go2.ivadfherr.xyz Open in urlscan Pro
2a02:b48:8301::1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response go2.ivadfherr.xyz/	87 KB 88 KB	527ms 186ms	Document text/html	2a02:b48:8301::1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://go2.ivadfherr.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash ded2aef386810d61940657377c61a03e215192b90a71d97cb54605754db0999d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 89035 content-type text/html; charset=utf-8 date Wed, 12 Jun 2024 13:44:30 GMT etag 8efbca9b164b3205cd1db3a003faceae expires Fri, 14 Jun 2024 13:44:30 GMT last-modified Tue, 11 Jun 2024 23:01:33 GMT server nginx/1.24.0 x-openstack-request-id txd0b7da055bfa4b6f8de8d-006669a63e x-proxy-cache MISS x-timestamp 1718146892.49315 x-trans-id txd0b7da055bfa4b6f8de8d-006669a63e
GET H2	200	micro.tag.min.js Show response arludoom.com/act/files/	36 KB 15 KB	210ms 47ms	Script application/javascript	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Requested by Host: go2.ivadfherr.xyz URL: https://go2.ivadfherr.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 778816523ddc64e041b84e0e155eb5682b567f5ef9bc30d7d6b18128278fd1bb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 12 Jun 2024 13:44:30 GMT content-encoding gzip last-modified Tue, 11 Jun 2024 15:56:32 GMT server nginx etag W/"666873b0-91a6" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 844f2d97c88dd4e5662114fa6e7d5250db9d701eb53bc9d1dd26f7dbc8e39844 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	295 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	516 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	395 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	663 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	999 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b8a2393f8b8c2037f83564e29dc03fd4c732a2cfa149f30a543ba8aa1ae41fa1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	461 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	589 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d459f39e7f6459c567e8f77e7b86ad410296974fa630eb43658da9875ac3e6ff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a246eb53b4da1c7b75cd8a28b3840e885da094cfbc77d75fe733d82a08d87848 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f0a22424dead9831fe9f4920681822be81fa9214de1de0c7837bbce1e90b453 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d760f07f96e4210843fc8f7f1c2a9ac3f7c755057a2276c278cad5ecf56df1ed Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ae1bda028bbca0169cd557e4edfadc090fa9516d9a2c62d54362c14a6505c8c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a185dd9774f69d480bb7e723e2cf72965677840a4decf467db9dc082d841e8e0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
POST H2	200	custom jouteetu.net/	0 0	429ms 89ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	sw7585256.js go2.ivadfherr.xyz/	0 6 KB	303ms 302ms	Other application/javascript	2a02:b48:8301::1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://go2.ivadfherr.xyz/sw7585256.js?zoneId=7585256 Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-proxy-cache MISS date Wed, 12 Jun 2024 13:44:31 GMT x-openstack-request-id txc4cdc63f7bff4db99a3d1-006669a63f content-length 5240 x-trans-id txc4cdc63f7bff4db99a3d1-006669a63f last-modified Tue, 11 Jun 2024 23:01:33 GMT server nginx/1.24.0 etag e2be606aba5374771445521ad97c55b1 access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * x-timestamp 1718146892.48776 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Fri, 14 Jun 2024 13:44:31 GMT
POST H2	200	custom jouteetu.net/	0 0	382ms 46ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	zone arludoom.com/	0 337 B	56ms 55ms	Ping text/plain	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://arludoom.com/zone?&pub=0&zone_id=7585256&is_mobile=false&domain=go2.ivadfherr.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.521&trace_id=661e6922-9e3a-427b-837f-8e6272a70911&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9&drf= Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 13:44:31 GMT strict-transport-security max-age=1 x-content-type-options nosniff accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model server nginx access-control-allow-origin https://go2.ivadfherr.xyz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 0
POST H2	200	custom jouteetu.net/	0 0	386ms 50ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	426ms 91ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	gid.js Show response my.rtmark.net/	65 B 546 B	562ms 96ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7585256&checkDuplicate=true&ymid=&var=&source=pusher Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 26b5d7286d6f4eb45705c3005043bcbcd702c98ca75fbae7ede79c0ff6f5e9a8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 13:44:31 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://go2.ivadfherr.xyz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
POST H2	200	custom jouteetu.net/	0 0	378ms 45ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	77ms 76ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	zone Show response arludoom.com/	791 B 1 KB	166ms 62ms	Fetch application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://arludoom.com/zone?&pub=0&zone_id=7585256&is_mobile=false&domain=go2.ivadfherr.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.521&trace_id=661e6922-9e3a-427b-837f-8e6272a70911&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNS4wLjY0MjIuMTQxIn0seyJicmFuZCI6Ik5vdC5BL0JyYW5kIiwidmVyc2lvbiI6IjI0LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9 Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 428707fada7de49df16cf5e0e8c2951f607361be7fa5dc3cc9f75bc4618440b4 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 13:44:31 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://go2.ivadfherr.xyz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 791
POST H2	200	custom jouteetu.net/	0 0	78ms 51ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	60ms 52ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H2	200	custom jouteetu.net/	0 0	50ms 50ms	Ping application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jouteetu.net/custom Requested by Host: arludoom.com URL: https://arludoom.com/act/files/micro.tag.min.js?z=7585256&sw=/sw7585256.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go2.ivadfherr.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| zoneIdPush number| zoneIdTB1 number| zoneIdTB2 number| zoneIdTB3 number| zoneIdTB4 object| s function| getUrl function| redirect object| zfgformats

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-21 06:02:15	Name: ID Value: 018079eab0964fa1e7370862d0d97e4e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://go2.ivadfherr.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arludoom.com
go2.ivadfherr.xyz
jouteetu.net
my.rtmark.net
139.45.195.8
139.45.197.251
2a02:b48:8301::1
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d
0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272
26b5d7286d6f4eb45705c3005043bcbcd702c98ca75fbae7ede79c0ff6f5e9a8
3ae1bda028bbca0169cd557e4edfadc090fa9516d9a2c62d54362c14a6505c8c
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8
428707fada7de49df16cf5e0e8c2951f607361be7fa5dc3cc9f75bc4618440b4
46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1
778816523ddc64e041b84e0e155eb5682b567f5ef9bc30d7d6b18128278fd1bb
7f0a22424dead9831fe9f4920681822be81fa9214de1de0c7837bbce1e90b453
844f2d97c88dd4e5662114fa6e7d5250db9d701eb53bc9d1dd26f7dbc8e39844
894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707
a185dd9774f69d480bb7e723e2cf72965677840a4decf467db9dc082d841e8e0
a246eb53b4da1c7b75cd8a28b3840e885da094cfbc77d75fe733d82a08d87848
b8a2393f8b8c2037f83564e29dc03fd4c732a2cfa149f30a543ba8aa1ae41fa1
d459f39e7f6459c567e8f77e7b86ad410296974fa630eb43658da9875ac3e6ff
d760f07f96e4210843fc8f7f1c2a9ac3f7c755057a2276c278cad5ecf56df1ed
ded2aef386810d61940657377c61a03e215192b90a71d97cb54605754db0999d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b