omgwowsurvey.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response omgwowsurvey.com/ALchatstrpgreat/	4 KB 2 KB	107ms 39ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53306554a22543288ebaec0aeaac661c6d58608b1ec4aa435fc2a666c6ec78f2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82d95e17e85cb7f1-AMS content-encoding br content-type text/html date Wed, 29 Nov 2023 08:09:16 GMT last-modified Mon, 27 Nov 2023 12:36:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlD6dkILLmGqV0BT41RlVpJIMH5GzRXSt3XSB8MKjXdu4tmgW4v%2FiAplThsAz79KRVluP%2BcBAvj60h%2Bmiq8rWPUI7C7LiVk7p%2FSZfyq8h1Xxmhq%2F3D49dmkfqVUnlYWu0MY5Ap5pvST7DA%2B72H9X"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	main.css omgwowsurvey.com/ALchatstrpgreat/assets/	6 KB 2 KB	35ms 34ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://omgwowsurvey.com/ALchatstrpgreat/assets/main.css Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0862a045a1840515c64139e3178dc97a3d9ddf6f2a22b740bd48a1a336ee72ef Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:16 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Nov 2023 12:36:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4045 etag W/"65648d69-177d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oLrJavx5KYQ8rx9R2er97sRIlivbyNpRtvVhnlnJWPegugSVClY95vjIMazkWG82Uk3mKBJNdDje5iAbUdIv2aWmhORwGsKRBpmrRCmyhZCjYdmelKLYyBefT9NtAI73FeRJg0cFLdB80xRrM1E"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82d95e183882b7f1-AMS alt-svc h3=":443"; ma=86400
GET H2	200	jq.js Show response omgwowsurvey.com/ALchatstrpgreat/assets/	85 KB 31 KB	38ms 37ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://omgwowsurvey.com/ALchatstrpgreat/assets/jq.js Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:16 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Nov 2023 12:36:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4045 etag W/"65648d69-1538e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPfdAZxJwpi%2BwKzpPWGrRZ89%2BH%2Fgni7JxPVxlajOYRBZ3TM6tfavpjvfArtwYYNtDyTKDZUfvGYP3M1ZlfHb5TukTvp9FmolQ8y3AoNoNLLZwgrcMEyuAT4fgWaex7Nnb6wFIzlW1veInmqh1Zo1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82d95e183885b7f1-AMS alt-svc h3=":443"; ma=86400
GET H2	200	main.js Show response omgwowsurvey.com/ALchatstrpgreat/assets/	6 KB 2 KB	34ms 33ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://omgwowsurvey.com/ALchatstrpgreat/assets/main.js Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b73a00f65c9f0d2885885e9e22b9365a64cf00a0cec4a603c18f5764f08e5687 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:16 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Nov 2023 12:36:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4045 etag W/"65648d69-18b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGlrMInypt6%2FJ3kbVnrTB7QNg%2Fqsk7%2BmHKjmXgIRmxYnLD7A0sVRSCOAwv5Cf0MFXhDId6OexQsA9BwzaPlSLnSbpj1%2BlhedhJAPnxWNxpkgJRJd730cn8SxX50FHetLSd0OW5qIS7FyiZw7hoLp"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82d95e184894b7f1-AMS alt-svc h3=":443"; ma=86400
GET H2	200	translates.js Show response omgwowsurvey.com/ALchatstrpgreat/assets/	24 KB 9 KB	44ms 43ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://omgwowsurvey.com/ALchatstrpgreat/assets/translates.js Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e545d422dc69c2ea8cd13da867f03b1adb6856e2c3b6fe85530c597f42f1831b Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:16 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Nov 2023 12:36:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6687 etag W/"65648d69-6186" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrqIiwjOLSi7COO%2Bad%2FhG4DVum70arrFMZHGKqioD66S%2BGo2ZUCQ6k53ddGZj8TP%2FxX5CkhKkUZytzgZJ%2BndeuT%2B%2FVzbNw08tGetrFCTN9rYaAXqyla6XZhNg%2BXn4XBCKY%2BeVC5SZWjZaBiX%2FXAJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82d95e184896b7f1-AMS alt-svc h3=":443"; ma=86400
GET H2	200	logo1.png omgwowsurvey.com/ALchatstrpgreat/assets/	11 KB 11 KB	33ms 33ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://omgwowsurvey.com/ALchatstrpgreat/assets/logo1.png Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6b60a4a3b10d20b71c8f82ff02841c394e3f75ab3c9096d81b46763f47c88bf Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:16 GMT cf-cache-status HIT last-modified Mon, 27 Nov 2023 12:36:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4045 etag "65648d69-2ad2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWEVw27fgHtI25tbUuBo83NHSEV47oEEV8nJxkHLSRTGA59OIaWFHntKGfLmDTFQDc2%2BczZHGljSBfmpySVcEMbXZl87ioHiHvABw9E4fdmBdMOb1HWn%2BGpGrI7yqtwHD8QyibUMHjR1IsjcHMtk"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82d95e183883b7f1-AMS alt-svc h3=":443"; ma=86400 content-length 10962
GET H2	206	4.mp4 4.groovinews.com/surv-vid/	4 MB 0	120ms 49ms	Media video/mp4	45.133.44.21 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://4.groovinews.com/surv-vid/4.mp4 Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash Request headers Referer https://omgwowsurvey.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers x-proxy-cache HIT date Wed, 29 Nov 2023 08:09:16 GMT x-openstack-request-id tx7fd3dc745ce2451a930b5-0065167b89 Content-Range bytes 0-5767609/5767610 x-trans-id tx7fd3dc745ce2451a930b5-0065167b89 Content-Length 5767610 last-modified Wed, 25 Jan 2023 11:43:24 GMT server nginx/1.24.0 etag 14fb9c087cd1156364245448df79f517 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type video/mp4 access-control-allow-origin * x-timestamp 1674647003.82397 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization expires Fri, 01 Dec 2023 08:09:16 GMT
GET H2	200	css2 fonts.googleapis.com/	3 KB 924 B	118ms 42ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/assets/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 08:09:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 06:29:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 08:09:16 GMT
GET H2	200	lib.js Show response buqkrzbrucz.com/pn21ywqw/z/sc/scssx/1998647/	27 KB 11 KB	89ms 29ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://buqkrzbrucz.com/pn21ywqw/z/sc/scssx/1998647/lib.js?var=null&prpsrc=null Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/assets/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 42f147dc24419adc13bfb5e690dcca04aa47e1397925d4e5401761a73162919c Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:17 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id script timing-allow-origin *
GET H2	200	tag.min.js Show response forlumineoner.com/pfe/current/	13 KB 6 KB	344ms 25ms	Script application/javascript	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1998647&var=null|||null Requested by Host: buqkrzbrucz.com URL: https://buqkrzbrucz.com/pn21ywqw/z/sc/scssx/1998647/lib.js?var=null&prpsrc=null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 08:09:17 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 21:23:29 GMT server nginx etag W/"65665a51-33f4" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H2	200	zone Show response forlumineoner.com/	865 B 1 KB	26ms 26ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/zone?pub=1&zone_id=1998647&is_mobile=false&domain=omgwowsurvey.com&var=null%7C%7C%7Cnull&ymid=&var_3=&tg=0&sw=3.1.471 Requested by Host: forlumineoner.com URL: https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1998647&var=null|||null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 0f7e32cfe60c82f23d57beea7e1047c26d18117c4ed728905479eb533ce75ef6 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id 0b63578cec002c3b2ddc3360544a8d05 date Wed, 29 Nov 2023 08:09:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://omgwowsurvey.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 865
GET H2	200	universal.min.js Show response forlumineoner.com/pfe/current/	86 KB 33 KB	78ms 25ms	Fetch application/javascript	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/pfe/current/universal.min.js?v=3.1.471 Requested by Host: forlumineoner.com URL: https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1998647&var=null|||null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Wed, 29 Nov 2023 08:09:17 GMT content-encoding gzip last-modified Tue, 28 Nov 2023 21:23:29 GMT server nginx etag W/"65665a51-1572c" content-type application/javascript access-control-allow-origin https://omgwowsurvey.com cache-control no-cache access-control-allow-credentials true
OPTIONS H2	200	custom forlumineoner.com/	0 0	25ms 25ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://omgwowsurvey.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://omgwowsurvey.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Wed, 29 Nov 2023 08:09:17 GMT server nginx
OPTIONS H2	200	custom forlumineoner.com/	0 0	25ms 25ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://omgwowsurvey.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://omgwowsurvey.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Wed, 29 Nov 2023 08:09:17 GMT server nginx
POST H2	200	custom Show response forlumineoner.com/	39 B 332 B	25ms 25ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://omgwowsurvey.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 0e5b5fe780f1f0a481c4336fd0b2fce3 date Wed, 29 Nov 2023 08:09:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://omgwowsurvey.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
POST H2	200	custom Show response forlumineoner.com/	39 B 331 B	26ms 26ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://omgwowsurvey.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 23f5a2faf47cbd11acd1efde6f10f21e date Wed, 29 Nov 2023 08:09:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://omgwowsurvey.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
OPTIONS H2	200	custom forlumineoner.com/	0 0	26ms 26ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://omgwowsurvey.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://omgwowsurvey.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Wed, 29 Nov 2023 08:09:17 GMT server nginx
POST H2	200	custom Show response forlumineoner.com/	39 B 332 B	26ms 25ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://omgwowsurvey.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers x-trace-id 8ae0b3ffe6d0fbdacac726b2752392fd date Wed, 29 Nov 2023 08:09:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://omgwowsurvey.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
GET H2	200	gid.js Show response my.rtmark.net/	65 B 546 B	83ms 26ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=1&userId=d0db3d5d624749089f65df6aa26461d1&zoneId=1998647&checkDuplicate=true&ymid=&var=null|||null Requested by Host: omgwowsurvey.com URL: https://omgwowsurvey.com/ALchatstrpgreat/?dd=buqkrzbrucz.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 61d9c48f703d8ca609bf2aa1a640e4ee57be6aba79e365b5f73bf24da55545ca Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://omgwowsurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 29 Nov 2023 08:09:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://omgwowsurvey.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| C4rr object| zfgformats object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			buqkrzbrucz.com/	1970-01-21 02:08:38	Name: CHCK Value: 1
			buqkrzbrucz.com/	1970-01-21 02:08:38	Name: UID Value: 231129030962b606f4e16346f3a3f81056eb
			my.rtmark.net/	1970-01-21 01:19:41	Name: ID Value: d0db3d5d624749089f65df6aa26461d1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.groovinews.com
buqkrzbrucz.com
fonts.googleapis.com
forlumineoner.com
my.rtmark.net
omgwowsurvey.com
139.45.195.8
139.45.197.229
212.117.190.201
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
45.133.44.21
0862a045a1840515c64139e3178dc97a3d9ddf6f2a22b740bd48a1a336ee72ef
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
0f7e32cfe60c82f23d57beea7e1047c26d18117c4ed728905479eb533ce75ef6
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75
42f147dc24419adc13bfb5e690dcca04aa47e1397925d4e5401761a73162919c
53306554a22543288ebaec0aeaac661c6d58608b1ec4aa435fc2a666c6ec78f2
61d9c48f703d8ca609bf2aa1a640e4ee57be6aba79e365b5f73bf24da55545ca
95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a6b60a4a3b10d20b71c8f82ff02841c394e3f75ab3c9096d81b46763f47c88bf
b73a00f65c9f0d2885885e9e22b9365a64cf00a0cec4a603c18f5764f08e5687
e545d422dc69c2ea8cd13da867f03b1adb6856e2c3b6fe85530c597f42f1831b
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881