-4964-8d0c-89b39fe6cf9a&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:10 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
1
mc.yandex.com/watch/2135185/
Redirect Chain
  • https://mc.yandex.com/watch/2135185?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3...
  • https://mc.yandex.com/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src...
447 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&page-ref=https%3A%2F%2Fclck.mgid.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1603914238104%3Ahid%3A48550843%3Az%3A0%3Ai%3A20230517154010%3Aet%3A1684338010%3Ac%3A1%3Arn%3A26812416%3Arqn%3A1%3Au%3A1684338010976703831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C43%2C30%2C1%2C247%2C0%2C%2C102%2C0%2C%2C%2C%2C425%3Aco%3A0%3Acpf%3A1%3Ans%3A1684338009217%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684338010%3At%3AXcraft%20-%20Registrierung&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
400289191f602677d64f78a8342453322d1308c577255f044db1ed79127de476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 17-May-2023 15:40:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xcraft.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Wed, 17-May-2023 15:40:10 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 17-May-2023 15:40:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/2135185/1?wmode=7&page-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&page-ref=https%3A%2F%2Fclck.mgid.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w6mswcnfj%3Afp%3A444%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1031%3Acn%3A1%3Adp%3A0%3Als%3A1603914238104%3Ahid%3A48550843%3Az%3A0%3Ai%3A20230517154010%3Aet%3A1684338010%3Ac%3A1%3Arn%3A26812416%3Arqn%3A1%3Au%3A1684338010976703831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C43%2C30%2C1%2C247%2C0%2C%2C102%2C0%2C%2C%2C%2C425%3Aco%3A0%3Acpf%3A1%3Ans%3A1684338009217%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684338010%3At%3AXcraft%20-%20Registrierung&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://xcraft.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 17-May-2023 15:40:10 GMT
3dpc.php
clfg.ru/ Frame 2AF8 		498 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clfg.ru/3dpc.php?rnd=0&c=13779727831799162384-1684338009&set=1
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:203:bb6::8 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
40bdd788aa245b7630d1b991be6827f69583c1dfe4413111355ac2d0a5f325d3

Request headers

Referer
https://stat.clickfrog.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 15:40:10 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 17 May 2023 15:40:10 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
nginx
action_slow_q2.php
stat.clickfrog.ru/queue2/ Frame 8C29 		2 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.clickfrog.ru/queue2/action_slow_q2.php
Requested by
Host: stat.clickfrog.ru
URL: https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.175.30 , France, ASN16276 (OVH, FR),
Reverse DNS
lb2.clfg.ru
Software
nginx /
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer
https://stat.clickfrog.ru/queue2/c_q2.php?sid=254252690&u=https%3A//xcraft.net/registration/%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ref=https%3A//clck.mgid.com/&mm=0&c8pad=&ga=&fr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 17 May 2023 15:40:10 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Content-Type, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10006.hsQ3xB5Rza75FUde3rpJXNkyTPromESyubPyNwahIhZNdXdH6-MEX8_L5PNglEus.xfvXUsrrtoHHVKW-gEeo50DCtww%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10006.eTOtUaunhRK7GHRh1MWN-NzchwuZZxJDvSjrU_xSnt_sHK4gk3UadVtr4RffHzH_PQmmgk3ybWcGDQWIIEJiq3sbJZEEVnjsV1-Ayi8V4So%2C.tDOSFOv3UbAZ-D5IC...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10006.eTOtUaunhRK7GHRh1MWN-NzchwuZZxJDvSjrU_xSnt_sHK4gk3UadVtr4RffHzH_PQmmgk3ybWcGDQWIIEJiq3sbJZEEVnjsV1-Ayi8V4So%2C.tDOSFOv3UbAZ-D5IC22g_1ceoDI%2C
Requested by
Host: xcraft.net
URL: https://xcraft.net/registration/?conv=830fbe4f3b6be10f724a1abee95fa265&utm_geo=DE&utm_geo_region=Your%20Area&mgd_src=57776380s44868&utm_medium=cpc&utm_source=mgid_ru&utm_campaign=XCraft_DEU&utm_term=57776380s44868&utm_content=15150910&adclida=conv
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10006.eTOtUaunhRK7GHRh1MWN-NzchwuZZxJDvSjrU_xSnt_sHK4gk3UadVtr4RffHzH_PQmmgk3ybWcGDQWIIEJiq3sbJZEEVnjsV1-Ayi8V4So%2C.tDOSFOv3UbAZ-D5IC22g_1ceoDI%2C
date
Wed, 17 May 2023 15:40:10 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
unip
trc-events.taboola.com/1381512/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1381512/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1684338009727&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1684338011288&vi=1684338009725&ri=8fa51b7d348a3fd55051c827288ace8e&ref=https%3A%2F%2Fclck.mgid.com%2F&cv=20230511-7-RELEASE&item-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://xcraft.net
pragma
no-cache
date
Wed, 17 May 2023 15:40:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1381512/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1381512/log/3/unip?en=pre_d_eng_tb&tos=4562&scd=0&ssd=1&est=1684338009727&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1684338014290&vi=1684338009725&ri=8fa51b7d348a3fd55051c827288ace8e&ref=https%3A%2F%2Fclck.mgid.com%2F&cv=20230511-7-RELEASE&item-url=https%3A%2F%2Fxcraft.net%2Fregistration%2F%3Fconv%3D830fbe4f3b6be10f724a1abee95fa265%26utm_geo%3DDE%26utm_geo_region%3DYour%2520Area%26mgd_src%3D57776380s44868%26utm_medium%3Dcpc%26utm_source%3Dmgid_ru%26utm_campaign%3DXCraft_DEU%26utm_term%3D57776380s44868%26utm_content%3D15150910%26adclida%3Dconv&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1381512/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xcraft.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://xcraft.net
pragma
no-cache
date
Wed, 17 May 2023 15:40:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xcraft.net
URL
https://xcraft.net/assets/build/js/es8/WorkerStarter.min.js?v=1&path=/assets/build/js/es8/WorkerProcess.min.js?v=1&

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless function| data function| require object| jsAutoRequire function| readyResolver object| readyPromise function| $ object| Main object| _gaq object| dotq function| rdt object| _tfa object| uetq string| clickfrogru_uidh boolean| IS_REQUIRE_ES8 object| __xRequireLoaded function| xRequire function| jQuery object| __xLang function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| __parseFunction object| Telegram object| _gat object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_027b32847b object| Interface function| WebSocketClient object| xLang function| ModalBox function| fadeBox function| setCookie function| getCookie function| RegistrationCaptcha object| YAHOO function| CLFGbindReady function| CLFGonReady object| CLFGreadyList object| Ya object| yaCounter2135185 object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels number| n

46 Cookies

Domain/Path Name / Value
as.adsoniris.com/ Name: c137
Value: d23a3977ab7f8abbf0fe2072399c6e09
.mgid.com/ Name: mgid
Value: 15150910
.mgid.com/ Name: mtid
Value: 57776380
.mgid.com/ Name: mtuid
Value: 57776380s44868
.mgid.com/ Name: mstatus
Value: 0
.mgid.com/ Name: mghd
Value: r.clickfrog.org
.mgid.com/ Name: __cf_bm
Value: aoBaddqspQjVeBUeZibUUDKu408FWjsd3Eni61qLoCI-1684338009-0-AU389znMJuH+uPqHVE0hnkrYrM8UXEcpSEeBiYfuksSiIbRSGvqizrz3xJqamK6nR0jeGuakPpCg6QOncgnWDkY=
xcraft.net/ Name: PHPSESSID
Value: qgnv01htgr5jsrj761ihcl0a4j
xcraft.net/ Name: mgd_src
Value: 57776380
xcraft.net/ Name: mgd_utm_content
Value: 15150910
xcraft.net/ Name: mgd_place_id
Value: 47652
xcraft.net/ Name: x_utm_source
Value: marketgid
xcraft.net/ Name: x_utm_campaign
Value: 47652
xcraft.net/ Name: x_utm_term
Value: 57776380
xcraft.net/ Name: x_utm_content
Value: 15150910
xcraft.net/ Name: mgd_colonize
Value: 1
xcraft.net/ Name: mgid
Value: 830fbe4f3b6be10f724a1abee95fa265
xcraft.net/ Name: aab_m2martin
Value: 1870949%3A0
.xcraft.net/ Name: __utma
Value: 137179577.2113704247.1684338010.1684338010.1684338010.1
.xcraft.net/ Name: __utmc
Value: 137179577
.xcraft.net/ Name: __utmz
Value: 137179577.1684338010.1.1.utmcsr=mgid_ru|utmccn=XCraft_DEU|utmcmd=cpc|utmctr=57776380s44868|utmcct=15150910
.xcraft.net/ Name: __utmt
Value: 1
.xcraft.net/ Name: __utmb
Value: 137179577.1.10.1684338010
.xcraft.net/ Name: _uetsid
Value: 1b0cae90f4c911ed99e633c7100f7c28
.xcraft.net/ Name: _uetvid
Value: 1b0ca230f4c911eda94e7b2c3383250b
oauth.telegram.org/ Name: stel_ssid
Value: fbe45ec2b98fa43075_2949425837634652582
.yadro.ru/ Name: FTID
Value: 1aPFLP2a2D8Z1aPFLP002MYI
.yadro.ru/ Name: VID
Value: 0Eiddd3HqrOZ1aPFLP002EJ2
.bing.com/ Name: MUID
Value: 389F0FDC9EC16E731E4A1CC89F136F8B
.xcraft.net/ Name: _ym_uid
Value: 1684338010976703831
.xcraft.net/ Name: _ym_d
Value: 1684338010
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 532105118fake
.xcraft.net/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 685665383fake
.xcraft.net/ Name: _rdt_uuid
Value: 1684338010309.5507ef2d-a82d-4964-8d0c-89b39fe6cf9a
.yahoo.com/ Name: A3
Value: d=AQABBFr1ZGQCEEBva3dAzqH2lrr-GMD1MY4FEgEBAQFGZmRuZOAXyiMA_eMAAA&S=AQAAAoN4UhgGPEQIZkHWeUbpu6Y
mc.yandex.com/ Name: yabs-sid
Value: 1691914561684338010
.yandex.com/ Name: i
Value: /FSpE8MmSXDaPO3jpaxfbrNJyph1p0aY+gOoYG6i/HTzIomHtkiG49bi6KswU38C1zfrZmc4zTzoyL9lpbMH4GyZWLU=
.yandex.com/ Name: yandexuid
Value: 7281872421684338010
.yandex.com/ Name: yuidss
Value: 7281872421684338010
.yandex.com/ Name: ymex
Value: 1715874010.yc.1684338010#1715874010.yrts.1684338010#1715874010.yrtsi.1684338010
.yandex.com/ Name: bh
Value: KgI/MA==
stat.clickfrog.ru/ Name: mysc
Value: 13779727831799162384-1684338009
.clfg.ru/ Name: bal3C
Value: 13779727831799162384-1684338009
clfg.ru/ Name: bal3C
Value: 13779727831799162384-1684338009
.xcraft.net/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
as.adsoniris.com
bat.bing.com
cdn.taboola.com
cdn.xcraft.net
clck.mgid.com
clfg.ru
counter.yadro.ru
mc.yandex.com
mc.yandex.ru
oauth.telegram.org
r.clickfrog.org
s.yimg.com
sp.analytics.yahoo.com
ssl.google-analytics.com
stat.clickfrog.ru
stats.g.doubleclick.net
telegram.org
trc-events.taboola.com
trc.taboola.com
www.google.com
www.google.de
www.redditstatic.com
xcraft.net
xcraft.net
141.226.228.48
151.101.1.44
151.101.129.140
2001:41d0:203:bb6::8
2001:41d0:203:bb7::16
2001:67c:4e8:f004::9
212.82.100.181
2606:4700:1::6813:844e
2606:4700:3032::6815:10c3
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9b
2a02:6b8::1:119
2a04:4e42:400::396
34.160.245.57
46.105.175.30
51.195.106.115
88.212.201.204
06c014361211c3ae13cce4f586e537303aacc3a48758e8a55ed749ab8ce4739c
09336f108b44e0db155c8fa9d4206c230525db46e9a0603e5adcb0dd826f0127
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14dd36e24ba65e7cdb71e789b8a8aef526225c9bb3d95aba04cd321f0693b267
1700df867546eb6b495487a7ac5ab49f80559e85a6cf1cd8fbe1127ec7bd6722
2af2d1fb0a11bd03d2b3e23d6a1bd664cf924b7b3f5e80a4df92c7528323590d
32dc10524d842d34f6f2691fde22fa0703961714b241935265aff5b45b8ae08e
400289191f602677d64f78a8342453322d1308c577255f044db1ed79127de476
40bdd788aa245b7630d1b991be6827f69583c1dfe4413111355ac2d0a5f325d3
432d81bfd06a55c6fbf4560f363ec732e14ab32ecec88ac8d4fd6a38a9876c83
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48f2c01b36605f044f49e76724692d46b9c1911940a936dda14f39c8fe5bc7b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ca8e83cf504aebda19344290f6df4a189eb2e2e5bde5cd43ec96d63b3ba2ea1
5df09ceb29f5fa499b25f7039c336281ebeafc1f76672adfd856f6c512ed1e76
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7e7d541976ce073a6d24ed3052118c8e6242ec73f3da08689b75e3d65d93f89a
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
803292868959e80da6ad30c66f01e37a04c8b3645879725721f3d712ad153ee1
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
97364319377b586c564c2fddf2a50e0e5905dd98123ff8dc4595fe9b0a71773a
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
a00d21fe5da0003851ba7876c77c148238da913fdd58bc625ba7e6bda305b734
a38ebdbe4b572aff39090ab494bf1da69854b1b11c0162cce8093940dd1b989f
ac341c6e920f9cdd68213ecfaad1252de3bf3fb1b4ba8e8bbf5e36019c1da0e4
adcd52a30bb9d688e16810264e27c369e227b9cf6e88c5add5e430bf50ed3141
be1a2bfced05e7aa3286af13c78488ee3cb4c7f3f819fb3e55a628e4169dc751
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
d20cfbf665a0560dac52d4bf7e9ae66d5ee78016bab5ae85b7df7e8471a714f2
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
d7f93f586d7386ea1022b9245398d3a07828f6d8ca37c0ea259de58a71a77465
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed143f7b3f3662966939b1e762ba4502462378864f05d06c970ecf4023aa8154
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
fffd0340b996a97b53ddbbc92f5c5d70876fbb2aabc3d09367e22ad50a86da23