urlscan.io logo urlscan.io
SecurityTrails logo

kingadblock.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ab.cococococ.com/ajax/ad/l.php
Effective URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Submission: On March 04 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 49 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kingadblock.com. The Cisco Umbrella rank of the primary domain is 839321.
TLS certificate: Issued by GTS CA 1P5 on February 11th 2024. Valid for: 3 months.
This is the only time kingadblock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.197.245 9002 (RETN-AS)
5 139.45.195.8 9002 (RETN-AS)
1 17 172.64.139.22 13335 (CLOUDFLAR...)
18 139.45.197.251 9002 (RETN-AS)
1 139.45.195.253 9002 (RETN-AS)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
49 9
1    2606:4700:3035::6815:5e6e (United States)

ASN13335 (CLOUDFLARENET, US)
ab.cococococ.com
1    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
gloogruk.com
5    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
17    172.64.139.22 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
gluxouvauure.com
18    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kingadblock.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:3037::ac43:afa1 (United States)

ASN13335 (CLOUDFLARENET, US)
tururu.info
Apex Domain
Subdomains		 Transfer
18 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30771
17 gluxouvauure.com
gluxouvauure.com
79 KB
5 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11818
3 KB
4 kingadblock.com
kingadblock.com — Cisco Umbrella Rank: 839321
12 KB
1 tururu.info
tururu.info
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
29 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 37995
469 B
1 gloogruk.com
gloogruk.com — Cisco Umbrella Rank: 520934
2 KB
1 cococococ.com
ab.cococococ.com — Cisco Umbrella Rank: 391650
530 B
0 Failed
function sub() { [native code] }. Failed
49 10
Domain Requested by
18 jouteetu.net gluxouvauure.com
17 gluxouvauure.com 1 redirects gloogruk.com
gluxouvauure.com
5 my.rtmark.net gloogruk.com
gluxouvauure.com
4 kingadblock.com kingadblock.com
1 tururu.info kingadblock.com
1 cdn.jsdelivr.net kingadblock.com
1 datatechone.com gluxouvauure.com
1 gloogruk.com
1 ab.cococococ.com 1 redirects
0 flcjnflecolckmhfcmhhkichjhajjnlb Failed kingadblock.com
49 10

This site contains no links.

Subject Issuer Validity Valid
gloogruk.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
gluxouvauure.com
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
kingadblock.com
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
tururu.info
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Frame ID: F7C3C2267518946A9166D65CDEF27477
Requests: 49 HTTP requests in this frame

Frame: https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=788657126229938554&z=4662728&v=12&dr=&inw=1600&inh=1200
Frame ID: 659571D91D021D09A24ADE4E3B261DED
Requests: 1 HTTP requests in this frame

Frame: https://kingadblock.com/clear.php
Frame ID: 3DAAED33E6A145D9D66C7E72B852C733
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Up - Ad Blocker

Page URL History Show full URLs

  1. https://ab.cococococ.com/ajax/ad/l.php HTTP 302
    https://gloogruk.com/4/4683427 Page URL
  2. https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z... Page URL
  3. https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z... Page URL
  4. https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c... Page URL
  5. https://gluxouvauure.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

49
Requests

96 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

9
IPs

2
Countries

125 kB
Transfer

402 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ab.cococococ.com/ajax/ad/l.php HTTP 302
    https://gloogruk.com/4/4683427 Page URL
  2. https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  3. https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  4. https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default Page URL
  5. https://gluxouvauure.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ab.cococococ.com/ajax/ad/l.php HTTP 302
  • https://gloogruk.com/4/4683427

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4683427
gloogruk.com/4/
Redirect Chain
  • https://ab.cococococ.com/ajax/ad/l.php
  • https://gloogruk.com/4/4683427
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gloogruk.com/4/4683427
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 04 Mar 2024 23:13:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://gluxouvauure.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
23f5feb5674e4f319a0f2516fd6a3f7c

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
85f58f16dbb7373f-FRA
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 23:13:48 GMT
location
https://gloogruk.com/4/4683427
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaDjCu6q2%2FrifFzqFnBYNMohQTS9UJfKCZTciIDwYdHER3qeXt8Sj4RoMSBpIDod9iLDMAe9OwN%2FBy1ds0FHtprJBMR6ntv2LgiA69EJSNJ0ny9PDfzCaeStwOgXQSdO7oO%2Bugnmm7fzizOXCdna"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00801553794f41c6f0a9780e46bdd9f0
Requested by
Host: gloogruk.com
URL: https://gloogruk.com/4/4683427
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://gloogruk.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
gluxouvauure.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: gloogruk.com
URL: https://gloogruk.com/4/4683427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
697becb30d646e7f17e54b9cdfdd895c7a183d7bf4fa34de3e3db01d24604468

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f58f198d4a9b63-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 23:13:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hodVPxvagco9qLFWLGN9WVuScMMHRzCKKpny0%2FtZPiRigXJ9e%2Fwg1MtNKa%2FvkTfCAObqkA7EC6pu9Lthj3cu6%2BZGomw2xBG0NZGFcwW375ZFlj7raUEbBhr4RMrjAjlloVTL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.27
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=42b0acac9f6c1fb80368abcf0aefe225
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
764cb3ab6a1051b51f5f6ac16e9263c15a98adb0bf9c1150e3e10ebc8ab690a5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
gluxouvauure.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 23:13:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Mar 2024 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e1e065-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HraifB3KcvBP0pyzz45QbSucNbtpf%2FrjpDRynQalroKOfd3SWF%2Bq%2F2DKnzMLKifDf0E1Q%2FvxT6iCLm5xoXAPBe8jBmJ1GDe2jUnVCsb5%2FCwyvLIvTJtsdfbbwVXFA1NpJfNX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85f58f1a5dd29b63-FRA
alt-svc
h3=":443"; ma=86400
/
gluxouvauure.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/19/4662728/?abt_opts=1&var=4683427&var3=788657119691023118&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca6d3b1f4ce6b4624790be8369b319197c56861593c8462aabb685ec162a01f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
5a521dbc9f81534b54d28365408c267e
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcGyHhRELdMVLT0oGoqd9ah9vBs4Zr68HxoEOxeUY5a2PmcOhWQ6zD3BG9x5YciJ%2FiznJTX1hwIDIq3IBcYRU6lMg%2BsSTYnXQ6W3N%2FCONcYKY55PmFcJGO3PYwVzsbp87Vbc"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f58f1a5dd19b63-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauure.com/ 		2 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAHWdzt5ZRwCDYJqGkao0vzhWn6HekQF3lk5B2y28SDLAPgBTN%2F9Srm7wo19hqN%2BfFg8nuk7MWE7H01vDUjeKahU%2B5LT0lJ8zfH%2BwI8x5AQlzCbDSF2x18S0Wv49l35kRvih"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85f58f1a6dd69b63-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
gluxouvauure.com/ 		0
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauure.com/sw-check-permissions/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sw-check-permissions/4662709?var=4683427&ymid=788657119691023118&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3rLWGPyJPD9tqa8IEC33v9hzlD7vaYo4Becro4qSqz39MGuXF5%2BohnYELi6JdX4eSegjLRnqNHTAvMyEjeQgYLmB3nWwN6zWNGe2y79HBGuuOKwkYmpaW7Fe3gChW%2BWpO6t"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85f58f1acef33635-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		0
490 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=4683427&ymid=788657119691023118&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=1e10755a-d02c-4b21-a932-1ca34bbd80ef&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
d3c729c0bd340e08478643c8076f5a2b
date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7o4P62FO5cnI%2FR7KeMvjdwS2DfuxKtPj4Tgdp4WG99N294xCRigydgxVgFGnQsxE7Q8osvA4zQUZGGa95KfBcbvnLqA%2FPq%2BhU9LSX32KAxSdJCGWEMHGtW5l%2FFg23J%2F1DoX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
access-control-allow-credentials
true
cf-ray
85f58f1adf053635-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788657119691023118&var=4683427
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		793 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=4683427&ymid=788657119691023118&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=1e10755a-d02c-4b21-a932-1ca34bbd80ef&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
ba752264edc7ab8c3ecc422d13b9abda
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHJG64pQb8TIy5jCwRJeTHBkHr6zNfdVowG%2F3cu8w2bYicIEGmnhjNDKCDlhJ3CkwonI7JTXDcZ%2FZZnon9fjDc2C8k4T%2Br6VKtG0zIwmSo2XxPI%2BIIhdnCfJL6IVRShYi96s"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85f58f1b0f323635-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
gluxouvauure.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
da474e525871ad6ce25653da436bbb65e81b537098ed419c0347b466aa346de8

Request headers

Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f58f1b1f493635-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 23:13:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTeWvPZg2Q4PxXQQDvChWJ5EFzwZvxL4LhiyACpuPsCSFsh%2FWOA%2BVj%2BWkBhICxRTe2jWjov3HGtfK3UTD2gh%2BfpLDvfBqR1Xx37XH6i3qyMDIOhpCcCpdzYu0Qu6fQsxwjFK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
micro.tag.min.js
gluxouvauure.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 23:13:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Mar 2024 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e1e065-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ8WeglkZi45vQxC1uD4y3NZ6vmhGzgo7Tl7upaWUiQuxC%2FqA3k7S5Js7WGKAXZ6fNj4AtIcW9xIW7MxqcFk2DNiFWYbtopso%2FXhDVB6Ho%2FZCOld%2BL884OdMI5JvQvj4Vz8b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85f58f1b8fef3635-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauure.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/19/4662728/?abt_opts=1&var=4683427&var3=788657119691023118&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ac68eb65bfc5b6f2d5d41e2eb0a92973fe9004bc458ea44d8e3ce646842a64
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
7449388b085874e808569283baaee0d3
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVhGm73eOLLgLUQ41M%2BdYmKjiSQZJJcAZW4hVkmpzyXQ91t8sZDdyIxOUPcu%2BIrxGxeovgupRm%2BsjSqGAV4%2FENLBljwU9qv%2FuDfCQY9LjFyfxfkcPulI84vKT5Coq4A8jVeq"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f58f1b8ff93635-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauure.com/ 		2 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2RON9WtxqU7P8FCcokGSXgbApsXk9194y5Gwej0zvfhK%2FwKZW1Q%2FhYRBLRtvR77V0S9iMk6TM9f5zLnW12ho%2Bge%2FaP3RSbd9F3V0H0aAu4DWo2w57o5G6Q67c3m%2BLpyu3ny"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85f58f1b8ffa3635-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauure.com/sw-check-permissions/ 		0
1002 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sw-check-permissions/4662709?var=4683427&ymid=788657119691023118&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXltmjZlJRjWPeCzLKHsM0%2FfP7%2F26YIgURfc%2Fr7qgpQdwFXobWZf5h62Ejy5IM3W3Zgg8%2Bco9BaeG0rejzSd7nN3v7ehO7aKaC4uf1tShD6MparHVMkaa1%2BR4OkimhZZqTrm"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85f58f1bd8693635-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		0
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=4683427&ymid=788657119691023118&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=8d24d9d0-b686-4b35-8fc1-d7531f27ce94&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
4442b49623fb79e22038e15f0c57f992
date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpZoSmiUOJiB6JuP35ukNb4jQD69oFirz%2BwWY1BHAq0rb6llKbBn%2BarE02mmrADO%2BrCVPO2eJYTnz8NRbwP1Z1wr3ImLHtUTwxD3jykF%2BXtYsyfk118bQKVaXwrFP6agg4Jw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
access-control-allow-credentials
true
cf-ray
85f58f1be86c3635-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788657119691023118&var=4683427
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
764cb3ab6a1051b51f5f6ac16e9263c15a98adb0bf9c1150e3e10ebc8ab690a5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		793 B
978 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=4683427&ymid=788657119691023118&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=8d24d9d0-b686-4b35-8fc1-d7531f27ce94&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b011026912f4769f49ddc879f7b669a206e9657ea1d65a06149327fd61d7ff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
c36861c35055b804f4f7a78567c5a5f2
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCjSIUWAfI%2BnlqxEVNoK5qc6bq%2F24NyjKduR8FRx%2B7B%2BCxm5y4OF17wIsba6QSfsqo%2FlFC3xNlhLz1TguOb0vqITg259bQFu8iE2mLmSqIMSe6dv3a03124HOyt33ISdgO4k"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85f58f1bf8883635-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788657119691023118&var=4683427&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
gluxouvauure.com/submenu/4662728/ 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425b91f99e489f16538eff9d48391e5844f77da317c8142f4ededc23406e3acb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
85f58f1f2b8f3635-FRA
content-encoding
br
content-type
text/html; charset=utf8
date
Mon, 04 Mar 2024 23:13:49 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHVNXPCZyFpab2nzgPas%2BGRwdvfqHzh5LdDTmY9yqxAxy1%2F0zzc1z9XuGc2WtOy%2BFztuda9lQLxquDrtWDWS%2FaL20pAMq4tkZrRrrJr7qSEgCj2r061FleLvQytOGtAIBkV3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
f5f5d03250dbc28f3722cf4662050323
sftouch
gluxouvauure.com/ 		2 B
757 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sftouch?userId=42b0acac9f6c1fb80368abcf0aefe225&z=4662728&p_rid=06263a46-2039-4e92-a017-896874d11037&p_src=sf&branchId=0&rb=OBaPyUGDZz_V4uhW_-GWpONqJUDiNG4mYo8v98tbBTB6OvZtq_1qJUkS6XGxmdSox8pTCZO9n7eSvTdPSqZ-reMqi1T-hQVASX3aPteT9c7s0nPIqQHygBjQFcDwauI-HhonvCXLaRUg54-cT6Cz60vBdzJHHRTjr9WRdyTNi3PZdhJAeA7Xep98S9fIA48XuUQIxn50xYI96pvhtl2Gdtp6CHzwxqT1-BksWOxQMf9MkrWhV65Pd__Ui8JlZApaH0frNaMvufHvFdO2UcVA4NH2wTccZGR6sCEJw9QbgelaJ0OQ3RTSBDqn48250RT8oLfaYi-BdpHpZpNHkM3OqIP_JkBWZUUqZZGb9nLtI8WZ289LSMvpox2Aj8YrieWigjNntVuHpkCPcXOLovTpMC3csoClx5w6D0RRIijy3lM7jjteQ0WlAI5cb7oDFL8acsUZIeRh3OGt6JYkMgN51Uy9b8irTQ9othJAQiq4QZ1Dx-W0iwIuBqKLn_dV0cIXiMeKrp4lcapTrCS3v6M2ymDq9Hy3MFMSahgtfQ==
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.139.22 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:50 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-trace-id
c9a71e7cc1ddfe0caa8a25d8a92753d8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://gluxouvauure.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROeZiGddAqxqwyusSOWX1dqCi1014lMDvuiOcYtRtGiQlq8DvabxhgpYj9hHKK2DoxnCIt51F0LtvYe1HacSCDRZzsC1QnYEqySQfDCwf8iVUmvhLvi1QJAAhdq4uBea3P9Y"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f58f1f6bb63635-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
508 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=42b0acac9f6c1fb80368abcf0aefe225&z=4662728&p_rid=06263a46-2039-4e92-a017-896874d11037&p_src=sf
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:49 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=06263a46-2039-4e92-a017-896874d11037
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 04 Mar 2024 23:13:50 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://gluxouvauure.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request extension.php
kingadblock.com/
Redirect Chain
  • https://gluxouvauure.com/rhd?z=4662728&syncedCookie=false&rhd=true
  • https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0478c276d7f10841b1ac2500b30dedbac43942f9b70b5e8cf9dd3cfda68d392

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://gluxouvauure.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f58f21487b3a7c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 23:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OjsZ%2BLZxI2qmkkiB769RmigYEIxOazrIj4gql51Ew1LOVuf484V1rhSBhDPtSwSJ66H8TE4ukU4rM6KzGV9C0%2B%2FeVjHV5caaK%2B34ZCuBEOaCvLzuDukFNx8pXyVlje%2FH2mmwfQ2TJzTeI5fwJw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://gluxouvauure.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
85f58f203c843635-FRA
content-length
0
date
Mon, 04 Mar 2024 23:13:50 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://kingadblock.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH6rfO4oFuTOiv1nz%2FrcuY%2Fk9l%2BYGKlhlQHujOrhCAUuFIoqpxnTfcZfUmIGGYfv1MeJMaVUcrxN3zUUdx1lYYBwcWKlD4dIOcSK6EdBwS83%2FvSro4MJGcxGjxsTDFL%2FmSmI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
39daaa0461f53043944609926a761bd8
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9753659
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2LaZAGXbvVMwBACFptxvqW6I3wNLL7MwzNfunfX6SsAK5HhyiYtgv6baup3KcxLYu3xEJSQgRp3215WgqMNQP771IPSQCJfyaIY0aWV4Mrg11O6HU5tKMBdxvg0EuJhz90zTvLfimDTyrU%2FPak%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85f58f21ea61918c-FRA
icon.png
kingadblock.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/icon.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:50 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 16 Aug 2023 09:41:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64dc99af-1121"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcGq1GaCpnXEKSKIXp1EBeLgy3MQGVxU3Righ%2FEUy118cMSv4gvU43sdv1g7ZAMVchOBkyFTgocueuH3KHAtVTOqbJesVgMNjCm7mSod1kT2LCMm9P%2FMp8pz8HczphaGYgBg8%2Bu2Rr8kcsQcbZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85f58f21b8de3a7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
4385
cws.png
kingadblock.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/cws.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:13:50 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 04 Sep 2023 08:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f59bc7-d6b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6LTyvIwEd1nXSq4%2Fq7NZ114yPdyW2YxrKeOCAl1BR%2BmiZly%2FkqWW6N%2ByzbVRKmXWbIKWeMuTtb%2Fjd11JHV%2FKxw%2FHv1F%2Bj2sidI%2FsN4AjSRK4thXmHzGgyW6lJyT4gzQdv8kgKiSjk5lgBZeYJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85f58f21c8e03a7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
3435
icon.png
flcjnflecolckmhfcmhhkichjhajjnlb/ 		0
0
a.php
tururu.info/ Frame 6595 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=788657126229938554&z=4662728&v=12&dr=&inw=1600&inh=1200
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:afa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://kingadblock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f58f225a641c6d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 23:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fn9aevXbbETCZ8eoZ1vUBZ%2FbrLCumOkuH05CZxdeqEn4PkEkI7SLhQy1X2BxHKILGZr9YJc65lcfjqkVN50gSkuYLMH91jE3U%2BIE3xfJA8%2FgwyWMjTAzPxHFmxLaPUaAWyIYGuvh8M4hA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
clear.php
kingadblock.com/ Frame 3DAA 		0
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/clear.php
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f58f222aef2c35-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 23:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFHdvwUdJN0dwAbI%2FaycgrDb%2Fq2Jsv8V09WUdDCxuqlkw6i6he%2F19mSqIwVOSlK3tmuzBoHwF4o83OeB%2BHsUODAL3J8D0eetyLQE0Dxdl%2By7YrCvDOmhuJxls6R%2FXVeEXjVpNOhpZyxMcVvhDTQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gluxouvauure.com
URL
https://gluxouvauure.com/rhd?rb=BPwyJ5eka1Xj0dAgUW4n8Cs0uxY2hx49m6SQiLmEyZYLpTg1_GLNYoA95LrrgDNFANAubGm8_l2HkHX7tMzM9ZbbXQbWA4lhCqTbmM_8F2tSsJ2zO9tAXCZk7WHKa3uoeyBPpbLT32A_hqpT33lxPoZuDnvJQ-SXNZOywQKcQxTQ90CMcPFrEd81Wb1uVvXgxMNJPHfg9HJZBwBD8Dar5brM_fyqEQHH8tzmvdZahUwNxC5Bw0SZYM5OUtRBDwV3OhX-EKEUW2F8Z8GUJnmG_byzhRWvfG02-EmtjS69D7qQujyE51HAzSCmQLA5o7OshaPs2vR8g51edueTOFqXt9GTsRuw7-a-X5Kl-7YgIbFdsOHaA3t1I4Yl9D4g0VUGtlIyYvEgFqIQmzXuBqGpQwBDf_bJaKdtnUR9Ej54lnAm49tbkr1n0urcxLtgRUpARu3fuhDBTvB0jl10wF56O31np-RIVNZEukw4SR9hP1H8WXF9aIFDB9QNCLypCklv_4vwxNYPFBHfIjo2wwxBxd8ItTk%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788657119691023118%26ssk%3D20af2b541e0724a6fbfa313943fa8a1a%26svar%3D1709594028%26z%3D4683427%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=4683427&var3=788657119691023118&ymid=&rhd=1&m=link
Domain
flcjnflecolckmhfcmhhkichjhajjnlb
URL
chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

14 Cookies

Domain/Path Name / Value
gloogruk.com/ Name: OAID
Value: 00801553794f41c6f0a9780e46bdd9f0
gloogruk.com/ Name: oaidts
Value: 1709594028
my.rtmark.net/ Name: ID
Value: 00801553794f41c6f0a9780e46bdd9f0
gluxouvauure.com/ Name: oaidts
Value: 1709594029
gluxouvauure.com/ Name: syncedCookie
Value: true
gluxouvauure.com/ Name: prefetchAd_4662728
Value: true
gluxouvauure.com/ Name: reverse
Value: sZN9ohdC_onwJe0rurJFjT8qeKM87-UYtWJp4LTDXC4
gluxouvauure.com/ Name: OAID
Value: 00801553794f41c6f0a9780e46bdd9f0
.tururu.info/ Name: c0083
Value: cjpaHP126pWlp16
.tururu.info/ Name: r0083
Value: pa
.tururu.info/ Name: cid0083
Value: 788657126229938554
.tururu.info/ Name: z0083
Value: 4662728
.tururu.info/ Name: e0083
Value: VPGCNBK0FG
.tururu.info/ Name: _asd
Value: 17095940305729761

17 Console Messages

Source Level URL
Text
other warning URL: https://gloogruk.com/partitial/5117836/?var=4683427&ab2r=0&prfrev=false&rhd=false&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788657119691023118&ssk=20af2b541e0724a6fbfa313943fa8a1a&svar=1709594028&z=4683427&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/submenu/4662728/?rhd=1&var=4683427&var3=788657119691023118&oaid=42b0acac9f6c1fb80368abcf0aefe225&usage_case=push_default
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa(Line 45)
Message:
Access to XMLHttpRequest at 'chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png' from origin 'https://kingadblock.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=788657126229938554&jp=pa
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ab.cococococ.com
cdn.jsdelivr.net
datatechone.com
flcjnflecolckmhfcmhhkichjhajjnlb
gloogruk.com
gluxouvauure.com
jouteetu.net
kingadblock.com
my.rtmark.net
tururu.info
flcjnflecolckmhfcmhhkichjhajjnlb
gluxouvauure.com
139.45.195.253
139.45.195.8
139.45.197.245
139.45.197.251
172.64.139.22
2606:4700:3035::6815:5e6e
2606:4700:3037::ac43:afa1
2606:4700::6810:5514
2a06:98c1:3121::3
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
09b011026912f4769f49ddc879f7b669a206e9657ea1d65a06149327fd61d7ff
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
425b91f99e489f16538eff9d48391e5844f77da317c8142f4ededc23406e3acb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5ca6d3b1f4ce6b4624790be8369b319197c56861593c8462aabb685ec162a01f
697becb30d646e7f17e54b9cdfdd895c7a183d7bf4fa34de3e3db01d24604468
764cb3ab6a1051b51f5f6ac16e9263c15a98adb0bf9c1150e3e10ebc8ab690a5
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
a0478c276d7f10841b1ac2500b30dedbac43942f9b70b5e8cf9dd3cfda68d392
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9
d4ac68eb65bfc5b6f2d5d41e2eb0a92973fe9004bc458ea44d8e3ce646842a64
da474e525871ad6ce25653da436bbb65e81b537098ed419c0347b466aa346de8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855