gklqrdk.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gklqrdk.top/
Submission: On October 17 via manual (October 17th 2022, 11:32:48 pm UTC) from US — Scanned from NL

Summary HTTP 99 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 44 domains to perform 99 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gklqrdk.top.

This is the only time gklqrdk.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.44.154.155 52.44.154.155	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:8400:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:9c00:d:274d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
3	35.244.136.187 35.244.136.187	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	35.227.238.241 35.227.238.241	15169 (GOOGLE) (GOOGLE)
1	18.66.147.122 18.66.147.122	16509 (AMAZON-02) (AMAZON-02)
1	35.201.106.219 35.201.106.219	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:7::... 2606:4700:7::a29f:853d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700:20:... 2606:4700:20::ac43:459c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 2	3.127.179.193 3.127.179.193	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.19.67.137 52.19.67.137	16509 (AMAZON-02) (AMAZON-02)
1	104.79.88.129 104.79.88.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.120.54.154 3.120.54.154	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.156.148.146 18.156.148.146	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	34.251.246.199 34.251.246.199	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1f18:612... 2600:1f18:612b:4200:fb3f:3cdb:fc4c:7c72	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.44.87 54.155.44.87	16509 (AMAZON-02) (AMAZON-02)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	54.216.245.122 54.216.245.122	16509 (AMAZON-02) (AMAZON-02)
1	3.143.128.248 3.143.128.248	16509 (AMAZON-02) (AMAZON-02)
99	49

27 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

gklqrdk.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.154.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-154-155.compute-1.amazonaws.com

7322496.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8400:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9c00:d:274d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

apps.bazaarvoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.136.187 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 187.136.244.35.bc.googleusercontent.com

myr-cdn.truefitcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.truefitcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.238.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.238.227.35.bc.googleusercontent.com

cdn.attraqt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-122.fra60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.106.219 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 219.106.201.35.bc.googleusercontent.com

consumer.truefitcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)

myer.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:459c (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.179.193 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-179-193.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.67.137 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-67-137.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.54.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-54-154.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.148.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-148-146.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.246.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-246-199.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:fb3f:3cdb:fc4c:7c72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.44.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-44-87.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.245.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-245-122.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.143.128.248 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-128-248.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	gklqrdk.top gklqrdk.top	2 MB
16	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	22 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 sslwidget.criteo.com — Cisco Umbrella Rank: 1809 widget.as.criteo.com — Cisco Umbrella Rank: 38807 dis.criteo.com — Cisco Umbrella Rank: 679	13 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2528 t.paypal.com — Cisco Umbrella Rank: 3306	83 KB
4	truefitcorp.com myr-cdn.truefitcorp.com — Cisco Umbrella Rank: 537557 consumer.truefitcorp.com — Cisco Umbrella Rank: 12179 cdn.truefitcorp.com — Cisco Umbrella Rank: 16638	79 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	248 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 226	1018 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	678 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 681	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1351	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	useinsider.com myer.api.useinsider.com — Cisco Umbrella Rank: 558734	83 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1506	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4441	360 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 23447	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2159	183 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2682	274 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1104	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1496	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 373	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1698	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1296	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 706	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 832	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1259	880 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	785 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 343	18 KB
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 6215	5 KB
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 6357	13 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	14 KB
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619	5 KB
1	attraqt.io cdn.attraqt.io — Cisco Umbrella Rank: 40368	14 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1140	41 KB
1	bazaarvoice.com apps.bazaarvoice.com — Cisco Umbrella Rank: 3869	21 KB
1	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 8361	233 KB
1	igodigital.com 7322496.collect.igodigital.com — Cisco Umbrella Rank: 540628	2 KB
99	44

	Domain	Requested by
27	gklqrdk.top	gklqrdk.top
15	www.google-analytics.com	gklqrdk.top
5	gum.criteo.com	4 redirects gklqrdk.top
4	www.paypal.com	gklqrdk.top
3	www.googletagmanager.com	gklqrdk.top
2	bam.nr-data.net	gklqrdk.top
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	cdn.truefitcorp.com	gklqrdk.top
2	myer.api.useinsider.com	gklqrdk.top
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	matching.ivitrack.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	js-agent.newrelic.com	gklqrdk.top
1	browser-update.org	gklqrdk.top
1	widget.as.criteo.com	gklqrdk.top
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	gklqrdk.top
1	t.paypal.com	gklqrdk.top
1	stats.g.doubleclick.net	gklqrdk.top
1	region1.google-analytics.com	www.googletagmanager.com
1	utt.impactcdn.com	gklqrdk.top
1	static.criteo.net	gklqrdk.top
1	consumer.truefitcorp.com	gklqrdk.top
1	static.hotjar.com	gklqrdk.top
1	cdn.attraqt.io	gklqrdk.top
1	www.googleoptimize.com	gklqrdk.top
1	myr-cdn.truefitcorp.com	gklqrdk.top
1	apps.bazaarvoice.com	gklqrdk.top
1	cdn.dynamicyield.com	gklqrdk.top
1	7322496.collect.igodigital.com	gklqrdk.top
99	53

This site contains links to these domains. Also see Links.

Domain
investor.myer.com.au
www.myerchristmasclub.com.au
itunes.apple.com
play.google.com
facebook.com
twitter.com
instagram.com
youtube.com

Subject Issuer	Validity	Valid
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.bazaarvoice.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-19` - `2023-05-20`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.truefitcorp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-08-29` - `2023-09-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
attraqt.io R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2022-02-22` - `2023-02-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
itm.ivitrack.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://gklqrdk.top/
Frame ID: 5064221EE4CFD94C8660A4FFE0867264
Requests: 69 HTTP requests in this frame

Frame: https://myer.api.useinsider.com/worker-new.html
Frame ID: A38C96333B0F5472B918214FE5361283
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=gklqrdk.top&origin=onetag
Frame ID: 12CC0CB11B575178DA35B60C77BFAB8C
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30
Frame ID: 1B78A6CA9804A79E914DAEC4A3449D4A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MYER | Shop Fashion, Homewares, Beauty, Toys & More

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Insider (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.useinsider\.\w+/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

99
Requests

59 %
HTTPS

25 %
IPv6

44
Domains

53
Subdomains

49
IPs

10
Countries

3125 kB
Transfer

9168 kB
Size

37
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://investor.myer.com.au/Investor-Centre/
Title: Investors & media

Search URL Search Domain Scan URL

URL: https://investor.myer.com.au/Corporate-Governance/?page=Sustainability
Title: Sustainability

Search URL Search Domain Scan URL

URL: https://www.myerchristmasclub.com.au/Home/Index
Title: Christmas Club

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/au/app/myer-one/id568766800?mt=8
Title: <style>.lazyload-placeholder { display: none; }</style><img src="/static/footer/footer_app_ios.jpg" alt="Download from App store"/>

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=myer.com.android
Title: <style>.lazyload-placeholder { display: none; }</style><img src="/static/footer/footer_app_android.jpg" alt="Download from Google play"/>

Search URL Search Domain Scan URL

URL: https://facebook.com/myer

Search URL Search Domain Scan URL

URL: https://twitter.com/myer

Search URL Search Domain Scan URL

URL: https://instagram.com/myer

Search URL Search Domain Scan URL

URL: https://youtube.com/user/MyerMystore

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://gum.criteo.com/sid/json?origin=onetag&domain=gklqrdk.top&sn=ChromeSyncframe&so=0&topUrl=gklqrdk.top&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ajNuWXxNVjQ3NWw1bW9iM1EySkhNWCtTQ0NNN2dYbHpqRDdNTFVMT3pwenZxbkkwZ2krNjQ0ZmdaSkxad0F0eWszNFg1ZFJkT0ltWUdQVE5ycDJNcHpqem90WXFkbWw5UHp2Q2xjQjhMNWtqQU5oOXNVZVJyOWo5SXZVRVQyVWpFWmFuWWxjanIvM3VwYmVSYktLY1crcjdDcHNnWnZsTmM5NTdKWGpleU95RC9KUUo2L0VzbGlkd1cwbytlSkR1WVpYNWFFSlE5RFdPemdlelZ1WkdDSXl6VHNZWUNRK3ZRUlkvdFkwVSsxbXlxNXlBV0g5eXk0VGxoTU90Q3VhU0Z3R0NLNGV0eUV3OTMvRTBQQ0FCTDI1SUR4Zz09fA&cppv=2

Request Chain 58

https://sslwidget.criteo.com/event?a=64955&v=5.12.1&p0=e%3Dce%26m%3D%255B0%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0lWQUlrMWtjc0RhUTNoQWt3R1VXamhsV0Z3VWtpdjJTaW9JMm1RejE0JTJGT2c3b3pRR3k3U2pwWURNTmh6V3hLT3JvaTQybjlQaXJwVU5ZeUVtNVlDbVBBa3pIWnN5NkduQWNDSlplZSUyQlMzZ05zM3JhRFJRJTNEJTNE&tld=gklqrdk.top&fu=http%253A%252F%252Fgklqrdk.top%252F&dtycbr=75988 HTTP 302
https://widget.as.criteo.com/event?a=64955&v=5.12.1&p0=e%3Dce%26m%3D%255B0%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0lWQUlrMWtjc0RhUTNoQWt3R1VXamhsV0Z3VWtpdjJTaW9JMm1RejE0JTJGT2c3b3pRR3k3U2pwWURNTmh6V3hLT3JvaTQybjlQaXJwVU5ZeUVtNVlDbVBBa3pIWnN5NkduQWNDSlplZSUyQlMzZ05zM3JhRFJRJTNEJTNE&tld=gklqrdk.top&fu=http%253A%252F%252Fgklqrdk.top%252F&dtycbr=75988

Request Chain 68

https://x.bidswitch.net/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_cm&google_hm=ay1seU5aMjhZLUt1YmVXbGFZLWU1TS1rUGMwWktud2FDdEdZUkE4QQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_cm=&google_hm=ay1seU5aMjhZLUt1YmVXbGFZLWU1TS1rUGMwWktud2FDdEdZUkE4QQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_gid=CAESEECZUJRjdLOsWKyqGfAQQbw&google_cver=1&google_ula=913071,0

Request Chain 70

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4795913389680403041

Request Chain 71

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gjx5gcY-KubeWlaY-e5M-kPc0ZLQBeRROH3-mg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gjx5gcY-KubeWlaY-e5M-kPc0ZLQBeRROH3-mg&C=1

Request Chain 72

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-3j-pLMY-KubeWlaY-e5M-kPc0ZL-PwQlC-gisg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-3j-pLMY-KubeWlaY-e5M-kPc0ZL-PwQlC-gisg

Request Chain 83

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_g1WHsY-KubeWlaY-e5M-kPc0ZJjLZVKI3COTw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_g1WHsY-KubeWlaY-e5M-kPc0ZJjLZVKI3COTw&verify=true

Request Chain 86

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yZ3ot-odwcYYZoa5fLbkr7fK85R9hJ-x HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yZ3ot-odwcYYZoa5fLbkr7fK85R9hJ-x

Request Chain 95

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=q0jEX0anDbvpFGa99DsAytceXcYh-1Wk

Request Chain 96

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dO4G-KzAmcjZg6NhEELYK0hK4PbywUwZ

99 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gklqrdk.top/ 1 MB
155 KB 391ms
227ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13e299a388cf694ace40210f1a32fd3b08ba21206a695af5eb0f56a9a6909b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 616
CF-Cache-Status: DYNAMIC
CF-RAY: 75bcd5c2083d9131-FRA
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Oct 2022 23:32:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsacFRGV3OsVZfT5D4hHlyiJ%2BQiM5%2F75GVa9QrK%2FHSq7ROn%2Fr0jtm3bIPx0uwP6hIkedlSso%2FpcaA6v60qJ%2F5qgf%2BgCyB7rSujLtB5O8w%2BuDkVBABnHFnZcXD7nt6rGLguz9DQVEMvl0jg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 8d6d65c40f49b96d1f700720137be26a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 8aYd3eGJ4iCz86FNGFGDPP5m4m-_LJwHzHgcSLhsRpqnh0N3kr4H8Q==
X-Amz-Cf-Pop: IAD66-C1
X-Amzn-Trace-Id: Root=1-6349d856-5ad9a7cd1ea020e46cb82339
X-Cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-apigw-id: aA69fHI-ywMFdSw=
x-amzn-Remapped-connection: close
x-amzn-Remapped-content-length: 1221479
x-amzn-Remapped-date: Fri, 14 Oct 2022 21:44:55 GMT
x-amzn-RequestId: df85bc47-15c7-4d38-b27e-04aca2ea39e1
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK p.js Show response
gklqrdk.top/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 196 KB
48 KB 423ms
403ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda41435b4c8e4475226c6c644bb726c5c1675a39507c77d54b64d3ac662d67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:42 GMT
Via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200331
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 161321e9-a68b-4e6e-9cbd-aa20bf53873c
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJLDGdjSwMFW5g=
Content-Length: 47495
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e8b-8JKIb7A+0a1w1GDqIs2OuYm0BE0"
X-Amzn-Trace-Id: Root=1-634388ac-4b47953d24442def6cd350ae
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7MCu9fqETZmiIQk6iVK9WfRrnwrTit3NfEfYb1L8ZRY6Ao2UtQvv%2B3YgF707JkntTMTijj6jC4Lp%2ButMukmtVmZG%2BjhCuyrVII2ldbbg%2BwpIA%2BaCzMs8%2B8TZMMdfQSN920XaH4IBUq1gw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c4388abb97-FRA
X-Amz-Cf-Id: PXMZK9AqlZ47mnQOEZwwYNHmdQbEl-On15CRS3dIRIiCvQD4tk5Y5w==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:25 GMT

GET
H2 200 collect.js Show response
7322496.collect.igodigital.com/ 8 KB
2 KB 351ms
111ms Script
application/javascript 52.44.154.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://7322496.collect.igodigital.com/collect.js
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.154.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-154-155.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:42 GMT
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 20:07:13 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK Draper-Regular.woff2
gklqrdk.top/static/font/ 196 KB
197 KB 451ms
431ms Font
application/misc 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Draper-Regular.woff2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f63b87834a16280d524af8639eab7fe11e9d945defa1c960ac9a9b97bdf7705

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:42 GMT
Via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200239
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 2a987b49-a00a-44b5-8c2d-5c9d33d6ff8f
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJMBF0pywMF0Tg=
Content-Length: 200227
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e2f-C+tQSA+x5t+3Afq/R6eyaqpiPGk"
X-Amzn-Trace-Id: Root=1-634388b3-1496e3a133a93fb0002d0561
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXmmmXAMjrFwA8I02%2FP%2BLvxeupw6lU7Rox7yc2ZGOqqjmXNcXL9HwfpmKhbWWzjM5%2FNnbwaABKuRhL5%2BLJ%2Bcdal7w5iplgQke0oNcuA8hkXIKIMXmK0%2Bw4uXEw0Xda4QMYQdzX3c5NbaOA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/misc
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c43cb691f6-FRA
X-Amz-Cf-Id: WkP3NjiooaPtXyZS5PSK1YxV2kaX7jxRLRnS42IcrebacxqyLnEzXg==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:31 GMT

GET
H/1.1 200
OK Draper-Bold.woff2
gklqrdk.top/static/font/ 196 KB
197 KB 455ms
435ms Font
application/misc 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Draper-Bold.woff2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ed62795877271d245f7a3c4fe7062b2c2af298f67cf1672383a2ab52adfdf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:42 GMT
Via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200233
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: d68c653b-4e42-4855-bb16-f27b760aa02e
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJMWF1KSwMF4eQ=
Content-Length: 200221
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e29-iFs18jDIYBVuhzfnZuS5xA1ZPds"
X-Amzn-Trace-Id: Root=1-634388b5-639b3ed604cf1e3563003633
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpvA1BHYNKH5eDyRrw%2BOZ%2B8nkFJj30H8KWIpxdswCfQZONcyb6SFNrJt8txqrvMJcE4HmLHr66FnyVOnfZ5ZmwbvCCvFqRgz44F6dbUSDMEa0t4La2qdopXeyEwRmdiWxnAKPCZsBNzl%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/misc
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c43dee9a2f-FRA
X-Amz-Cf-Id: uC9_ijgN5OQDbCuqH_hGjiKtd3YBS8C12dn9nqAX4FDVQ4LPt9KTug==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:33 GMT

GET
H/1.1 200
OK Sidney-Bold.woff2
gklqrdk.top/static/font/ 196 KB
197 KB 334ms
314ms Font
application/misc 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Sidney-Bold.woff2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc35e66fd297adc06c1d960a109695c6552f11852484eba60127682c0887272b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:42 GMT
Via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200233
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 6a3e93b6-9ae2-4635-83a9-39aa2432f306
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJMlFllSwMFXNg=
Content-Length: 200221
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e29-ThHJC3gPxgl5mi/1hgRNDAQVdzY"
X-Amzn-Trace-Id: Root=1-634388b6-0b7e530255dacabf7fc4388e
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJRO%2FAt%2BultXykPewpj9DR6DwZHO35U1Fc%2FqnskUfD5SY3krggjTOK3wIjoQWNYI5xvgpksMTqnS9QsfWkkXaUWnvIqRf2Dtdhmz00hlSMD3xsBW%2BWIBA8uXoZ4fBw060wfqWusrx2Yz7w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/misc
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c43c0f9118-FRA
X-Amz-Cf-Id: rAi5xeonsfP5DQEUg-S1BaBVr_Fqv_vb9qEJGJtSe80mIGAdxwgOsQ==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:35 GMT

GET
H/1.1 200
OK Sidney-Regular.woff2
gklqrdk.top/static/font/ 196 KB
197 KB 524ms
504ms Font
application/misc 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Sidney-Regular.woff2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c459c15503f63de8e744adebffa89007d547490e103265c8133fac05bbe4c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:42 GMT
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200239
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 6cdf1651-b496-44bd-8dc2-d3dda6db4a4b
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJM7GUhywMFQIQ=
Content-Length: 200227
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e2f-FJbGzLbGOz7QYrejNtZDWKKegBs"
X-Amzn-Trace-Id: Root=1-634388b8-6e7a013742aa1cbd5c2a7048
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CAbHcmgvDNlZDzia5VaaAH2I%2BDvjXYVcUc30oxU6GLdwki1V0zjD39Dx5dUx9%2FpLqJsVxzrFMKv%2F984rPwUUrGy%2BBLUUA4hl0dAtIsmO9oQ9PLVf5Vp0cTcd2mXxUYewSgHQ2ratDlx3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/misc
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c43ca49268-FRA
X-Amz-Cf-Id: DRm6HuqPMatpLMMPzY-OkEuG9AkFjfz0_TAXplmz0v8Qah-6GBXbCQ==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:37 GMT

GET
H/1.1 200
OK Elcon-Regular.woff2
gklqrdk.top/static/font/ 196 KB
197 KB 860ms
419ms Font
application/misc 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Elcon-Regular.woff2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d0e3407dcfe2167166740ff2d319eb130e6cec1808cb6a2ec973de9184f6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200237
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: a8bcbe3a-e534-4448-8685-0f912b92f55a
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJNYFZhywMFo9A=
Content-Length: 200225
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e2d-AApfSfu4Z2M99jaGuGufuOIruao"
X-Amzn-Trace-Id: Root=1-634388bb-5547d4f674b2f4bb1ffd5aed
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXMBv2WPyIx6V7jQ5%2BKZZYoApbz7ZuenqlGKndyJovfYB5HB8CoQhDcTKPWYYnU0fqgEJdahNpGwOwYr%2F6KqEIcyPtQ98ZlmB7DXq6bUfI1QX%2BJhi2Uv4DQdBOb3eJtWRWMqELmWAEZitw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/misc
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c6df5b9131-FRA
X-Amz-Cf-Id: KUAQ3wep6KCtIpN8iIKbF3T0cIsJ-zNox_3jiD5G1Q3Vf2EhDTx06w==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:40 GMT

GET
H/1.1 200
OK Elcon-Bold.woff2
gklqrdk.top/static/font/ 196 KB
197 KB 844ms
402ms Font
application/misc 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Elcon-Bold.woff2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5305442838ef4bbddc0a6582e88a5d31b15d7145a5b7cc04dba153a449f75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200231
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: b42895dd-22e3-4398-8550-1c9af9aa5a78
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJNsEM1ywMFRxg=
Content-Length: 200219
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e27-IEGkf1bI/1q/Hd/bHiVH1PtYDJc"
X-Amzn-Trace-Id: Root=1-634388bd-022ebe0f189da10e1e5ba357
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BL%2F6k%2FlF4p%2BKGuK2rTk%2Bt58wec9mDi%2F1RUSeLFOWXyaNhlm74odgfbMI%2FFFllBNi6AVF1q60MoSX8PCOoj%2F8WIfid0DL0KPdwCLnF8hKQf0v21KXNZM2BBmMIjYhwFupCy9vtQAdaWGT%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/misc
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c6de509118-FRA
X-Amz-Cf-Id: m4r6Msq-2U9HoylDdL_Gb1TF94ldAiBQo3JZoAtbwilcv89m6eRq3Q==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:42 GMT

GET
H/1.1 200
OK api_dynamic.js Show response
cdn.dynamicyield.com/api/8770674/ 1 MB
233 KB 78ms
25ms Script
application/javascript 2600:9000:2057:8400:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.dynamicyield.com/api/8770674/api_dynamic.js
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: HTTP/1.1
Server: 2600:9000:2057:8400:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: ecd4d29861eb13b0c28d52db636e3c3f964aa6c53aed17bee0565cc04a2dd74d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:33 GMT
Content-Encoding: gzip
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Age: 10
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 02:33:36 GMT
Server: DYCDN
Etag: W/"4e22c6f518f22588f152ef1069a132a8"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=30
Link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
X-Amz-Cf-Id: r-Iy30fT8X14XjciH5wCOqZGLKCCAMItOKXqs58Nyne9UWmhOf5S_w==

GET
H/1.1 200
OK api_static.js Show response
gklqrdk.top/api/8770674/ 196 KB
48 KB 415ms
414ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/api/8770674/api_static.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f37f40397fd64e7d8a67d8a7e261ae846a8e96b1db9336e26f23ef2fa3a11402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200225
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 2bda8824-0ffc-4f68-a46e-134071a4e693
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJOCHY0SwMFfFA=
Content-Length: 47447
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e21-uXg/atDvBZM1n9uSkrpYiUScqmA"
X-Amzn-Trace-Id: Root=1-634388c0-1801fa7b012fef5877172276
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK%2FYCjLKcG6m%2FC%2Ba4c4NHTVojlXTopcdLvEhKMwHM24fnc3nBRnl2WZ0T%2BClrIsDBhif7g0lmVVHpcSwro%2Bv%2Bwawc%2FaJGfomS5p5oX785JAA%2BGQLrsceLbCjfj9CcUAaSHvdO8eBKcvuIA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c79f829268-FRA
X-Amz-Cf-Id: 05Ss5Ec2W7gpNUtUIjT2But-OEsnnYSn5X9HiN3y1-fS0KAb7hvHng==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:44 GMT

GET
H2 200 bv.js Show response
apps.bazaarvoice.com/deployments/myer-aus/main_site/production/en_AU/ 66 KB
21 KB 380ms
27ms Script
text/javascript 2600:9000:214f:9c00:d:274d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.bazaarvoice.com/deployments/myer-aus/main_site/production/en_AU/bv.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:9c00:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e38afecabd1ea08614689e486a5aef1acbef7be80ee22e65393ae144555ad2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: _3LNmFys_v7pV9z0Popyjcu6d8DZZ_0e
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
date: Mon, 17 Oct 2022 23:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 139
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 21026
last-modified: Tue, 04 Oct 2022 04:02:59 GMT
server: AmazonS3
etag: "135914a76a1737a3364f9337aa2feec2"
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: QgywGWB44fka9-6vVWi3iGoisP1ZA6znmFCnzeu3DTzl-ZGssQsCsA==

GET
H/1.1 200
OK f60ec670d79db34b0ee1.css
gklqrdk.top/_next/static/css/ 196 KB
48 KB 758ms
411ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/css/f60ec670d79db34b0ee1.css

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2867b33b5715cd246c8bc7e5cfcf846f76c85788350b3622e63b086f4dff6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200257
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 36c76eb1-a878-4973-bbd9-1ffe513e2d0e
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJOfEXfSwMFzig=
Content-Length: 47460
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e41-jZyb3bmxyfciMLYo2PjSuqmYz7s"
X-Amzn-Trace-Id: Root=1-634388c2-71c75a04307ed2cc6eb29c3e
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mEjMkIcOMcCou3pUXtCCxODeUyBVUCFy1Zj%2FrxdceLw4fKaznH6FLq2Yws6OWulXBT%2BwbZdhqQyac61hu2xvBXjLriDN9mFWzbKl3z4nSR04oktRDRjR5C4DY%2FrdoFqlKm1SvEvmC71KA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c6bba6bb97-FRA
X-Amz-Cf-Id: n5xFEojKELAxYQuOlmUbVa0bTd4qzuI5VyF3bEtc4mgdUkLMkOI4Iw==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:47 GMT

GET
H/1.1 200
OK webpack-eb960137b1b6afec8703.js Show response
gklqrdk.top/_next/static/chunks/ 196 KB
48 KB 410ms
409ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/webpack-eb960137b1b6afec8703.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c9238c827086f9a3b4b49c1bea12c0a013ac50b1b08a584ad55905360e94e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200277
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 9cb41e0b-babd-4fae-894c-e916049220a2
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJPXE3ISwMFtlA=
Content-Length: 47470
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e55-5UMQ6uQRz8TWAHi8FAG5eD4ESV4"
X-Amzn-Trace-Id: Root=1-634388c8-6e8bf1c95a9c20481efb8c4f
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPkw3i78lHQ3vfLoXp509JbootTxNtpxof2JGZB0MRTRoX9gGc%2FdrbxIxtvT0Cai758OoxqGOsun07TCjN%2FIgQ4ZlE%2FxgMCyUN70Wiq9GjWJEsYSdralWaXk2PAR8nziYrzyCKofnvpfKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c79fd591f6-FRA
X-Amz-Cf-Id: xwEiS6K_PskM-OjLSqMUgKvNsy-0XjgUfUegKpYKpO2gYkc8Acy2Rw==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:52 GMT

GET
H/1.1 200
OK framework-7612f137f39df1be4160.js Show response
gklqrdk.top/_next/static/chunks/ 196 KB
48 KB 420ms
419ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/framework-7612f137f39df1be4160.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

336fc2acdc96e6bf08e013776ccb87978fb5f996f5c38801e37772d50868ab07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200281
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 9abd1b53-51d7-473c-b8e8-8085982f0503
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJPzFmwywMF30w=
Content-Length: 47471
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e59-ucfvHsBY/SNVhzkvhdTLSehQ388"
X-Amzn-Trace-Id: Root=1-634388cb-2015a2e21c0796116368f8c7
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx9%2BKESqqIecr%2FnHGjRj7CXvwHkbU7d2J2yG0MDB6XHFsr97tuW9jKlTFBROor83EDwj8crKJIdHGYmS5z6%2FLb09pc8zYxNmi5%2B7xjfrEAVqHjAcHXGfRDVO7Qa4gN97dbkZ%2BDMR8uTw%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c7a9e99a2f-FRA
X-Amz-Cf-Id: Cv8dujXj-1BxVaYQadurx13wXuMbItaYg0tsw-bjOdaPOFV7MUh3lQ==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:55 GMT

GET
H/1.1 200
OK main-9041ac8117ab8b7731e6.js Show response
gklqrdk.top/_next/static/chunks/ 196 KB
48 KB 409ms
409ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/main-9041ac8117ab8b7731e6.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15593d00d683ebdca6a7e6970e9301f30bb710aa12947b77e66119fbcda5121f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200271
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: dad5af50-9750-4d2b-9ef4-cd074943b796
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJQHEUmSwMFVwQ=
Content-Length: 47467
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e4f-GIsNfFAQX7AUG+kCejvQsMKswy0"
X-Amzn-Trace-Id: Root=1-634388cd-49121e302cba17b207dc9dbf
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H22sMf8M4pyg9%2FFsdFI4Dn8dQXrDZ3V4xoILIQUD40B1noPQW8rQBBFpPfazaQd9lhaZB%2FyLtOjHXLoLY7Bqa8pWbM0pBVdmvBL1O%2F%2B0rpf1o5QnNq0PDpb%2BSG%2FTlRX%2BxcE4xeV1ngKMpA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5c94e9dbb97-FRA
X-Amz-Cf-Id: mQZ6-BXFS3pHko1lj5WR526wHVGaeWJsrP_KAIe9q1-lYS_aLQ89KQ==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:51:57 GMT

GET
H/1.1 200
OK _app-627fae2b9a072cda92b2.js Show response
gklqrdk.top/_next/static/chunks/pages/ 196 KB
48 KB 416ms
416ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/pages/_app-627fae2b9a072cda92b2.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e345bb0ee944a3d4c118abef070909ef2cab11c0e291bd3008b83dd803ecf7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200283
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 929df656-54c6-4e06-a273-60c234b14a1d
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJQdHSiSwMFiug=
Content-Length: 47471
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e5b-Dh5lggO02g1xilyb545s4KIev1E"
X-Amzn-Trace-Id: Root=1-634388cf-3fe3e313612fbd107e545eeb
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxJArguza0D8E4bT739innrbufegRZxndnnp5CcDYAXWeQdNGuSfNXC5XwVUrvAWluo52EmchUgsmt98Cb5D8WFF6EFzUgJuCwIwnftxAViXIMTtsn7k5Eu%2B8NMfHhy1fPf3vbde498a3A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5ca398a9268-FRA
X-Amz-Cf-Id: _gcCMMX7wFFLvuvH0d1f61NwnSJhJ-st-xrzhTdamAgROlvevOCX3g==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:00 GMT

GET
H/1.1 200
OK 3716-c23b81ff7073effd4636.js Show response
gklqrdk.top/_next/static/chunks/ 196 KB
48 KB 415ms
415ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/3716-c23b81ff7073effd4636.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3474cc77c66ff21db6f79c65ab5117ca983c8ad043e0e714187485c2e3324dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200271
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 419f8191-89f5-4df9-98c1-6a17e05df9bb
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJQ7GXUSwMFxBg=
Content-Length: 47468
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e4f-8TGAIabv2xuOSIthz42lxmUFv+w"
X-Amzn-Trace-Id: Root=1-634388d2-743289b35f7baa5a35c43f99
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoUnVD%2BMYszcqDOfl7UjxKJ4Wu%2BPogSgKJ%2FgEOGKligoT4ExDbUhuBbRNEtyVLnJpVQCtTBJhx1diUI%2BdtCQTbC8soBMajLQoto3O5TjxNp3UP6Jk6%2FAuhyjGbs5LBdF3NiLKNlbdRTx8g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5ca4d0a9a2f-FRA
X-Amz-Cf-Id: 08QOF-pDwvV1sQ94-l5TtjehK4E28Fl0i6fePDS8buk3tXlqLjvy_w==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:02 GMT

GET
H/1.1 200
OK 3125-cef336f4e96c3d9e9f35.js Show response
gklqrdk.top/_next/static/chunks/ 196 KB
48 KB 434ms
434ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/3125-cef336f4e96c3d9e9f35.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4658cc241c516aa366c454f2f34c739b948b1176fd1b7801dd512f470b265211

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200271
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 73739f43-b413-4a11-9b5a-8fd39253b13d
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJSQEX3SwMFjTQ=
Content-Length: 47468
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e4f-2B+2y7u09KN51JCbNpFz/O4yZ6o"
X-Amzn-Trace-Id: Root=1-634388db-67f885976780f1ce5abf74b0
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBpY24%2BI5XMdqEbgqXOtUSp9wYX9r66slIwmSsjZ%2BFl%2FwXvLegBeXwMTP36Ek7URaSufNpGkvISPdO98G8ru21Vi6qeneaSYfooq6q8a%2FtSRU6m0v5l2YuL4854r7phRy5rk2b8XTKXMZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5cbd995bb97-FRA
X-Amz-Cf-Id: vM0z-QOxnHj769aVn2-iJcQnFUjEcX4SUqabKACUtqUpiNhnHj0pbg==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:11 GMT

GET
H/1.1 200
OK 80-48f36c549bc6352702de.js Show response
gklqrdk.top/_next/static/chunks/ 196 KB
48 KB 417ms
417ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/80-48f36c549bc6352702de.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444105300ed33afd3137d50f5591335f82690344b708f3388189fccfd64c3270

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200267
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: edc6cdd6-c672-4174-8ee8-713c172623b3
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJSsHoNywMFl2w=
Content-Length: 47466
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e4b-xxSI/AXd8FX1UQHqsexOdu7rRcs"
X-Amzn-Trace-Id: Root=1-634388dd-45a0e2533cc29c9747d47659
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmnmdbmDeSa9HY689cBsdaueH4L10VUItNaZ4HpDvN5XytmMHhqBVHQ%2F0CcQwFw4neaImPXcuYF9WpPq9%2Fiuj6Cm5VwtHNZwPFnGtB4Ehb4gz5lxZ7u4KhLtQfgZpUfUhuSv9geOBeDBGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5ccdbae9268-FRA
X-Amz-Cf-Id: 8K3dzqFhCds8BN9N70OPHU9rf9NXF18Ps0tXuIu2YcZ0rSW5TFFumg==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:14 GMT

GET
H/1.1 200
OK index-ae3a2e1100b99c4299f1.js Show response
gklqrdk.top/_next/static/chunks/pages/ 0
1 KB 210ms
210ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/chunks/pages/index-ae3a2e1100b99c4299f1.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Content-Encoding: gzip
Via: 1.1 c625b1bdde545acdeb26c9f6ad3a8c6e.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 6236
x-content-type-options: nosniff
CF-Cache-Status: MISS
X-Amz-Cf-Pop: IAD12-P1
x-amzn-Remapped-connection: close
x-amzn-RequestId: 898a9b97-aeaf-4aee-b7a9-e2f6e09b953e
X-Cache: Hit from cloudfront
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
x-amz-apigw-id: aATMTFzwywMFpFg=
Content-Length: 3
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Fri, 30 Sep 2022 07:04:29 GMT
Server: cloudflare
ETag: W/"185c-1838d35fc48"
X-Amzn-Trace-Id: Root=1-634998b4-10304e4d6a19f7d3405b69c9
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuChj5%2Br0jw%2F519UPbzxxvbV%2BA1sqYznTho%2Ff0jywZZ7VEuOG6060GX%2F2qMUGHoxPutSa7B68%2B8Ixy%2BefTH02fgCw0S6CgVppBQBnBZDnW2H3tfgpCycMDxb4Nw1RbZHeu3DJ6tsJfRd7w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5cceff79a2f-FRA
X-Amz-Cf-Id: _Atkq9DYtLUEE8jK-FCXp3-c1OlNuPaYFKeUCFVjaUcnjGcdYVgVIw==
x-amzn-Remapped-date: Fri, 14 Oct 2022 17:13:25 GMT

GET
H/1.1 200
OK _buildManifest.js Show response
gklqrdk.top/_next/static/TiEmBAxwTvvnpEcgBIECD/ 196 KB
48 KB 418ms
418ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/TiEmBAxwTvvnpEcgBIECD/_buildManifest.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

084b66d6edc1dade5cc0dfd534b5339f4ac5df7d302ae2282fff1faf77574d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200279
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: ebddf10d-a279-4ba1-a329-4c807d7b8c1c
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJUHEnVSwMFU3Q=
Content-Length: 47455
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e57-b4j78+BZpLqLKST7ouzARi1N2QM"
X-Amzn-Trace-Id: Root=1-634388e6-5d5e5bbd4a94415d1c633a12
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JHYIS%2Bft2mm51%2FJu1XCw7EOJTmn6woPaMfeESXogQk5WlcIGdlw65I38GNMniY%2B%2F21JKPuAmcam9he%2BK9geYr%2Fh6zqjGiwT5wuRA2vrjKID1ywbYllD1CLLWWfhP0zFSzJezBvUnIjP2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5cd1be79118-FRA
X-Amz-Cf-Id: Pith71NTkg4srpQ8S3YE-4ciwhmXODI8FpBZOyU5vGwKnrPem671sw==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:23 GMT

GET
H/1.1 200
OK _ssgManifest.js Show response
gklqrdk.top/_next/static/TiEmBAxwTvvnpEcgBIECD/ 196 KB
48 KB 419ms
419ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/_next/static/TiEmBAxwTvvnpEcgBIECD/_ssgManifest.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

470ceec21e89996a5b1cbd642c158c23d4a296d5b9b5f9bdb5da3ba0a3bb2d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200275
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 6513b00d-43fc-4420-8d6b-a86dac830fda
Content-Encoding: gzip
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJUjHOSSwMFkXQ=
Content-Length: 47455
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e53-PblYxmVCqYHyvQZKLUvs4Hb4Zmw"
X-Amzn-Trace-Id: Root=1-634388e9-3bbea9015d6460847783f234
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JJUZbsUbd97rkZ0gBxBrPPlLnJl1%2FvfLp9DBUGgtIdNRtO%2FPd2JRGQ8Yd3voivwUAIL%2B0eipVU0aeC00UabNzl%2FzyYBps09JMvYRtajobT4A9hzms8RCSZ2oc0xfml%2B%2FiUiF2uN8blSaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5cd7d5f91f6-FRA
X-Amz-Cf-Id: XMgFEkJi1DYXFcLuNJZTKLHZAOVmE8W_TdjEGGt0RYR0tlkhz2w_TQ==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:26 GMT

GET
H/1.1 200
OK footer_socialmedia_facebook.png
gklqrdk.top/static/footer/ 41 KB
41 KB 404ms
404ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gklqrdk.top/static/footer/footer_socialmedia_facebook.png

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200265
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: f5b47a6e-9f32-45b4-aa53-39123fa9ae85
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJVjEMwywMFzyw=
Content-Length: 200253
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e49-hS3mjTGGvJvT3EAxkRor/OWhB0s"
X-Amzn-Trace-Id: Root=1-634388f0-58b9b6e009c7993a066322b0
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ8uyfqA%2B%2FNuQP4kaWPBNR0JwYw7XIVo4sy2qO%2BNrIBiWY4tESyyg5obbz98jJOP8aTRWxtSCuocyuRHD93Cx3WxvHJt4iv7%2FpQ9VhEoXmn3DpGj%2B5S1FmELVY84BFHrzOXzr0mD1mjjxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5cda94f9131-FRA
X-Amz-Cf-Id: -tBPW-tjdpwxt5xJWL66GjwlGwuefXkFgBrSzaQplf6SU51ccgI8Hw==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:32 GMT

GET
H/1.1 200
OK footer_socialmedia_twitter.png
gklqrdk.top/static/footer/ 46 KB
46 KB 396ms
396ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gklqrdk.top/static/footer/footer_socialmedia_twitter.png

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200263
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: dfb4683f-a7f8-4a27-ba4d-e1eb2db5ee44
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJVzHMaywMFYpg=
Content-Length: 200251
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e47-MkVsS9j4OGACTUYFX20rGE4osRc"
X-Amzn-Trace-Id: Root=1-634388f1-0caf20154a357886189eebee
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnv2IcY7DLemzmaOizN%2BCIXMNqQpxO%2BxfMkDTjBy%2Bf%2BLNi6fX1mTI2D6cnILM%2BiotBk7QpoBSbR8R52OddVo4OFGR1XQVt0wgD%2B68%2Fms54SbqAODWGoPWUNj0kLZ2Vf9ussjA82lws1e6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5ce39479a2f-FRA
X-Amz-Cf-Id: JEqgK8_CUN6VLYkIFoh0eXOd_8Oht8frb0cWMWE1khpZ6A-VsgRZQg==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:34 GMT

GET
H/1.1 200
OK footer_socialmedia_instragram.png
gklqrdk.top/static/footer/ 46 KB
46 KB 410ms
409ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gklqrdk.top/static/footer/footer_socialmedia_instragram.png

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200269
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: b52b9947-81bc-483e-933f-b1d53a4c27f1
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJWCGD1ywMFTQA=
Content-Length: 200257
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e4d-ff0t8vPwV4P0NXxKwYj4IBllnz0"
X-Amzn-Trace-Id: Root=1-634388f3-655d9a4a7c57ddd90f31c80e
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijNp6F7YLb2jZ9gvioL0PMrAIzIyEx6sBnNknyk1cG8puSIxsVetFhiJMPwdcOAp6d1QHa%2Fz4huAU%2Bd72WTz1y1F%2FThJuN95a39b3HlIzqklNMbsQgT%2FAaKGUNcHIeBFRwNhJoEjo%2BHs0A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5ce9d62bb97-FRA
X-Amz-Cf-Id: sXhoe74RSr5xPaET3ATIdzKBqvOJAoAEb6N161vnfp2arjw07RB0vw==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:35 GMT

GET
H/1.1 200
OK footer_socialmedia_youtube.png
gklqrdk.top/static/footer/ 38 KB
38 KB 391ms
391ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gklqrdk.top/static/footer/footer_socialmedia_youtube.png

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200263
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: MISS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: f64d56f3-15b3-483a-8cc3-de2595e5055f
X-Cache: Error from cloudfront
Connection: keep-alive
x-amz-apigw-id: ZxJWSHpeSwMFadA=
Content-Length: 200251
x-xss-protection: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
ETag: W/"30e47-eJX/vRzAMtXXVgHMPC4e+u5evWw"
X-Amzn-Trace-Id: Root=1-634388f4-0df403376093c2611dee7fda
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgmDOSz8ythH7ah0BA3sFyy1Jf3srG0jpxGaXyLK8ZAMX9lPS0sV1Z2HnwQuLP523Lw34haycMOGWUmOIW5wo1rZfE%2FngScoHV5JF7xQzP4y0GqCz8LTpJkXDXYUHAFBNhJd6cSVmqqNTg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 75bcd5cf7db79268-FRA
X-Amz-Cf-Id: LykvyKuLtp-maEcqfDw36txQCXW7E6_3eckziNjTyB9LZVfhU3hdQQ==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:37 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 255 KB
76 KB 51ms
17ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AeqikCV_U5NTDOvt47YwfOd5vBZ4yzju3PN6eUHf7tbQCZwyUwZQOQqnrfBYQ5RAewtkFGD23G41JdCh&currency=AUD&components=messages

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

46d6908c4a5a03228c5172af09a92b99a03501071bbaf87898d0117095f6dc26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-fRe5PKaUP5viLNJo1RT+Nf1DpoEGa8TK/QefMP6V1YMssKZ2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fRe5PKaUP5viLNJo1RT+Nf1DpoEGa8TK/QefMP6V1YMssKZ2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-fRe5PKaUP5viLNJo1RT+Nf1DpoEGa8TK/QefMP6V1YMssKZ2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-fRe5PKaUP5viLNJo1RT+Nf1DpoEGa8TK/QefMP6V1YMssKZ2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 23:32:42 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2764
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f717011bd17b7
server-timing: "traceparent;desc="00-0000000000000000000f717011bd17b7-81b9a92bd202dea4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76502
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4022-HHN, cache-ams21073-AMS
traceparent: 00-0000000000000000000f717011bd17b7-d44c5e21b9886c44-01
x-timer: S1666049563.714404,VS0,VE3
etag: W/"12ad6-cZPA4ytX/SKTFG90rav1HvKUOlQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 fitrec.js Show response
myr-cdn.truefitcorp.com/fitrec/myr/js/ 3 KB
2 KB 463ms
113ms Script
application/javascript 35.244.136.187
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://myr-cdn.truefitcorp.com/fitrec/myr/js/fitrec.js?autoCalculate=false

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.136.187 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

187.136.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

2ebaeadf18af2d0b45e01c9b87d7ec50133a7d119c904f784aaa999694e57a2e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: 'unsafe-eval' *.quantummetric.com www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' blob: 'unsafe-eval' *.quantummetric.com www.google-analytics.com
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 09:35:39 GMT
server: nginx
etag: W/"632d7deb-b72"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
timing-allow-origin: *
expires: Tue, 18 Oct 2022 00:32:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 486 KB
109 KB 427ms
81ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-59WHG4X

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a956f1e33446f77a7de2211c937c9e952747370ada80eed7309b2e68363be8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111548
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 22:20:07 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 23:32:43 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
41 KB 379ms
30ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WDX6CG9

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

caca0d70f30ff90574c9a305d825353901dbd26a007b346e79ae85130d333f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41719
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 22:20:07 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 23:32:43 GMT

GET
H2 200 xo.all-1.min.js Show response
cdn.attraqt.io/ 58 KB
14 KB 52ms
14ms Script
application/javascript 35.227.238.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attraqt.io/xo.all-1.min.js
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.238.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.238.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b6421f58f1ba1576637ebae2b8e45bb5ef8e518c359851b5ffff50d3e155b988

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:55:42 GMT
content-encoding: gzip
age: 2220
x-guploader-uploadid: ADPycdsamAziABI5PuTIfanvI_8IcDdv9pwT7pItUO4hU1aIwOANbwmEKxGez3PS_9GHv566axRe5MnqfV7Vk4Mf7nDfLklR4llR
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14180
last-modified: Mon, 23 May 2022 13:53:54 GMT
server: UploadServer
etag: "764fdfce6249c28d9bed004439588657"
vary: Accept-Encoding
x-goog-generation: 1653314034888972
x-goog-hash: crc32c=mRExmg==, md5=dk/fzmJJwo2b7QBEOViGVw==
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 14180
accept-ranges: bytes
expires: Mon, 17 Oct 2022 23:55:42 GMT

GET
H2 200 hotjar-767111.js Show response
static.hotjar.com/c/ 20 KB
5 KB 98ms
53ms Script
application/javascript 18.66.147.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-767111.js?sv=6

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-122.fra60.r.cloudfront.net

Software

Resource Hash

0599d637dd227e546a959bec7957580850e96ed713051331a45a30e6beb76954

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
etag: W/7705ab69f375aa82188a06b3e6c28354
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ienUmBIX5MjAUxuYlolnu_3UvkwBSIny3-B_8Erv6xkAytZESmCwXg==

GET
H/1.1 200
OK Sidney-Regular.woff
gklqrdk.top/static/font/ 196 KB
48 KB 494ms
412ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Sidney-Regular.woff

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4772ae521a915bae94a004d005cdbfffe5b3bcd04011d1f70d2db6fcaf62d6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200237
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: BYPASS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: ba554a01-fe0c-4881-8862-b4f00b99ecbe
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Content-Encoding: gzip
Connection: keep-alive
x-amz-apigw-id: ZxJX1EQbSwMF3rQ=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
Server: cloudflare
ETag: W/"30e2d-88/c3xjVM1gAMOsH+AnTCkJhqUQ"
X-Amzn-Trace-Id: Root=1-634388fe-3fe0e0911531832c0034b25c
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8283TfWx66Y%2Fk8AD7bWif46T%2BE1%2FdkiHv5Ux3ejxoyfC5cPyYDom4nVgV2UPqZo6%2FpLTq2bwdzdkU0F%2FmlT4M%2FByBy5hzgh%2F4ONUnLvbJPRVKSBPvwmhd3dLjIIk2l5PzXA5H59mRG6kKw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
CF-RAY: 75bcd5c9e9129118-FRA
X-Amz-Cf-Id: K3JKPF8dp_7E0NQpAySzyY4gQcg-TujRJ5cRwAbC1op_oY9KTCifqA==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:47 GMT

GET
H/1.1 200
OK Sidney-Bold.woff
gklqrdk.top/static/font/ 196 KB
48 KB 487ms
397ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Sidney-Bold.woff

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04275c8f2d198d2e5b424039974ba178c8f2bd80e45fbbe140a2eea55a82b515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200231
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: BYPASS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 2a10d1fb-e5f3-4e75-a47e-41d8d1dd4bb2
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Content-Encoding: gzip
Connection: keep-alive
x-amz-apigw-id: ZxJXgHd1ywMFX2g=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
Server: cloudflare
ETag: W/"30e27-5aqTiIYkLF/qTsx2wCvJAEe7Mqk"
X-Amzn-Trace-Id: Root=1-634388fc-52f297a4752f3dbc0c3208d4
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrqbehuFnpG6tVkO7rWiqMPpEWOFFQkbFr6XLWaoaHb9hPdtflMxBRP8R1SMKxZcGQ4TdKw0LC2GDEnRKTRybLS7uU2UTv8BQK%2FsOD2junihdNaB39CG4WVc3J5g4F3NQm2R1NfqL2%2BSng%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
CF-RAY: 75bcd5ca1c589131-FRA
X-Amz-Cf-Id: rvXA24thaHxSpqk2GvZ1rqsT8zteUnwqoxq9IC6ItZ28L_PU082y7Q==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:44 GMT

GET
H/1.1 200
OK Draper-Regular.woff
gklqrdk.top/static/font/ 196 KB
48 KB 630ms
520ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gklqrdk.top/static/font/Draper-Regular.woff

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2c8a77e156a461231fd2bf1325c0570786794c2e5e6587bbc7ae50e59fc4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gklqrdk.top/
Origin: http://gklqrdk.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-amzn-Remapped-content-length: 200237
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-Cache-Status: BYPASS
X-Amz-Cf-Pop: FRA56-P2
x-amzn-Remapped-connection: close
x-amzn-RequestId: 24da3284-f8e0-4b01-9072-f8f9c2e39a4a
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Content-Encoding: gzip
Connection: keep-alive
x-amz-apigw-id: ZxJWoFPcywMFtOg=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
Server: cloudflare
ETag: W/"30e2d-AX2JcRZuTOZWtdVfVzW2udQt8xU"
X-Amzn-Trace-Id: Root=1-634388f7-6c72cf417763303e3de03358
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuFLs9CFIr5KvZnvkeXwlakvarFQ0ICh%2FmHNZMSBTJ9Juvsxb55jRgTGwy50FpUBkt0G4Es71a0jhShc2%2BAKjD%2B2BZ92lZENeCPiweyWcx%2FGfnPp2FGXq4mwHbAKKVoJSRZFx8YWMBhFFg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
CF-RAY: 75bcd5ca2a6c91f6-FRA
X-Amz-Cf-Id: qkDfbR-w5jB7QVqLEv4_OOBg-ERGDUvTmgoS41HhUbpwz-lc0JXSCA==
x-amzn-Remapped-date: Mon, 10 Oct 2022 02:52:39 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 271ms
271ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=gklqrdk.top&t=xo&v=5.0.335&source=payments_sdk&client_id=AeqikCV_U5NTDOvt47YwfOd5vBZ4yzju3PN6eUHf7tbQCZwyUwZQOQqnrfBYQ5RAewtkFGD23G41JdCh&comp=messages&vault=false

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MIL4IW4DkgLTtQFjCXjbH25Ju/F7J8h/nAHFm0QSLYhVWyf1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MIL4IW4DkgLTtQFjCXjbH25Ju/F7J8h/nAHFm0QSLYhVWyf1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 23:32:43 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: HIT, HIT
paypal-debug-id: f77881326894a
server-timing: "traceparent;desc="00-0000000000000000000f77881326894a-93b29dd9c7e617ff-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11563-HHN, cache-ams21073-AMS
traceparent: 00-0000000000000000000f77881326894a-37048017f6d0d3f1-01
x-timer: S1666049563.157566,VS0,VE256
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H2 200 fitconfig Show response
consumer.truefitcorp.com/ 3 KB
1 KB 260ms
115ms Script
application/javascript 35.201.106.219
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consumer.truefitcorp.com/fitconfig?callback=tfc.processConfiguration&storeId=myr&clientHandlesBrowserUnsupported=true

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.106.219 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

219.106.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ccbb9db2aa7abff25ff4039d2084ff1164c44e357e3b41ea21c8519a52e10c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-application-version: 2022.09 18
via: 1.1 google
vary: Accept-Encoding
p3p: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa CONo OUR OTRo BUS IND ONL UNI COM NAV INT DEM STA"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, private
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Oct 2022 23:42:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QYB18V4LW2&l=dataLayer&cx=c

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f70be8821adbc6cacc537555ff5f30491077fc321c24c25fffb8077df0549e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Oct 2022 23:32:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YKCTBDN9JH&l=dataLayer&cx=c

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17a5aa5fe64552a718dd2c5f5d357cf7c24fd6a84527a8c06dea7156edf90e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Oct 2022 23:32:43 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 180ms
42ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 18 Oct 2022 23:32:43 GMT

GET
H/1.1 200
OK ins.js Show response
myer.api.useinsider.com/ 294 KB
80 KB 71ms
39ms Script
application/javascript 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://myer.api.useinsider.com/ins.js?id=10004442

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

HTTP/1.1

Server

2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

245beb1a1bcefe40e50c1772a78701cdba0af5dd24cbb2aec3aa718c37021fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
x-amz-version-id: bCgZYth2Qeg6P6ROiMR9Mu3wLqip1VrN
CF-Cache-Status: HIT
x-amz-request-id: V339JP6JVREYGP47
Age: 1274
Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
x-amz-id-2: e+HEivpRE0MtL8+q/k3fK42/s+DONF5hTaqFMuQg8ptrbmfrstBrA0m+fSqE1AXfCR30k34vfEU=
X-XSS-Protection: 1
Pragma: public
Last-Modified: Sun, 16 Oct 2022 23:43:01 GMT
Server: cloudflare
ETag: W/"09023df656d8216fa185e0cd47945869"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
CF-RAY: 75bcd5ca9f136903-FRA
Expires: Mon, 17 Oct 2022 23:37:43 GMT

GET
H2 200 A3273760-9d72-41bb-acec-28b54c412d441.js Show response
utt.impactcdn.com/ 41 KB
13 KB 190ms
135ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A3273760-9d72-41bb-acec-28b54c412d441.js
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 28360d7651d6102187dbbbbba3f86ea0adecc81323d1067ce310631b70b9497d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvcAUaFpzzqT_iOp64DKlzAeqMOWAHsSkdvfzJUUEXMvVsGlP3qwf7miTC5hOkcBCRIstHvASgfLo1wX-EPVOhSWkHy5TY_
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13108
last-modified: Sun, 09 Oct 2022 23:13:54 GMT
server: UploadServer
etag: "ee43477a4a92b568cc39713dd2b5263a"
vary: Accept-Encoding
x-goog-generation: 1665357234828885
x-goog-hash: crc32c=BCq8TQ==, md5=7kNHekqStWjMOXE90rUmOg==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13108
accept-ranges: bytes
expires: Mon, 17 Oct 2022 23:37:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1006
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 01:15:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YKCTBDN9JH&gtm=2oeaa0&_p=1160476849&cid=909320936.1666049563&ul=en-us&sr=1600x1200&_s=1&sid=1666049563&sct=1&seg=0&dl=http%3A%2F%2Fgklqrdk.top%2F&dt=MYER%20%7C%20Shop%20Fashion%2C%20Homewares%2C%20Beauty%2C%20Toys%20%26%20More&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YKCTBDN9JH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gklqrdk.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 78ms
23ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-64941668-2&cid=909320936.1666049563&jid=610134581&gjid=751028199&_gid=1971010984.1666049563&_u=YCDAgEABAAAAAEgEK~&z=1041079149

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://gklqrdk.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Oct 2022 23:32:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://gklqrdk.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 62ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 62ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 worker-new.html Show response
myer.api.useinsider.com/ Frame A38C 10 KB
4 KB 77ms
33ms Document
text/html 2606:4700:7::a29f:853d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myer.api.useinsider.com/worker-new.html
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68

Request headers

Referer: http://gklqrdk.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 7055
cache-control: public, max-age=1382400
cf-cache-status: HIT
cf-ray: 75bcd5cbe8256983-FRA
content-encoding: br
content-type: text/html
date: Mon, 17 Oct 2022 23:32:43 GMT
expires: Wed, 02 Nov 2022 23:32:43 GMT
last-modified: Thu, 13 Oct 2022 04:00:00 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ts
t.paypal.com/ 42 B
746 B 230ms
181ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=MYER%20%7C%20Shop%20Fashion%2C%20Homewares%2C%20Beauty%2C%20Toys%20%26%20More&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1666049563463&g=0&completeurl=http%3A%2F%2Fgklqrdk.top%2F&ru=https%3A%2F%2Fgklqrdk.top%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD9) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CD9)
traceparent: 00-0000000000000000000fec52d4ce77c2-05361c15fae62915-01
content-type: image/gif
paypal-debug-id: fec52d4ce77c2
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=168
timing-allow-origin: *
content-length: 42
expires: Mon, 17 Oct 2022 23:32:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 12CC 15 KB
6 KB 105ms
25ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=gklqrdk.top&origin=onetag

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://gklqrdk.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 23:32:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 951823
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 fitrec-responsive.css
cdn.truefitcorp.com/store-myr/7.0.0-localized.5/resources/store/myr/css/ 110 KB
13 KB 35ms
33ms Stylesheet
text/css 35.244.136.187
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.truefitcorp.com/store-myr/7.0.0-localized.5/resources/store/myr/css/fitrec-responsive.css

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.136.187 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

187.136.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

76eda2e227b126fe460352b977e2ec6ea67069eda53d4cdc3f6ce37fd95feea4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: 'unsafe-eval' *.quantummetric.com www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: script-src 'self' blob: 'unsafe-eval' *.quantummetric.com www.google-analytics.com
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 07:46:31 GMT
content-encoding: gzip
via: 1.1 google
age: 56772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13401
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Aug 2022 17:37:06 GMT
server: nginx
etag: W/"62f68fc2-1b82d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600,public
timing-allow-origin: *

GET
H2 200 application.js Show response
cdn.truefitcorp.com/consumer-ux/7.0-localized-202209222024.15/resources/fitrec/js/ 165 KB
62 KB 15ms
14ms Script
application/javascript 35.244.136.187
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.truefitcorp.com/consumer-ux/7.0-localized-202209222024.15/resources/fitrec/js/application.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.136.187 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

187.136.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

80987cfbb922ba7793d28c6b1c981da543dc405b338108865c073576b7a9aa78

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: 'unsafe-eval' *.quantummetric.com www.google-analytics.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: script-src 'self' blob: 'unsafe-eval' *.quantummetric.com www.google-analytics.com
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 14:41:19 GMT
content-encoding: gzip
via: 1.1 google
age: 31884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63220
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Oct 2022 10:00:57 GMT
server: nginx
etag: W/"634d27d9-292a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
timing-allow-origin: *

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 12CC
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=gklqrdk.top&sn=ChromeSyncframe&so=0&topUrl=gklqrdk.top&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ajNuWXxNVjQ3NWw1bW9iM1EySkhNWCtTQ0NNN2dYbHpqRDdNTFVMT3pwenZxbkkwZ2krNjQ0ZmdaSkxad0F0eWszNFg1ZFJkT0ltWUdQVE5ycDJNcHpqem90WXFkbWw5UHp2Q2xjQjhMNWtqQU5oOXNVZVJyOWo5SXZVRV...

417 B
646 B

91ms
25ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ajNuWXxNVjQ3NWw1bW9iM1EySkhNWCtTQ0NNN2dYbHpqRDdNTFVMT3pwenZxbkkwZ2krNjQ0ZmdaSkxad0F0eWszNFg1ZFJkT0ltWUdQVE5ycDJNcHpqem90WXFkbWw5UHp2Q2xjQjhMNWtqQU5oOXNVZVJyOWo5SXZVRVQyVWpFWmFuWWxjanIvM3VwYmVSYktLY1crcjdDcHNnWnZsTmM5NTdKWGpleU95RC9KUUo2L0VzbGlkd1cwbytlSkR1WVpYNWFFSlE5RFdPemdlelZ1WkdDSXl6VHNZWUNRK3ZRUlkvdFkwVSsxbXlxNXlBV0g5eXk0VGxoTU90Q3VhU0Z3R0NLNGV0eUV3OTMvRTBQQ0FCTDI1SUR4Zz09fA&cppv=2

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

94992dc32308433b4817292e41930dd7df380c017f32ad5f4bd3541a9af9cdc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2215020
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ajNuWXxNVjQ3NWw1bW9iM1EySkhNWCtTQ0NNN2dYbHpqRDdNTFVMT3pwenZxbkkwZ2krNjQ0ZmdaSkxad0F0eWszNFg1ZFJkT0ltWUdQVE5ycDJNcHpqem90WXFkbWw5UHp2Q2xjQjhMNWtqQU5oOXNVZVJyOWo5SXZVRVQyVWpFWmFuWWxjanIvM3VwYmVSYktLY1crcjdDcHNnWnZsTmM5NTdKWGpleU95RC9KUUo2L0VzbGlkd1cwbytlSkR1WVpYNWFFSlE5RFdPemdlelZ1WkdDSXl6VHNZWUNRK3ZRUlkvdFkwVSsxbXlxNXlBV0g5eXk0VGxoTU90Q3VhU0Z3R0NLNGV0eUV3OTMvRTBQQ0FCTDI1SUR4Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 626994
content-length: 0
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=64955&v=5.12.1&p0=e%3Dce%26m%3D%255B0%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0l...
https://widget.as.criteo.com/event?a=64955&v=5.12.1&p0=e%3Dce%26m%3D%255B0%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0l...

8 KB
4 KB

836ms
255ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=64955&v=5.12.1&p0=e%3Dce%26m%3D%255B0%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0lWQUlrMWtjc0RhUTNoQWt3R1VXamhsV0Z3VWtpdjJTaW9JMm1RejE0JTJGT2c3b3pRR3k3U2pwWURNTmh6V3hLT3JvaTQybjlQaXJwVU5ZeUVtNVlDbVBBa3pIWnN5NkduQWNDSlplZSUyQlMzZ05zM3JhRFJRJTNEJTNE&tld=gklqrdk.top&fu=http%253A%252F%252Fgklqrdk.top%252F&dtycbr=75988

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

6b503a66ee314296845992ed42711128a55c50f34684585e229e610d0cbd60c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10457836
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.as.criteo.com/event?a=64955&v=5.12.1&p0=e%3Dce%26m%3D%255B0%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0lWQUlrMWtjc0RhUTNoQWt3R1VXamhsV0Z3VWtpdjJTaW9JMm1RejE0JTJGT2c3b3pRR3k3U2pwWURNTmh6V3hLT3JvaTQybjlQaXJwVU5ZeUVtNVlDbVBBa3pIWnN5NkduQWNDSlplZSUyQlMzZ05zM3JhRFJRJTNEJTNE&tld=gklqrdk.top&fu=http%253A%252F%252Fgklqrdk.top%252F&dtycbr=75988
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4552516
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Oct 2022 00:18:42 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1160476849&t=event&ni=1&_s=1&dl=http%3A%2F%2Fgklqrdk.top%2F&dp=%2F&ul=en-us&de=UTF-8&dt=MYER%20%7C%20Shop%20Fashion%2C%20Homewares%2C%20Beauty%2C%20Toys%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Promo&el=Promo%20View&_u=aCDAgEALAAAAAEgMK~&jid=&gjid=&cid=909320936.1666049563&tid=UA-64941668-2&_gid=1971010984.1666049563&gtm=2wgaa059WHG4X&cd10=null&cd11=null&cd27=&cd37=Helium&cd59=1&cd65=http%3A%2F%2Fgklqrdk.top%2F&cd71=1666049563856&cd96=not%20set&cd97=not%20set&cd98=not%20set&cd99=gtm.elementVisibility%20%7C%20GTM-59WHG4X%20%7C%20157&cd103=909320936.1666049563&cd62=http%3A%2F%2Fgklqrdk.top%2Fc%2Foffers%3Fpromo_position%3DHomepage%257C1%257C0%257Ctile-full-width%26promo_id%3D2dd4c240-fd92-4d4c-a1c4-795658e3c072%26promo_creative%3D_FULLWIDTH_B_LARGE.png%26promo_name%3D2022-10-13%257CSUPER%2520WEEKEND%257CSitewide%2520promo&promo1id=2dd4c240-fd92-4d4c-a1c4-795658e3c072&promo1nm=2022-10-13%7CSUPER%20WEEKEND%7CSitewide%20promo&promo1cr=_FULLWIDTH_B_LARGE.png&promo1ps=Homepage%7C1%7C0%7Ctile-full-width&z=1984766787

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1160476849&t=event&ni=1&_s=1&dl=http%3A%2F%2Fgklqrdk.top%2F&dp=%2F&ul=en-us&de=UTF-8&dt=MYER%20%7C%20Shop%20Fashion%2C%20Homewares%2C%20Beauty%2C%20Toys%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Promo&el=Promo%20View&_u=aCDAgEALAAAAAEgMK~&jid=&gjid=&cid=909320936.1666049563&tid=UA-64941668-2&_gid=1971010984.1666049563&gtm=2wgaa059WHG4X&cd10=null&cd11=null&cd27=&cd37=Helium&cd59=1&cd65=http%3A%2F%2Fgklqrdk.top%2F&cd71=1666049563862&cd96=not%20set&cd97=not%20set&cd98=not%20set&cd99=gtm.elementVisibility%20%7C%20GTM-59WHG4X%20%7C%20157&cd103=909320936.1666049563&cd62=http%3A%2F%2Fgklqrdk.top%2Fc%2Foffers%2Fsale-beauty%3Fpromo_position%3DHomepage%257C2%257C0%257Ctile-full-width%26promo_id%3Dbabeac76-0913-4996-a95f-12193c9196fd%26promo_creative%3D_FULLWIDTH_C_LARGE.png%26promo_name%3D2022-10-14%257CSUPER%2520WEEKEND%257CSitewide%2520promo&promo1id=babeac76-0913-4996-a95f-12193c9196fd&promo1nm=2022-10-14%7CSUPER%20WEEKEND%7CSitewide%20promo&promo1cr=_FULLWIDTH_C_LARGE.png&promo1ps=Homepage%7C2%7C0%7Ctile-full-width&z=1312729179

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40397
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40398
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40398
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 12:19:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40398
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK update.min.js Show response
browser-update.org/ 9 KB
5 KB 54ms
26ms Script
application/javascript 2606:4700:20::ac43:459c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://browser-update.org/update.min.js
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d26be2894a5adf7bcc50a8b20088ccadf5c78c495f3a197a94009f5b90aa3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 544061
Transfer-Encoding: chunked
Content-Disposition: inline; filename=update.min.js
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 16:24:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKIUq90qrOZMpucFCcNzmLyhIVVVWnrhAnvgQkKEjcbp6WqfK89xVPhXqQngTFjuIcxsILiOxoSHe%2B2ogrbgRMbSALwK7oPxfAHk5Fo7R0LtCFnXsgeXWWa3hbSs6c8Kim1T66lslmTii7CphFjuKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
CF-RAY: 75bcd5d04a7f9277-FRA
Expires: Wed, 12 Oct 2022 16:25:02 GMT

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 145ms
13ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 17 Oct 2022 23:32:44 GMT
x-amz-request-id: 8M29MCVMVTG516WX
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: ygIYOE9YHNOlJq174gAVN2uYS42AvfWsyv+o5Br2Pt7L4b6gEgyHBpbz1W+EXviE4fwYm3WVEtQ=
x-served-by: cache-ams21043-AMS
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1666049565.846522,VS0,VE0
etag: "7e1862f7a390ed9fc02c299216395547"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 223

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 1B78
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30

43 B
495 B

21ms
21ms

Image
image/gif

3.127.179.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30
Protocol: HTTP/1.1
Server: 3.127.179.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-179-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--8XUXMY-KubeWlaY-e5M-kPc0ZJYR-Jm39sk7w&expires=30
Date: Mon, 17 Oct 2022 23:32:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1B78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_cm&google_hm=ay1seU5aMjhZLUt1YmVXbGFZLWU1TS1rUGMwWktud2FDd...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_cm=&google_hm=ay1seU5aMjhZLUt1YmVXbGFZLWU1TS1rUGMwWktud2F...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_gid=CAESEECZUJRjdLOsWKyqGfAQQbw&google_cver=1&google_ula=913071,0

43 B
371 B

128ms
24ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_gid=CAESEECZUJRjdLOsWKyqGfAQQbw&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1467413
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lyNZ28Y-KubeWlaY-e5M-kPc0ZKnwaCtGYRA8A&google_gid=CAESEECZUJRjdLOsWKyqGfAQQbw&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1B78
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4795913389680403041

43 B
370 B

224ms
24ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4795913389680403041

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1796946
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 23:32:44 GMT
AN-X-Request-Uuid: 892a485c-fbe1-4ccf-b05d-1b1f7c9ea266
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4795913389680403041
Connection: keep-alive
X-Proxy-Origin: 212.7.210.170; 212.7.210.170; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 1B78
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gjx5gcY-KubeWlaY-e5M-kPc0ZLQBeRROH3-mg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gjx5gcY-KubeWlaY-e5M-kPc0ZLQBeRROH3-mg&C=1

43 B
766 B

20ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gjx5gcY-KubeWlaY-e5M-kPc0ZLQBeRROH3-mg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 23:32:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 23:32:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-gjx5gcY-KubeWlaY-e5M-kPc0ZLQBeRROH3-mg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 1B78
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-3j-pLMY-KubeWlaY-e5M-kPc0ZL-PwQlC-gisg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-3j-pLMY-KubeWlaY-e5M-kPc0ZL-PwQlC-gisg

43 B
446 B

38ms
38ms

Image
image/gif

52.19.67.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-3j-pLMY-KubeWlaY-e5M-kPc0ZL-PwQlC-gisg
Protocol: H2
Server: 52.19.67.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-67-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 23:32:44 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-3j-pLMY-KubeWlaY-e5M-kPc0ZL-PwQlC-gisg
date: Mon, 17 Oct 2022 23:32:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 1B78 45 B
785 B 158ms
33ms Image
image/gif 104.79.88.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-p5moQsY-KubeWlaY-e5M-kPc0ZLkDzNJ9J8U-g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-129.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 23:32:44 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 17 Oct 2022 23:32:44 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 1B78 0
880 B 146ms
21ms Image
text/html 3.120.54.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ejfdfsY-KubeWlaY-e5M-kPc0ZK3d7UXaEBvUg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.54.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-54-154.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:44 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1B78 0
145 B 399ms
86ms Image
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-BuSm38Y-KubeWlaY-e5M-kPc0ZKh_EYcJc15ZQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:45 GMT
Cache-Control: no-cache
X-TraceId: df0693b7fa5758d1009fd6fd617a4d6b
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1B78 0
225 B 144ms
19ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-xKDarsY-KubeWlaY-e5M-kPc0ZLVb6CNH92lbQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 17 Oct 2022 23:32:44 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1B78 0
239 B 115ms
21ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Apyl-8Y-KubeWlaY-e5M-kPc0ZJFndCFx-uojA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 1B78 0
35 B 109ms
21ms Image
text/plain 18.156.148.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-4ilFdcY-KubeWlaY-e5M-kPc0ZJoXvxDhrzclg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.148.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-148-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:44 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1B78 43 B
163 B 109ms
23ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-vOf2iMY-KubeWlaY-e5M-kPc0ZKtyCDcFvEZtA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:44 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1B78 0
99 B 83ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-GwchPcY-KubeWlaY-e5M-kPc0ZJPdlo_FXt30Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:44 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12574

GET
H2 200 um
criteo-sync.teads.tv/ Frame 1B78 23 B
172 B 127ms
46ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-UXLoRcY-KubeWlaY-e5M-kPc0ZJap1OMMkHNwA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 17 Oct 2022 23:32:45 GMT
pragma: no-cache
date: Mon, 17 Oct 2022 23:32:45 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 1B78 37 B
140 B 64ms
22ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-H69IEcY-KubeWlaY-e5M-kPc0ZIA7WBcnHV2gA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 1B78
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_g1WHsY-KubeWlaY-e5M-kPc0ZJjLZVKI3COTw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_g1WHsY-KubeWlaY-e5M-kPc0ZJjLZVKI3COTw&verify=true

0
291 B

22ms
22ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_g1WHsY-KubeWlaY-e5M-kPc0ZJjLZVKI3COTw&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_g1WHsY-KubeWlaY-e5M-kPc0ZJjLZVKI3COTw&verify=true
date: Mon, 17 Oct 2022 23:32:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 1
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 1B78 43 B
163 B 120ms
26ms Image
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-mEMpjcY-KubeWlaY-e5M-kPc0ZJi_2TJuK3Eyg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:45 GMT
last-modified: Thu, 11 Apr 2019 06:08:57 GMT
server: nginx
accept-ranges: bytes
etag: "5caed9f9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 1B78 49 B
235 B 82ms
27ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-IldSt8Y-KubeWlaY-e5M-kPc0ZK0q0FvhuceHQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:44 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1B78
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yZ3ot-odwcYYZoa5fLbkr7fK85R9hJ-x
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yZ3ot-odwcYYZoa5fLbkr7fK85R9hJ-x

42 B
942 B

32ms
31ms

Image
image/gif

34.251.246.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yZ3ot-odwcYYZoa5fLbkr7fK85R9hJ-x

Protocol

HTTP/1.1

Server

34.251.246.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-246-199.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0b431e8b6.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CpYT3ELESN8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v044-063b50a55.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: LyqEpftTQ2k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yZ3ot-odwcYYZoa5fLbkr7fK85R9hJ-x
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sync
matching.ivitrack.com/ Frame 1B78 42 B
274 B 70ms
19ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-eRNHPcY-KubeWlaY-e5M-kPc0ZL_kakUBgg5ug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:32:44 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 1B78 43 B
183 B 579ms
108ms Image
image/gif 2600:1f18:612b:4200:fb3f:3cdb:fc4c:7c72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-M2hQr8Y-KubeWlaY-e5M-kPc0ZIIyYl_0BwhYA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:fb3f:3cdb:fc4c:7c72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 17 Oct 2022 23:32:45 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 1B78 43 B
153 B 119ms
37ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-g_KiSsY-KubeWlaY-e5M-kPc0ZL5-u7YpTjydA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 23:32:45 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 1B78 0
360 B 108ms
29ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Jotjy8Y-KubeWlaY-e5M-kPc0ZJIaa9jfNqKOg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 23:32:45 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 16 Oct 2022 23:32:45 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 1B78 43 B
220 B 134ms
29ms Image
image/gif 54.155.44.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-jemfMsY-KubeWlaY-e5M-kPc0ZL4CQyb8T8JPQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.44.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-44-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 17 Oct 2022 23:32:45 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
2 KB 324ms
324ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: gklqrdk.top
URL: http://gklqrdk.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f04025e03c16d65679cb3f1bb6dcf2ef3ffe004a7e96a3830aaa71fe80156ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://gklqrdk.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: application/json

Response headers

date: Mon, 17 Oct 2022 23:32:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f3789180c385c
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11536-HHN, cache-ams21021-AMS
traceparent: 00-0000000000000000000f3789180c385c-66971e5ebe8d21be-01
x-timer: S1666049565.997513,VS0,VE181
etag: W/W/"3f8-6ccsG/B15L81GqC2S8ZWTk5Hm9M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://gklqrdk.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 229ms
202ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://gklqrdk.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://gklqrdk.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 17 Oct 2022 23:32:44 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f3789188599a5
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3789188599a5-40a866bfbbda7e55-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn4053-HHN, cache-ams21021-AMS
x-timer: S1666049565.798440,VS0,VE185

GET
H/1.1 200
OK NRJS-5508701234590cda55c Show response
bam.nr-data.net/1/ 49 B
620 B 306ms
256ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-5508701234590cda55c?a=594331646&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3117&ck=1&ref=http://gklqrdk.top/&be=486&fe=2957&dc=2421&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1666049561754,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:145,%22c%22:145,%22ce%22:165,%22rq%22:165,%22rp%22:392,%22rpe%22:934,%22dl%22:395,%22di%22:1414,%22ds%22:2420,%22de%22:2430,%22dc%22:2957,%22l%22:2957,%22le%22:2967%7D,%22navigation%22:%7B%7D%7D&fp=1404&fcp=1404&jsonp=NREUM.setToken
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://gklqrdk.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 23:32:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 75bcd5d5e8ddbbaf-FRA

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1B78
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=q0jEX0anDbvpFGa99DsAytceXcYh-1Wk

0
338 B

116ms
30ms

Image
text/plain

54.216.245.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=q0jEX0anDbvpFGa99DsAytceXcYh-1Wk
Protocol: H2
Server: 54.216.245.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-245-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Mon, 17 Oct 2022 23:32:45 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1666049565
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=q0jEX0anDbvpFGa99DsAytceXcYh-1Wk
date: Mon, 17 Oct 2022 23:32:44 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1338767
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 1B78
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dO4G-KzAmcjZg6NhEELYK0hK4PbywUwZ

35 B
268 B

364ms
113ms

Image
image/gif

3.143.128.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dO4G-KzAmcjZg6NhEELYK0hK4PbywUwZ
Protocol: H2
Server: 3.143.128.248 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-128-248.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 23:32:45 GMT
x-bt-requestid: 00c49710-4e74-11ed-9f8c-0000ac170131
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=dO4G-KzAmcjZg6NhEELYK0hK4PbywUwZ
date: Mon, 17 Oct 2022 23:32:44 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1307616
content-length: 0

POST
H/1.1 200
OK NRJS-5508701234590cda55c Show response
bam.nr-data.net/events/1/ 24 B
398 B 253ms
253ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-5508701234590cda55c?a=594331646&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3616&ck=1&ref=http://gklqrdk.top/
Requested by: Host: gklqrdk.top
URL: http://gklqrdk.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: http://gklqrdk.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 17 Oct 2022 23:32:45 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://gklqrdk.top
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 75bcd5d79bc6bbaf-FRA
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.truefitcorp.com/	1969-12-31 23:59:59	Name: prod1-tf-prod-86479863pn Value: 04
.gklqrdk.top/	1970-01-20 08:57:05	Name: _gcl_au Value: 1.1.2069398920.1666049563
.gklqrdk.top/	1970-01-20 16:23:29	Name: _ga_YKCTBDN9JH Value: GS1.1.1666049563.1.0.1666049563.0.0.0
.gklqrdk.top/	1970-01-20 16:23:29	Name: _ga Value: GA1.2.909320936.1666049563
.gklqrdk.top/	1970-01-20 06:48:55	Name: _gid Value: GA1.2.1971010984.1666049563
.gklqrdk.top/	1970-01-20 06:47:29	Name: _dc_gtm_UA-64941668-2 Value: 1
.useinsider.com/	1970-01-20 06:47:31	Name: __cf_bm Value: aWx6YN0VyMyQpvvsqxKVWIoBBtl0tJeK4Nn.4Gadx40-1666049563-0-ATBIhftuyPEzqB0Nzo21ULtn9d/H/DACANfKFEU2IiKjPKWCmY1Nbhu9MZ6fc9Q2WZKt7iA1WthGOuRTtOzsHi4=
.criteo.com/	1970-01-20 16:09:05	Name: uid Value: fc97c79e-97eb-484a-a5d5-5a2397f392ac
.paypal.com/	1970-01-20 16:23:29	Name: ts Value: vreXpYrS%3D1760743963%26vteXpYrS%3D1666051363%26vr%3De84adbcc1830a89eb645062fffffffff%26vt%3De84adbcc1830a89eb645062ffffffffe
.paypal.com/	1970-01-20 16:23:29	Name: ts_c Value: vr%3De84adbcc1830a89eb645062fffffffff%26vt%3De84adbcc1830a89eb645062ffffffffe
.gklqrdk.top/	1970-01-20 16:16:53	Name: cto_bundle Value: AsQF5l9iZjdiMlpUMGJlZElDeGs5bnNBeE1uTjVtRmlsSERCR29UT0lWQUlrMWtjc0RhUTNoQWt3R1VXamhsV0Z3VWtpdjJTaW9JMm1RejE0JTJGT2c3b3pRR3k3U2pwWURNTmh6V3hLT3JvaTQybjlQaXJwVU5ZeUVtNVlDbVBBa3pIWnN5NkduQWNDSlplZSUyQlMzZ05zM3JhRFJRJTNEJTNE
.adnxs.com/	1970-01-20 08:57:05	Name: uuid2 Value: 4795913389680403041
.casalemedia.com/	1970-01-20 15:33:05	Name: CMID Value: Y03mHFP4gQFzlAqnqNfVMwAA
.casalemedia.com/	1970-01-20 08:57:05	Name: CMPS Value: 5272
.casalemedia.com/	1970-01-20 08:57:05	Name: CMPRO Value: 5272
exchange.mediavine.com/	1970-01-20 07:07:39	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22006befc0-4e74-11ed-9e92-5d73d13469d0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:07:39	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22006befc0-4e74-11ed-9e92-5d73d13469d0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:07:39	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22006befc0-4e74-11ed-9e92-5d73d13469d0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:07:39	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22006befc0-4e74-11ed-9e92-5d73d13469d0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:07:39	Name: criteo Value: %7B%22id%22%3A%22k-ejfdfsY-KubeWlaY-e5M-kPc0ZK3d7UXaEBvUg%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 08:57:05	Name: tuuid Value: 6f3a993d-b0dd-4073-a704-3c9859f51cd8
.360yield.com/	1970-01-20 08:57:05	Name: tuuid_lu Value: 1666049564
.media.net/	1970-01-20 15:33:05	Name: visitor-id Value: 3090511648247403000V10
.media.net/	1970-01-20 07:30:41	Name: data-c-ts Value: 1666049564
.media.net/	1970-01-20 07:30:41	Name: data-c Value: k-p5moQsY-KubeWlaY-e5M-kPc0ZLkDzNJ9J8U-g~~3
.bidswitch.net/	1970-01-20 15:33:05	Name: tuuid Value: 5e10cd25-9bb9-4766-9d1b-002d1bda2f6f
.bidswitch.net/	1970-01-20 15:33:05	Name: c Value: 1666049564
.bidswitch.net/	1970-01-20 15:33:05	Name: tuuid_lu Value: 1666049564
.360yield.com/	1970-01-20 08:57:05	Name: um Value: !38,IdsZUZmYilaW3tufu8pJUwYN0ja4u0v7TtI-JsNtiLPFEb42pDvuKs.bNkGAaGcEa70wDag2,1673825564
.360yield.com/	1970-01-20 08:57:05	Name: umeh Value: !38,0,1728257564,-1
.demdex.net/	1970-01-20 11:06:41	Name: demdex Value: 75167095324984127202104824755611715285
.dpm.demdex.net/	1970-01-20 11:06:41	Name: dpm Value: 75167095324984127202104824755611715285
.doubleclick.net/	1970-01-20 16:09:05	Name: IDE Value: AHWqTUlXrwsnWEI1Uu3JhAI0TiIxkiII1jPcDxcvFit53Nng-kfbadu_riqsUXl8MbU
.yahoo.com/	1970-01-20 15:33:27	Name: A3 Value: d=AQABBBzmTWMCEGuWtInyaE8fpQjidjDbb_YFEgEBAQE3T2NXYwAAAAAA_eMAAA&S=AQAAAi9jP2TBGTi7yaIrTH-F-68
.analytics.yahoo.com/	1970-01-20 15:33:05	Name: IDSYNC Value: 18zh~27rz
.krxd.net/	1970-01-20 11:06:41	Name: _kuid_ Value: PJOsxeWT
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: b12ca432949909db

120 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/(Line 1127) Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Elcon-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Bold.woff2
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Draper-Regular.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://gklqrdk.top/ Message: Failed to decode downloaded font: http://gklqrdk.top/static/font/Sidney-Bold.woff
other	warning	URL: http://gklqrdk.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7322496.collect.igodigital.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
apps.bazaarvoice.com
bam.nr-data.net
beacon.krxd.net
browser-update.org
cdn.attraqt.io
cdn.dynamicyield.com
cdn.truefitcorp.com
cm.adform.net
cm.g.doubleclick.net
consumer.truefitcorp.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
gklqrdk.top
gum.criteo.com
ib.adnxs.com
js-agent.newrelic.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
myer.api.useinsider.com
myr-cdn.truefitcorp.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.paypal.com
ups.analytics.yahoo.com
utt.impactcdn.com
visitor.omnitagjs.com
widget.as.criteo.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
www.paypal.com
x.bidswitch.net
104.79.88.129
141.226.228.48
142.250.186.162
151.101.1.21
151.101.2.137
162.247.241.14
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.156.148.146
18.66.147.122
182.161.74.16
185.255.84.152
185.64.190.80
185.80.39.216
185.86.137.132
185.89.211.84
192.229.221.25
2001:4860:4802:34::36
23.35.237.56
2600:1f18:612b:4200:fb3f:3cdb:fc4c:7c72
2600:9000:2057:8400:a:b89d:a6c0:93a1
2600:9000:214f:9c00:d:274d:a6c0:93a1
2606:4700:20::ac43:459c
2606:4700:7::a29f:853d
2a00:1450:4001:806::200e
2a00:1450:4001:809::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c03::9c
2a02:2638::1c
2a02:2638::3
2a06:98c1:3121::3
3.120.54.154
3.127.179.193
3.143.128.248
34.117.157.22
34.251.246.199
35.186.249.72
35.201.106.219
35.227.238.241
35.244.136.187
37.157.6.241
52.19.67.137
52.44.154.155
54.155.44.87
54.216.245.122
64.202.112.31
69.173.144.138
76.223.111.18
85.215.5.31
96.16.132.239
04275c8f2d198d2e5b424039974ba178c8f2bd80e45fbbe140a2eea55a82b515
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0599d637dd227e546a959bec7957580850e96ed713051331a45a30e6beb76954
084b66d6edc1dade5cc0dfd534b5339f4ac5df7d302ae2282fff1faf77574d7c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e38afecabd1ea08614689e486a5aef1acbef7be80ee22e65393ae144555ad2c
0ed62795877271d245f7a3c4fe7062b2c2af298f67cf1672383a2ab52adfdf18
15593d00d683ebdca6a7e6970e9301f30bb710aa12947b77e66119fbcda5121f
17a5aa5fe64552a718dd2c5f5d357cf7c24fd6a84527a8c06dea7156edf90e91
245beb1a1bcefe40e50c1772a78701cdba0af5dd24cbb2aec3aa718c37021fa1
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
28360d7651d6102187dbbbbba3f86ea0adecc81323d1067ce310631b70b9497d
2ebaeadf18af2d0b45e01c9b87d7ec50133a7d119c904f784aaa999694e57a2e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336fc2acdc96e6bf08e013776ccb87978fb5f996f5c38801e37772d50868ab07
3474cc77c66ff21db6f79c65ab5117ca983c8ad043e0e714187485c2e3324dd7
3f2c8a77e156a461231fd2bf1325c0570786794c2e5e6587bbc7ae50e59fc4a4
3f63b87834a16280d524af8639eab7fe11e9d945defa1c960ac9a9b97bdf7705
444105300ed33afd3137d50f5591335f82690344b708f3388189fccfd64c3270
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
4658cc241c516aa366c454f2f34c739b948b1176fd1b7801dd512f470b265211
46d6908c4a5a03228c5172af09a92b99a03501071bbaf87898d0117095f6dc26
470ceec21e89996a5b1cbd642c158c23d4a296d5b9b5f9bdb5da3ba0a3bb2d28
4772ae521a915bae94a004d005cdbfffe5b3bcd04011d1f70d2db6fcaf62d6fe
4c459c15503f63de8e744adebffa89007d547490e103265c8133fac05bbe4c97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d26be2894a5adf7bcc50a8b20088ccadf5c78c495f3a197a94009f5b90aa3b
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
6b503a66ee314296845992ed42711128a55c50f34684585e229e610d0cbd60c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70d14eef971fe22bc95e984724c991e7a9c15aca71ee67a6f91703cabdbadf68
76eda2e227b126fe460352b977e2ec6ea67069eda53d4cdc3f6ce37fd95feea4
80987cfbb922ba7793d28c6b1c981da543dc405b338108865c073576b7a9aa78
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
94992dc32308433b4817292e41930dd7df380c017f32ad5f4bd3541a9af9cdc2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5d0e3407dcfe2167166740ff2d319eb130e6cec1808cb6a2ec973de9184f6d6
a956f1e33446f77a7de2211c937c9e952747370ada80eed7309b2e68363be8e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c9238c827086f9a3b4b49c1bea12c0a013ac50b1b08a584ad55905360e94e7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6421f58f1ba1576637ebae2b8e45bb5ef8e518c359851b5ffff50d3e155b988
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
caca0d70f30ff90574c9a305d825353901dbd26a007b346e79ae85130d333f75
ccbb9db2aa7abff25ff4039d2084ff1164c44e357e3b41ea21c8519a52e10c65
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e345bb0ee944a3d4c118abef070909ef2cab11c0e291bd3008b83dd803ecf7cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd4d29861eb13b0c28d52db636e3c3f964aa6c53aed17bee0565cc04a2dd74d
eda41435b4c8e4475226c6c644bb726c5c1675a39507c77d54b64d3ac662d67f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04025e03c16d65679cb3f1bb6dcf2ef3ffe004a7e96a3830aaa71fe80156ce7
f13e299a388cf694ace40210f1a32fd3b08ba21206a695af5eb0f56a9a6909b5
f2867b33b5715cd246c8bc7e5cfcf846f76c85788350b3622e63b086f4dff6ef
f37f40397fd64e7d8a67d8a7e261ae846a8e96b1db9336e26f23ef2fa3a11402
f70be8821adbc6cacc537555ff5f30491077fc321c24c25fffb8077df0549e04
fc35e66fd297adc06c1d960a109695c6552f11852484eba60127682c0887272b
fc5305442838ef4bbddc0a6582e88a5d31b15d7145a5b7cc04dba153a449f75c

gklqrdk.top Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

59 %HTTPS

25 %IPv6

44 Domains

53 Subdomains

49 IPs

10 Countries

3125 kBTransfer

9168 kBSize

37 Cookies

9 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gklqrdk.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

59 %
HTTPS

25 %
IPv6

44
Domains

53
Subdomains

49
IPs

10
Countries

3125 kB
Transfer

9168 kB
Size

37
Cookies

99 HTTP transactions
0 data transactions