urlscan.io logo urlscan.io
SecurityTrails logo

kingadblock.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://data.giveout.live/30GB
Effective URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e...
Submission: On March 04 via manual from NG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 20 domains to perform 69 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kingadblock.com. The Cisco Umbrella rank of the primary domain is 839321.
TLS certificate: Issued by GTS CA 1P5 on February 11th 2024. Valid for: 3 months.
This is the only time kingadblock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 66.45.232.107 19318 (IS-AS-1)
2 2a00:1450:400... 15169 (GOOGLE)
5 162.19.88.68 16276 (OVH)
1 1 2a01:4f8:161:... 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 139.45.197.245 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
17 172.64.139.22 13335 (CLOUDFLAR...)
18 139.45.197.251 9002 (RETN-AS)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
69 14
3    66.45.232.107 (United States)

ASN19318 (IS-AS-1, US)
data.giveout.live
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu
i.postimg.cc
1    2a01:4f8:161:6222::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
sape.ngumaz.com
2    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
raha.muusha.xyz
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    2606:4700:3031::6815:26f9 (United States)

ASN13335 (CLOUDFLARENET, US)
quttyvex.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
zemo-ghoko.blogspot.com
1    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
teksishe.net
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
17    172.64.139.22 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
gluxouvauure.com
18    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kingadblock.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:3037::ac43:afa1 (United States)

ASN13335 (CLOUDFLARENET, US)
tururu.info
Apex Domain
Subdomains		 Transfer
18 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30771
17 gluxouvauure.com
gluxouvauure.com
71 KB
5 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 19317
108 KB
4 kingadblock.com
kingadblock.com — Cisco Umbrella Rank: 839321
12 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11818
2 KB
3 giveout.live
data.giveout.live
22 KB
2 muusha.xyz
raha.muusha.xyz
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 tururu.info
tururu.info
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
29 KB
1 teksishe.net
teksishe.net — Cisco Umbrella Rank: 822724
2 KB
1 quttyvex.com
quttyvex.com
997 B
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 11740
23 KB
1 ngumaz.com
sape.ngumaz.com
273 B
1 blogspot.com
1.bp.blogspot.com Failed
zemo-ghoko.blogspot.com
2 KB
0 Failed
function sub() { [native code] }. Failed
0 baidu.com Failed
hm.baidu.com Failed
0 supercounters.com Failed
widget.supercounters.com Failed
0 jquery.com Failed
code.jquery.com Failed
0 imageshack.com Failed
imagizer.imageshack.com Failed
69 20
Domain Requested by
18 jouteetu.net gluxouvauure.com
17 gluxouvauure.com teksishe.net
gluxouvauure.com
5 i.postimg.cc data.giveout.live
4 kingadblock.com gluxouvauure.com
kingadblock.com
4 my.rtmark.net teksishe.net
gluxouvauure.com
3 data.giveout.live data.giveout.live
2 raha.muusha.xyz data.giveout.live
raha.muusha.xyz
2 fonts.googleapis.com data.giveout.live
1 tururu.info kingadblock.com
1 cdn.jsdelivr.net kingadblock.com
1 teksishe.net zemo-ghoko.blogspot.com
1 zemo-ghoko.blogspot.com raha.muusha.xyz
zemo-ghoko.blogspot.com
1 quttyvex.com 1 redirects
1 blogger.googleusercontent.com raha.muusha.xyz
zemo-ghoko.blogspot.com
1 sape.ngumaz.com 1 redirects
0 flcjnflecolckmhfcmhhkichjhajjnlb Failed kingadblock.com
0 hm.baidu.com Failed data.giveout.live
0 widget.supercounters.com Failed data.giveout.live
0 code.jquery.com Failed data.giveout.live
0 1.bp.blogspot.com Failed data.giveout.live
0 imagizer.imageshack.com Failed data.giveout.live
69 21

This site contains no links.

Subject Issuer Validity Valid
data.giveout.live
cPanel, Inc. Certification Authority		 2024-01-24 -
2024-04-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
postimg.cc
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
raha.muusha.xyz
GTS CA 1D4		 2024-03-01 -
2024-05-30		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
teksishe.net
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
gluxouvauure.com
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
kingadblock.com
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
tururu.info
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Frame ID: 510124115A8A51DDCBD0BE06A4D9AA1F
Requests: 69 HTTP requests in this frame

Frame: https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=788640762970775779&z=4662728&v=12&dr=&inw=1600&inh=1200
Frame ID: 1F78337156DD87F67E34DEB8D656F075
Requests: 1 HTTP requests in this frame

Frame: https://kingadblock.com/clear.php
Frame ID: 807A1B4CC8C40B2DFC5876CDE3723964
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Up - Ad Blocker

Page URL History Show full URLs

  1. https://data.giveout.live/30GB Page URL
  2. https://data.giveout.live/go.php Page URL
  3. https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw= HTTP 302
    https://raha.muusha.xyz/ Page URL
  4. https://quttyvex.com/cl/3a30bf55ace240d7?p1=&p2=&source=&site= HTTP 302
    https://zemo-ghoko.blogspot.com/ Page URL
  5. https://teksishe.net/4/5683766 Page URL
  6. https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z... Page URL
  7. https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z... Page URL
  8. https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

69
Requests

87 %
HTTPS

60 %
IPv6

20
Domains

21
Subdomains

14
IPs

4
Countries

277 kB
Transfer

539 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://data.giveout.live/30GB Page URL
  2. https://data.giveout.live/go.php Page URL
  3. https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw= HTTP 302
    https://raha.muusha.xyz/ Page URL
  4. https://quttyvex.com/cl/3a30bf55ace240d7?p1=&p2=&source=&site= HTTP 302
    https://zemo-ghoko.blogspot.com/ Page URL
  5. https://teksishe.net/4/5683766 Page URL
  6. https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  7. https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  8. https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw= HTTP 302
  • https://raha.muusha.xyz/
Request Chain 19
  • https://quttyvex.com/cl/3a30bf55ace240d7?p1=&p2=&source=&site= HTTP 302
  • https://zemo-ghoko.blogspot.com/

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
30GB
data.giveout.live/ 		21 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.45.232.107 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ac4226fad1a7c585ae3fd7ee76b34ce2017931491a0c28aa39df7cdf86cd126b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
21626
date
Mon, 04 Mar 2024 22:08:46 GMT
last-modified
Thu, 25 Jan 2024 00:32:46 GMT
server
LiteSpeed
sa20gb3.js
data.giveout.live/ 		121 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.giveout.live/sa20gb3.js
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.45.232.107 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8ef37950c178feedb71c7d43dad96b3d9102ad8c6ab7f2db3e21eae06c0db9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/30GB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:46 GMT
last-modified
Fri, 01 Dec 2023 00:27:44 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
121
expires
Mon, 11 Mar 2024 22:08:46 GMT
css2
fonts.googleapis.com/ 		2 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 22:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 22:08:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 22:08:47 GMT
droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ 		1 KB
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 04 Mar 2024 22:08:47 GMT
k4.jpg
i.postimg.cc/FzPbvFB0/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/FzPbvFB0/k4.jpg
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
last-modified
Sun, 07 Jan 2024 00:27:37 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30805
expires
Thu, 31 Dec 2037 23:55:55 GMT
a.jpg
i.postimg.cc/DypK8gyK/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/DypK8gyK/a.jpg
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
last-modified
Fri, 24 Nov 2023 01:53:29 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
39639
expires
Thu, 31 Dec 2037 23:55:55 GMT
b.jpg
i.postimg.cc/NfjcsVt4/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/NfjcsVt4/b.jpg
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
last-modified
Fri, 24 Nov 2023 01:53:11 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6749
expires
Thu, 31 Dec 2037 23:55:55 GMT
c.jpg
i.postimg.cc/J7q8W8f0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/J7q8W8f0/c.jpg
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
last-modified
Fri, 24 Nov 2023 01:53:11 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7415
expires
Thu, 31 Dec 2037 23:55:55 GMT
11.jpg
i.postimg.cc/BbVLV2rP/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/BbVLV2rP/11.jpg
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/30GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://data.giveout.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
last-modified
Tue, 23 May 2023 20:06:05 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24508
expires
Thu, 31 Dec 2037 23:55:55 GMT
2.jpg
i.postimg.cc/kMK533Wh/ 		0
0
jGUvgw.jpg
imagizer.imageshack.com/img923/8602/ 		0
0
ettte.jpg
1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ 		0
0
jquery-latest.min.js
code.jquery.com/ 		0
0
online_i.js
widget.supercounters.com/ssl/ 		0
0
go.php
data.giveout.live/ 		642 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://data.giveout.live/go.php
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/sa20gb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.45.232.107 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
09c1665c8de6d752b4306d73bcedf46ae9d985e03dd02b060cc0e3049e9ed286

Request headers

Referer
https://data.giveout.live/30GB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
454
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:47 GMT
server
LiteSpeed
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		0
0
/
raha.muusha.xyz/
Redirect Chain
  • https://sape.ngumaz.com/api/direct/450299?s1=%subid1%&kw=
  • https://raha.muusha.xyz/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://raha.muusha.xyz/
Requested by
Host: data.giveout.live
URL: https://data.giveout.live/go.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
1340
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:47 GMT
etag
W/"64f8a3f31e61592fad95ff733912fdcf036978c223c274f90f30b43797735879"
expires
Mon, 04 Mar 2024 22:08:47 GMT
last-modified
Mon, 04 Mar 2024 02:38:37 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
0
date
Mon, 04 Mar 2024 22:08:47 GMT
location
https://raha.muusha.xyz/
server
nginx
x-robots-tag
noindex, nofollow
ccs.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3TezIi6ZFFlp4Xrl5IX9jgM4zKfBX-jbzAJTSfFtetWJkKvYxN-nDX3pbFI3Jio1jtGD0lPQXn7cWbti4RgPJVUF_yA8eV8jmZrQAQdhfwB-53lubF5HbI9Ejyuj1y8oR8i-RuL9UnoX4I-s6... 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3TezIi6ZFFlp4Xrl5IX9jgM4zKfBX-jbzAJTSfFtetWJkKvYxN-nDX3pbFI3Jio1jtGD0lPQXn7cWbti4RgPJVUF_yA8eV8jmZrQAQdhfwB-53lubF5HbI9Ejyuj1y8oR8i-RuL9UnoX4I-s6Q07usP0Kw3sj1sH9mvR54I-V6j53jtRNkwGEk6s_lA/s16000/ccs.gif
Requested by
Host: raha.muusha.xyz
URL: https://raha.muusha.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://raha.muusha.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v57a"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ccs.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23041
x-xss-protection
0
expires
Tue, 05 Mar 2024 22:08:48 GMT
cookienotice.js
raha.muusha.xyz/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://raha.muusha.xyz/js/cookienotice.js
Requested by
Host: raha.muusha.xyz
URL: https://raha.muusha.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://raha.muusha.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 20:57:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 11 Mar 2024 22:08:47 GMT
/
zemo-ghoko.blogspot.com/
Redirect Chain
  • https://quttyvex.com/cl/3a30bf55ace240d7?p1=&p2=&source=&site=
  • https://zemo-ghoko.blogspot.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zemo-ghoko.blogspot.com/
Requested by
Host: raha.muusha.xyz
URL: https://raha.muusha.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://raha.muusha.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
1315
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:48 GMT
etag
W/"6f8a0c5f98c817abc6eedbd2a3b9a004140f3c7a8e4c8a9f1cff7569bd420e43"
expires
Mon, 04 Mar 2024 22:08:48 GMT
last-modified
Fri, 19 Jan 2024 01:24:31 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85f52fdb6c254d38-FRA
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:48 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://zemo-ghoko.blogspot.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fwqMl1qwLb9IZrPKoNcsT3bmoV65hs7v5igIB%2BqsDBlmAm9VJKh9TNBCZqjyWp7RSR6dUxiZgviFIMvuc2Iv8bVSK9%2FYsDqfqPCcDU2Nk5Z%2F6%2F14SqoZORUvYqoArM%2Bq7hqmOSXlPjLCFQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/8.1.26
ccs.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3TezIi6ZFFlp4Xrl5IX9jgM4zKfBX-jbzAJTSfFtetWJkKvYxN-nDX3pbFI3Jio1jtGD0lPQXn7cWbti4RgPJVUF_yA8eV8jmZrQAQdhfwB-53lubF5HbI9Ejyuj1y8oR8i-RuL9UnoX4I-s6... 		0
0
cookienotice.js
zemo-ghoko.blogspot.com/js/ 		0
0
5683766
teksishe.net/4/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://teksishe.net/4/5683766
Requested by
Host: zemo-ghoko.blogspot.com
URL: https://zemo-ghoko.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://zemo-ghoko.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 04 Mar 2024 22:08:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://gluxouvauure.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
65fce57d95bc4c3313e93b3a54f1981e
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080158336e642a0f554523d9f3f9cf6
Requested by
Host: teksishe.net
URL: https://teksishe.net/4/5683766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://teksishe.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
gluxouvauure.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: teksishe.net
URL: https://teksishe.net/4/5683766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
9ddb1649c437a693ec750e52cdb5f9149638db3bf1ad91770c62e2a5fdeaf144

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f52fde8fa230e2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl%2BdGC6srYtWprrpuAO%2BybyGu19bQ8maQqS7RCzV8Lqr8otbx%2Bd%2FYMUKBcJvCWw67dTrqFPL7KOmlTDSCZDNe6WblNEhilofybQNTnSBAz60ty7V4s%2BBBXA50RhSlAqbdbJ7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=8d27e3c6ce58e6a757aa23b61950e2f0
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d9cb6fb3aaf42df4d72b7834c02bf6770ec60f715a7d800214e6d07af77be5f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
gluxouvauure.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 22:08:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Mar 2024 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e1e065-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSpxkVPWZODOayZDbcayOWa%2Bv8JEPpFDOfBxHQoopLzO2sgi6vrEBNak5L8ET5U7nlrl2RKusGdWlrnVtUgDmuzxNx44GVXtwtTsiF1dNNTyxJueY%2FIHZWVoxmV%2BQyN2yIS2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85f52fdf283630e2-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauure.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/19/4662728/?abt_opts=1&var=5683766&var3=788640761301442708&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f91995b201875dbd70bf802edb688f50f06a9f15cadee1e41021f0cc8014c09
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
c440db57089331c2678e820ba92eef76
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3qR0%2BqmmwX9%2FNR9%2FB5rfk07OW9Ldd7F1e2y8lo595DpALRgzvinqztEY6JnX5r%2F8lL1i7XrvweWFF4YriPh3jupaclCUAlyeiuctL2Tydia2eWgEqp5GkkugKBcox6X0xuI"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f52fdf384130e2-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauure.com/ 		2 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzEjWcou9uLW9MrIZzI%2FNvnVovbJ4Yx6fquCoJPpy6Sq8vHKEaNeK4oBw%2Bz5mCfCJ5Wu4%2BLEWjx5wdrn%2BvNYCTxpTqIdWlwfjmlefbInqCzmNCVI8xrzZ1GIEphXwdvFplGa"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85f52fdf384630e2-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
gluxouvauure.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/rhd?rb=iauzNX0HFf2_2UOnUNiBVOg-38ToXpVIRorxbR0oqJRJ1P42B8eHKBDMuGgVvxnr0KxmzHxglYPH_hWNUVoyhbUqPhQoQDn0ewS3tHCtpmg4fjfliEtHl2IborqoYoSBwUvTmX85RpaiYu6Tcxfzh_Icaos7quH-sGP17oCvZSU4WbLlh0ck-pHtZmPP3V9aXVQwHF2UHKVv-OHRnG1qgLjwvEREzdsrYCDRGqELv5H_W99tJq_JCra5Vr0LGnNLWCejgF0pTLjTqmYooU8Hi5aqseqEYzNBnOnkPDbYkGrsQNm__IBqMmy02sAKNXXh3AKI7j8FijhasG5jRps0BVG3Q3xq1D28T56tR4rAxaRiNXVcbxbYx-VYNxoeI3e48F-i6W0XuAC5DW_NfWJ69NoQ2TXYM3RLvmCxYXaXjt-WyNyF9XEwn5a55X7NnGErw67ZsAW6xFOTMTGpYA-Wfk3lv_4IGlj-ZB3fNvPAs_Osg7MRChdv06tCA5v892dj8O6_YZCOpQHx5P7C5WO9FfdLcF4%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788640761301442708%26ssk%3D5b15166538726a435383c4b620bf51f6%26svar%3D1709590128%26z%3D5683766%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5683766&var3=788640761301442708&ymid=&rhd=1&m=link
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
1e13b5be9d1d625ec4d3905ad9a895ef
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3bYWa24E1%2B67D4UxkxatDOtkmnHE8RoZOuqbGF4Zw5pPraBD9r54RMxzyv%2Bb78mMqVPg0TOP1dJqIHBA13RxnbpVg%2BfNNMkMorPiG520Wnqatvjzkl%2BE8WNOcpqvUaIwnlk"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f52fdf6f941979-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauure.com/sw-check-permissions/ 		0
1000 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sw-check-permissions/4662709?var=5683766&ymid=788640761301442708&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPnMhQT09oz0l74SKWR8PRiddEd6MFVs2ONFqY5J2kBf4RjDwgDhmwEiqllJ7B%2Fk71A90105f0hbgPKO6G8r9sSmELJrTJ8l%2BZ85qwq4EIN52dDnXSUi5Y%2BLDd8bpKoroRRz"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85f52fdf7f9c1979-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=5683766&ymid=788640761301442708&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=100b48ee-a83b-4d91-943d-e53521361d53&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
401cca9ecd7173a1932f348551f02934
date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QD24syIT8mzXo%2BEtH54voKpFRr72XSHFJ0NRhiskH5ahnwMxsyd3mkOFX1WAMA1wsL8PwYJMxEIdodbyn3jmZlGqo9VXlidynvMzDurJB%2FccgLTjVvTnuJMJomNNjSDn0Ag"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
access-control-allow-credentials
true
cf-ray
85f52fdf7f9e1979-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788640761301442708&var=5683766
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d9cb6fb3aaf42df4d72b7834c02bf6770ec60f715a7d800214e6d07af77be5f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		793 B
972 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=5683766&ymid=788640761301442708&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=100b48ee-a83b-4d91-943d-e53521361d53&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
bcc22e2b2a06137c360e2b0698ca5dbb
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92Pff7PKrZiVzq5XNzkh0wN1LYSiCyZVfpFLiUXeVtMmWcijcg8tve5k%2BSh0U3TbzjrtCgGTeZSGfUvzmnU3H72JQPm6CIANbrhEzkZt5SMV8gIMGDf9lPbvr8Pr2WfyS2Tj"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85f52fdf8fb41979-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
gluxouvauure.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
51f8bc10cc0fb8790af933d2083e9348e348701439b0b8d5449d5dab59aa3d4f

Request headers

Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f52fdf9fbb1979-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzdMCLOqhpdcHm2KczoJodmH2Lc2hQZr5jqjLV5nAHYU2TnMnTI63s7Cp53xf%2BW%2Bu4S6s9EmENXG41ZqKpw2%2FTFb%2BmiNkrwkw7divzrppyN3%2FjP%2BGR6LOn1c%2BEaWgyEo9bFJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
micro.tag.min.js
gluxouvauure.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 22:08:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Mar 2024 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e1e065-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht0neykOuzuZDepHkpo40oJSOephio6tN%2B%2BmiWRa251MArDCYHrPnCf3pxk54g24egJ%2BZm5vNYCe7bHuIDBDGNLZQVbPWX6U2%2BGa3ZND2pkOR0qTA2EsTrcTTLdBjXt8PlWt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85f52fe038711979-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauure.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/19/4662728/?abt_opts=1&var=5683766&var3=788640761301442708&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c578ccbc4dc94bfd8b84fe8905c5efc0bf0d214b2ea0f0d92d7e327607218a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
bd6dbbf2474570919e137a754b30e17b
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU9yTFda8Wl2Cj3KHz83ByG1Sce57ft%2Bivph8DovUFpu%2ByzuHMbFfrP3%2Fk4l%2FxG%2B93WL7cU%2BD4%2B%2BorTdzq93fB%2BYWYs0QfFccobEqWFUT8DMWvyXOg6u%2FUlWXtwp2OTfwJuE"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f52fe0387e1979-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauure.com/ 		2 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07zxiHIhEKshSWo75OE36IpDhExDVyx3yBHeWKUiyfvZx%2F%2BGyZfMCyPCmj3%2FuHc1z6UzCeA40VunuB1r%2FJp8Le7c6u7ktYBvuYgRl8dA96Snk94iJEKctPEVyWmdbWOd1T4Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85f52fe038901979-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauure.com/sw-check-permissions/ 		0
1003 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sw-check-permissions/4662709?var=5683766&ymid=788640761301442708&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDjGmn70WXDZeynMekxswTf4F%2BT6nlh7Bl1elae%2FclNjpF%2BchtIJElTi8p%2BoAWVMRLuKXRK%2BgQAkv7Tym0GTanPV05oZ6NtIP50mLZQ9OB%2FN95HyeVGQPHKzDm0GC3sc1ELJ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85f52fe068d51979-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		0
490 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=5683766&ymid=788640761301442708&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=08879754-f0f7-4f52-8be9-4cea2ff62450&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
7be768f74af7b1d41f364d09d6289d29
date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLZZpyBAdXhdyjtchS%2BkhC0C05vOf2MMRMl7J%2B4%2BtqwcWa2qBIs%2BooC5XilOcnDhuqnsZwrztfIGjZspWnstPiPZWb%2FmYk7y5qqTUAL57tVOnWd2s3EDMzNDoPcf0DsapYc8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
access-control-allow-credentials
true
cf-ray
85f52fe078d91979-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788640761301442708&var=5683766
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d9cb6fb3aaf42df4d72b7834c02bf6770ec60f715a7d800214e6d07af77be5f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
rhd
gluxouvauure.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/rhd?rb=1zlm_ZV3nguKDK3F2748gA_5KixOxuYookLjpsvjX7L6f73hwriuADAuKlPH0PMvovEX_OTUz7tfZuwH6DTlSdmo18wlR_U-LFyFhgCIYXdLsZNo_EQHaoslxC9jCPSbz4AdniAGLsp-AIpv2gypnkJGk35O6sVN-v5KqYySBJL4NhtfbGy2UkBXEcNIixhvzGkjXfizaavYjci_rwECnlK_ndGFM6aaefj6qPEf93sa3LFjGtA-r5z51m5hkqnWDiT7y7CJ_r25-QbnHB6saUSlTyVZlXQG_VB4s4Ed0O9OpRx2D4Em2ZttDQmib4Zii1n7bYByzOQjikX3195FJz5Le73KnhtnBrkhIVp0fbEcdeWey0dJRy1y1g5maWCsUxd9_aPeuNG9Y4ONdZ0kC2uDXHFHjhfmKqSZq4Kgy_zjd7P5fBOUQ5RoO7WtGaFXeEXi-e22SMEL4z8IjQ1OPu9dORgZtPkqVN-eH_X46S4o6p6cTy3oc3dS5zUAug0sMjYURcLZs9tWKg22bDNjU-aidT6n8oV9&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788640761301442708%26ssk%3D5b15166538726a435383c4b620bf51f6%26svar%3D1709590128%26z%3D5683766%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788640761301442708%26ssk%3D5b15166538726a435383c4b620bf51f6%26svar%3D1709590128%26z%3D5683766%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5683766&var3=788640761301442708&ymid=&rhd=1&m=link
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2646d8210d30576a2482de7cb7c11750ddee508e48313247064637864aaf0147
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
bc8338de93131c8fe777e322e5a72d24
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inYkEtHpkYntbOi%2F7HrSonbTkdnKnbsm3yuXKN9uDDV%2Bsum1BCvCzqAxyFMI8RUww%2Fl7Lm9QYGFoL7leE6C1nG8biLXVGcAySZv6WBqUzhYQYgH9tff2NqUmnsZ8k2IKd8Hw"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f52fe078e91979-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		793 B
975 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=5683766&ymid=788640761301442708&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=08879754-f0f7-4f52-8be9-4cea2ff62450&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018c0ba59cc7bf6c87761bfce80a6b9b01267a05d57017085a947479ec247a25
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
fa76d41273b5a266437744947e53d27b
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzeP5rS39csW82eaFQ3LT29mMvvdFUqRtSKD1yLruq%2F9pyAxU2U5C8rGIeTn%2FIzAZVzt1Vte3NgYWLHodd7hbGis8FnlfiJevvQtj8QN%2FHNI1SfISFr0IqIKYNVnJxoRnAyk"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85f52fe088eb1979-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788640761301442708&var=5683766&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Primary Request extension.php
kingadblock.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55bffef8d51c085913aa0375756a4fbe0f683eabdbe97184b16d990d56ccac81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f52fe589d1924f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aI4O7OQuGwEEhA2Z%2BAnZVIyaoMQ5375GP0EaN9PABKW2Jk2adslY3tYnSWph6AFK1H6yXm3jM%2BnOZWrjgiXXnzhKH2l21wrlTQnSa2a6AAH%2BBq258ONHlfmrpT%2FuAtb%2B4hj7A6fdo4dAAqGHmU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cat.php
gluxouvauure.com/ 		0
753 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/cat.php?userId=8d27e3c6ce58e6a757aa23b61950e2f0&zoneid=4662728&rb=1zlm_ZV3nguKDK3F2748gA_5KixOxuYookLjpsvjX7L6f73hwriuADAuKlPH0PMvovEX_OTUz7tfZuwH6DTlSdmo18wlR_U-LFyFhgCIYXdLsZNo_EQHaoslxC9jCPSbz4AdniAGLsp-AIpv2gypnkJGk35O6sVN-v5KqYySBJL4NhtfbGy2UkBXEcNIixhvzGkjXfizaavYjci_rwECnlK_ndGFM6aaefj6qPEf93sa3LFjGtA-r5z51m5hkqnWDiT7y7CJ_r25-QbnHB6saUSlTyVZlXQG_VB4s4Ed0O9OpRx2D4Em2ZttDQmib4Zii1n7bYByzOQjikX3195FJz5Le73KnhtnBrkhIVp0fbEcdeWey0dJRy1y1g5maWCsUxd9_aPeuNG9Y4ONdZ0kC2uDXHFHjhfmKqSZq4Kgy_zjd7P5fBOUQ5RoO7WtGaFXeEXi-e22SMEL4z8IjQ1OPu9dORgZtPkqVN-eH_X46S4o6p6cTy3oc3dS5zUAug0sMjYURcLZs9tWKg22bDNjU-aidT6n8oV9&var=5683766&var3=788640761301442708&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Mar 2024 22:08:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
0e3f5aa5acc0e24901e93a3ca8373cb1
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF6Iw7Cac9SBCHqvUGy%2FoLYoeBfZbVS8X1W3tEDXtoWQL9rteFCokZjQL4bQg6oBnd5%2BW%2BWUHV6ngXkSFI0cRi177FALhHUTKp1puoMeia0WW2RNf00daW%2FiF9ztvaw6dduS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f52fe3bc6a1979-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10689193
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230047-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW0yHTSx6iec0HZNKNXVT4j%2BFylG4z6pJBBgNmm%2BPUTQcqPQpaQtMYI78gSfcLzDr1hhaBaTXcSY7OOz7dn6YCGjs3lTBw2EFJPvw2TpRU3EOZGWafDbbV%2Bc95VsqUCPPyHeDwa7V1WPzNRSqSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85f52fe61883bb47-FRA
icon.png
kingadblock.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/icon.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:49 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 16 Aug 2023 09:41:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64dc99af-1121"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZPY4dzLGT%2Br1gNdUvvtgTQCNl2yGtnKR9hCHKKRihnz6NTtPGK%2Fva4uwtrm1YpaT6V5iD%2FJJ4E8NyCPtzFx4QvY6JPR%2FhineCl%2FQREa7Qi6uLx9SsU26RB%2FyAzesyopD2D0l1UQC0agjby18Jc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85f52fe60a45924f-FRA
alt-svc
h3=":443"; ma=86400
content-length
4385
cws.png
kingadblock.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/cws.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 22:08:49 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 04 Sep 2023 08:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f59bc7-d6b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMjUtGgQPgqpWnNi4Ut6LlCcKT9%2F2S6LcwME%2FHcc5hXPbaBaNeWOWd2oYsd3MYHtbfrE7uqrSE0dAaeJR9qri2iDU1KuWVwJpbfvuqH1HAdm1iynDTgAIBnMdYjWQfrlnay8BnIfgzbmDF0eu8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85f52fe60a47924f-FRA
alt-svc
h3=":443"; ma=86400
content-length
3435
icon.png
flcjnflecolckmhfcmhhkichjhajjnlb/ 		0
0
a.php
tururu.info/ Frame 1F78 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=788640762970775779&z=4662728&v=12&dr=&inw=1600&inh=1200
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:afa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://kingadblock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f52fe68b020418-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPQPCbNG0Mys%2FahjG0%2BMO4RrxcPNiXIDruOIxQ27XTvHAa8e%2B6knfNuRHja341wS8mmgPGfBqRe0nEgCUQTb0eI4pyCioFibzoxrSnycPAyV%2B55nENQWtb9Hs35uRqp%2B93JL5%2BhTM9XPyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
clear.php
kingadblock.com/ Frame 807A 		0
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/clear.php
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f52fe65ba3690a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 22:08:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au8mVVK54k0Xy9%2BwTR8zP3CVQbFE41LiVifu3Tfacn4zHEQ%2BttfzyVq3wZDmKcTO%2BS7%2FEiIexHGWDsPE6SCgeDRUVg8XpfFGPqPjrWnC%2B9Huxw8hj7Nz9K75faaMJbGBVoqSIxTFP3tdD9THILc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.postimg.cc
URL
https://i.postimg.cc/kMK533Wh/2.jpg
Domain
imagizer.imageshack.com
URL
https://imagizer.imageshack.com/img923/8602/jGUvgw.jpg
Domain
1.bp.blogspot.com
URL
https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg
Domain
code.jquery.com
URL
https://code.jquery.com/jquery-latest.min.js
Domain
widget.supercounters.com
URL
https://widget.supercounters.com/ssl/online_i.js
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?96203ca5188c89396572f4c329976446
Domain
blogger.googleusercontent.com
URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3TezIi6ZFFlp4Xrl5IX9jgM4zKfBX-jbzAJTSfFtetWJkKvYxN-nDX3pbFI3Jio1jtGD0lPQXn7cWbti4RgPJVUF_yA8eV8jmZrQAQdhfwB-53lubF5HbI9Ejyuj1y8oR8i-RuL9UnoX4I-s6Q07usP0Kw3sj1sH9mvR54I-V6j53jtRNkwGEk6s_lA/s16000/ccs.gif
Domain
zemo-ghoko.blogspot.com
URL
https://zemo-ghoko.blogspot.com/js/cookienotice.js
Domain
flcjnflecolckmhfcmhhkichjhajjnlb
URL
chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

18 Cookies

Domain/Path Name / Value
sape.ngumaz.com/ Name: nauid
Value: AlDoAdXo4Xp8wdh1He4i
sape.ngumaz.com/ Name: asgle
Value: 13226961809775564042
quttyvex.com/ Name: sbc3a30bf55ace240d7
Value: eyJpdiI6IlpEbksyS08yZFBydlZuRXpRZWlWWkE9PSIsInZhbHVlIjoiWFNqdTVCSXpBK05zNm1FMU9uSDdmdz09IiwibWFjIjoiMzU2NTAxNDNkNjhkMjhhNjA3Yzc2ZWM3NjYzOWM5MGZmOTdhMzI1YTQxYmMzYWE3NTUyNWFiMmIyMjA4ZTg1NiIsInRhZyI6IiJ9
quttyvex.com/ Name: vis
Value: eyJpdiI6IjN5Uml2S00rOWgydFN2V0plNE5uMHc9PSIsInZhbHVlIjoiYnVhV09vb0FvUnRtbTczTnVmSGtiQT09IiwibWFjIjoiNzNkZWNiZDgyMWE3NGYzYWVkZDQ2ZDkyMDkyODA1MTVmMjYzYWZiYjQyZGIwM2VhMmFjYmNmOTBlZDU2YTAzZiIsInRhZyI6IiJ9
teksishe.net/ Name: OAID
Value: 0080158336e642a0f554523d9f3f9cf6
teksishe.net/ Name: oaidts
Value: 1709590128
my.rtmark.net/ Name: ID
Value: 0080158336e642a0f554523d9f3f9cf6
gluxouvauure.com/ Name: oaidts
Value: 1709590128
gluxouvauure.com/ Name: syncedCookie
Value: true
gluxouvauure.com/ Name: OAID
Value: 8d27e3c6ce58e6a757aa23b61950e2f0
gluxouvauure.com/ Name: prefetchAd_4662728
Value: true
gluxouvauure.com/ Name: reverse
Value: xdeM_Xa6T3APF1pQSrV_LlBngbxqD1LFG8MERicMRII
.tururu.info/ Name: c0083
Value: cjpaHP126pWlp16
.tururu.info/ Name: r0083
Value: pa
.tururu.info/ Name: cid0083
Value: 788640762970775779
.tururu.info/ Name: z0083
Value: 4662728
.tururu.info/ Name: e0083
Value: VPGCNBK0FG
.tururu.info/ Name: _asd
Value: 17095901297442658

15 Console Messages

Source Level URL
Text
other warning URL: https://teksishe.net/partitial/5117857/?var=5683766&ab2r=0&prfrev=false&rhd=false&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788640761301442708&ssk=5b15166538726a435383c4b620bf51f6&svar=1709590128&z=5683766&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0(Line 45)
Message:
Access to XMLHttpRequest at 'chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png' from origin 'https://kingadblock.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788640762970775779&jp=pa&oaid=8d27e3c6ce58e6a757aa23b61950e2f0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
blogger.googleusercontent.com
cdn.jsdelivr.net
code.jquery.com
data.giveout.live
flcjnflecolckmhfcmhhkichjhajjnlb
fonts.googleapis.com
gluxouvauure.com
hm.baidu.com
i.postimg.cc
imagizer.imageshack.com
jouteetu.net
kingadblock.com
my.rtmark.net
quttyvex.com
raha.muusha.xyz
sape.ngumaz.com
teksishe.net
tururu.info
widget.supercounters.com
zemo-ghoko.blogspot.com
1.bp.blogspot.com
blogger.googleusercontent.com
code.jquery.com
flcjnflecolckmhfcmhhkichjhajjnlb
hm.baidu.com
i.postimg.cc
imagizer.imageshack.com
widget.supercounters.com
zemo-ghoko.blogspot.com
139.45.195.8
139.45.197.245
139.45.197.251
162.19.88.68
172.64.139.22
2606:4700:3031::6815:26f9
2606:4700:3037::ac43:afa1
2606:4700::6810:5814
2a00:1450:4001:809::200a
2a00:1450:4001:813::2013
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2001
2a01:4f8:161:6222::2
2a06:98c1:3121::3
66.45.232.107
018c0ba59cc7bf6c87761bfce80a6b9b01267a05d57017085a947479ec247a25
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
09c1665c8de6d752b4306d73bcedf46ae9d985e03dd02b060cc0e3049e9ed286
2646d8210d30576a2482de7cb7c11750ddee508e48313247064637864aaf0147
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
51f8bc10cc0fb8790af933d2083e9348e348701439b0b8d5449d5dab59aa3d4f
55bffef8d51c085913aa0375756a4fbe0f683eabdbe97184b16d990d56ccac81
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
6d9cb6fb3aaf42df4d72b7834c02bf6770ec60f715a7d800214e6d07af77be5f
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
8ef37950c178feedb71c7d43dad96b3d9102ad8c6ab7f2db3e21eae06c0db9c6
9ddb1649c437a693ec750e52cdb5f9149638db3bf1ad91770c62e2a5fdeaf144
9f91995b201875dbd70bf802edb688f50f06a9f15cadee1e41021f0cc8014c09
ac4226fad1a7c585ae3fd7ee76b34ce2017931491a0c28aa39df7cdf86cd126b
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c578ccbc4dc94bfd8b84fe8905c5efc0bf0d214b2ea0f0d92d7e327607218a2b
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855