urlscan.io logo urlscan.io
SecurityTrails logo

0.gloveryforbluewine.com Open in urlscan Pro
185.177.94.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://opus-i.biz/
Effective URL: https://0.gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron
Submission: On June 12 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 29 HTTP transactions. The main IP is 185.177.94.108, located in Amsterdam, Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 0.gloveryforbluewine.com.
TLS certificate: Issued by R3 on June 1st 2022. Valid for: 3 months.
This is the only time 0.gloveryforbluewine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 5 101.99.95.147 201133 (VERDINA)
1 2404:6800:400... 15169 (GOOGLE)
2 185.177.94.108 39572 (ADVANCEDH...)
29 5
1    2606:4700:3032::6815:15e6 (United States)

ASN13335 (CLOUDFLARENET, US)
opus-i.biz
15    2606:4700:3034::6815:1eba (United States)

ASN13335 (CLOUDFLARENET, US)
xylimited.com
5    101.99.95.147 (Malaysia)

ASN201133 (VERDINA, BZ)
PTR: vps.euromeds.to
track.greengoplatform.com
trick.legendarytable.com
front.greengoplatform.com
1    2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    185.177.94.108 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com
gloveryforbluewine.com
0.gloveryforbluewine.com
Apex Domain
Subdomains		 Transfer
15 xylimited.com
xylimited.com
166 KB
4 greengoplatform.com
track.greengoplatform.com — Cisco Umbrella Rank: 388263
front.greengoplatform.com — Cisco Umbrella Rank: 371935 Failed
2 KB
2 gloveryforbluewine.com
gloveryforbluewine.com — Cisco Umbrella Rank: 678115 Failed
0.gloveryforbluewine.com
24 KB
1 legendarytable.com
trick.legendarytable.com
1016 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
2 KB
1 opus-i.biz
opus-i.biz
686 B
29 6
Domain Requested by
15 xylimited.com xylimited.com
3 front.greengoplatform.com xylimited.com
1 0.gloveryforbluewine.com xylimited.com
1 gloveryforbluewine.com front.greengoplatform.com
1 trick.legendarytable.com xylimited.com
1 fonts.googleapis.com xylimited.com
1 track.greengoplatform.com xylimited.com
1 opus-i.biz 1 redirects
29 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-07 -
2022-08-06		 a year crt.sh
transportgoline.com
R3		 2022-06-05 -
2022-09-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
legendarytable.com
R3		 2022-06-05 -
2022-09-03		 3 months crt.sh
front.greengoplatform.com
R3		 2022-06-05 -
2022-09-03		 3 months crt.sh
0.di08.biz
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://0.gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron
Frame ID: 95946172D0C82B1933651A7343A41BE1
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

captcha

Page URL History Show full URLs

  1. http://opus-i.biz/ HTTP 301
    https://xylimited.com/ Page URL
  2. https://front.greengoplatform.com/go.php?lid=3337&pid=9646&cid=114733 HTTP 302
    https://front.greengoplatform.com/go.php?sid=6856&pid=9954&cid=347853 HTTP 302
    https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853 Page URL
  3. https://gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron Page URL
  4. https://0.gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

72 %
HTTPS

60 %
IPv6

6
Domains

8
Subdomains

5
IPs

4
Countries

195 kB
Transfer

816 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://opus-i.biz/ HTTP 301
    https://xylimited.com/ Page URL
  2. https://front.greengoplatform.com/go.php?lid=3337&pid=9646&cid=114733 HTTP 302
    https://front.greengoplatform.com/go.php?sid=6856&pid=9954&cid=347853 HTTP 302
    https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853 Page URL
  3. https://gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron Page URL
  4. https://0.gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://opus-i.biz/ HTTP 301
  • https://xylimited.com/
Request Chain 25
  • https://front.greengoplatform.com/go.php?lid=3337&pid=9646&cid=114733 HTTP 302
  • https://front.greengoplatform.com/go.php?sid=6856&pid=9954&cid=347853 HTTP 302
  • https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xylimited.com/
Redirect Chain
  • http://opus-i.biz/
  • https://xylimited.com/
144 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270ad4f93dbaa451fba2638dc5eda7dad4640e0aac68ca243ddaa714e9bd7e47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
719f51c508dcf8cf-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 02:57:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FXa2zxbWuq3lZUtZI3JgxD%2FLiPLfiLvnqaEsUzIPKKEOTK4zhGcRR03VSlbc1Bz4FUvuNXjVfNoyS5jjDqqyz%2B2LLU71nf9POlHOufIPure%2BQlvifhI7G4IVxMOQa2ZWXMMrKIXkQNv72c%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
719f51c4bf638087-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 12 Jun 2022 02:57:30 GMT
Expires
Sun, 12 Jun 2022 03:57:30 GMT
Location
https://xylimited.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEcyIIEtnb7UYGfLLzYSX0tNFi468cLdadSjuJFiv01FU2SEzaFKoTEa%2FPCGGq9xn0QdZWhveEHmB9nQI3oeMYUILak0NzSEpl37gJUwbkp%2BABMJNwxTld9I6soyqxnhWGX%2B5%2FVD5hhW"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
smile.js
track.greengoplatform.com/ 		4 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.greengoplatform.com/smile.js?v=1.1.1
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.95.147 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
vps.euromeds.to
Software
nginx /
Resource Hash
9f2407325a9ea969c54abe49367c6e5a3e9d390f1e607444004d8347cdab4bab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 02:57:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
style.min.css
xylimited.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 May 2022 03:30:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umT%2F3dBTQJVOA0CaBTGU4hDweBcCsskDes%2BpBQrdvO%2Bo0s2dq1O4e5G0WMZxeipM8QWqKRnKJjBzjmc9gMLJ2Djm50jFccyS5Bg%2BREPb36r%2BIGmdSEg08AoCl4Atyq1P2ThUIWSKuIdvfppM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c82b07f8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.css
xylimited.com/wp-content/themes/wp-travel-magazine/css/ 		149 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/css/bootstrap.css?ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
103ca54a9f783b9a191f37c00c80a1cd48196809ad65c17af218cdfbca0f2226

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJB%2BiT8vuOEavp4q9HI8UH6mA9Nf9L%2BVy18xA8bgjjTLdWY355%2FjILzQlOGhWlPwpSy9kjG2IhcubXUkQsMApVEC2L7WH3TDMSx5pwNG%2BT9lmcAFcSmrsIt4ZOu89MnWy%2BOLhjt6oQAp%2FGlh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b0af8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.css
xylimited.com/wp-content/themes/wp-travel-magazine/css/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/css/font-awesome.css?ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df162e466be5d728d93bdbc617652a3697cf054ddd2c135c17b8c26c60121f4d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fy473s%2BAPax%2B1r6aLQbX4PDaQKIYferm863j0Y5ZkhgYr04sNgcGtS%2BNLmzLo3z03v6DHoH7sW83vNDjVuFNazy5O%2B4qVOwDTowo7IEacDDOaR6h09NOGkYZ9EOQUp0Dz2Xj9tmYXsV40mb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b0df8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
owl.carousel.css
xylimited.com/wp-content/themes/wp-travel-magazine/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/css/owl.carousel.css?ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36aa42382294bd06e999e8ce16e36f39bdcb56e9b95bbbc97f76f1e2c0cdaf99

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSeLnaiXHaA%2Fun%2Fq%2FuTuiM9f9y8bySw1uXZ0NdmrtoBYdqfOR%2F09OhjCOKkzaEO0aFks49poPqHDs5UqOqyR6yjLHJphE8UG6JSt%2FFXJTfJJ%2FE8bvgh1AQt5LhyoCLEEi0iWUOLdKgLZyDsg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b0ef8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPhilosopher%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CReem+Kufi%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CReem+Kufi%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CReem+Kufi%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7C&ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
552e1820e4689c8805f3818c2dd8bc19e8ff8d51769f079e7e2261eadeba1f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Jun 2022 02:57:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Jun 2022 02:57:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Jun 2022 02:57:30 GMT
style.css
xylimited.com/wp-content/themes/wp-travel-magazine/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/style.css?ver=1.0.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03683c4942d589be9e183aedb095f920f71ddc44b6663f77196e31ffc562c1e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUFYl0nAnRP1xdCfnyw9zstpbgpLloKi%2Bv65iUPeYBGfggMWVnZqBTAMMwdz8K8fRIZIuc7rrGSSnEwFSH4j%2BSVLOQ%2FZbWCNbkroG63FIiC8uzM2zpS%2BNJwXBAjnUIL%2Bp1FtJCRyOGzPbFoW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b10f8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
layout.css
xylimited.com/wp-content/themes/wp-travel-magazine/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/css/layout.css?ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838c33dfda697a63eb2dd4f66540082c09f0c09819c18e5ff7c1a84a93fc5fcf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNmbom9dCGrdvgGYdTuf0PlRuzL%2FWI888J29uORwuOSEwPpi%2FpK8oQiU0oBCo0%2FKQMdtlGI0qT0hY5ydCerbfVdFS7kU5bVobFsvYKmDMQckf6m3%2FKJTKzz33eiUBqTUPmJf6IJH7rjOQHok"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b11f8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
xylimited.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwubOCr3ltuDSvxERCh%2BFoBTcmMhKb%2BGou9wsy338cwn6JqST3ZgZLbEdJNjldBKeREbb3%2FsmYhOzb7XbHnq7mMmbksht19G4L1P4A9UYgq%2Bcjh4CgGMjkpQ37dj931V45E%2BaPLk02QtpxvW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b12f8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
xylimited.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJTTg7ODRMKjPRiL74je4aoCzdbtvvq3MeAS9yT4cOJlrwgWTF5Aivd5yl0hjA4cZ6gcuRxkxoJIAZsvrQAE6bO2RQZdSy3b%2FGNZPhi2dVGzOXQFUDZF8h2TzXW4%2BAkgmW2PVdYAc7%2F7bVFD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b13f8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loadmore.js
xylimited.com/wp-content/themes/wp-travel-magazine/js/ 		862 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/js/loadmore.js?ver=6.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b49aa9543c847370f133bb1fa375c5a722047254d092e8280ddc7a57bef2c6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMA08W6XWDV6amuFl%2FTrzQlLt3F1L3bb5CkXpWiRR%2B1LTqtstQ5VZImkiJlV0SGxRwEqRMCByvz6hVRerDxamI1Ep9Jxnc%2FY6nFcZIBA9af1vdS35OJxPlN2zu78vff5ECLCqxmASB23gGa5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51c83b14f8cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Situs-Slot-Online-Deposit-Pulsa-Termurah-2022-150x150.jpg
xylimited.com/wp-content/uploads/2022/02/ 		0
0
slotlah-150x150.jpg
xylimited.com/wp-content/uploads/2022/01/ 		0
0
Cara-Menang-Main-Slot-150x150.jpg
xylimited.com/wp-content/uploads/2022/01/ 		0
0
stok-foto8-150x150.jpeg
xylimited.com/wp-content/uploads/2022/01/ 		0
0
Cara-Agar-Menang-Bermain-Judi-Bola-Online-150x150.jpg
xylimited.com/wp-content/uploads/2022/01/ 		0
0
Situs-Slot-Online-Deposit-Pulsa-Termurah-2022-300x155.jpg
xylimited.com/wp-content/uploads/2022/02/ 		0
0
news.js
trick.legendarytable.com/ 		4 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trick.legendarytable.com/news.js?v=9.4.9
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.95.147 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
vps.euromeds.to
Software
nginx /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 02:57:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
email-decode.min.js
xylimited.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Jun 2022 15:46:20 GMT
server
cloudflare
etag
W/"62a3674c-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9PTyW9o30PYaM4mQ4o%2Fyijbm69zuG1w%2BtaBXf8QtrU%2BkVSHW1ptBd4zJEFKEAttbeb4HwIZm28xT7LfqJxSBBawS5EjwGCbyvUu5bUstKUTJjtZ9NLgtNfwMCRFfR84lZG9d%2BgCdbhQvcRw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51d1081734cf-NRT
vary
Accept-Encoding
expires
Tue, 14 Jun 2022 02:57:32 GMT
fontawesome.js
xylimited.com/wp-content/themes/wp-travel-magazine/js/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/js/fontawesome.js?ver=5.14.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOKFCB098qODEDHqOpzpJUXV6su34D9ICajEZmlvj50W6Bxw3BSS2ijJS%2F6MoIDa75YAOBz6tfvzlI3sT0U7wiqnvpaGdFEmEMNWXU8NiToMr3pP3nk4TeNWUvmuzm0yWZJodMlkHLsykrGG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51d1283234cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.js
xylimited.com/wp-content/themes/wp-travel-magazine/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/js/script.js?ver=1.0.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkZZFIAAEGduTSSXC4Z1Nidb5bthtcShn9F3lCTPUOqLBlpflGbeaO%2FEGBlcSeusLD5dvmuqBbIrvvfhv3ijbn0zaa5ltlQ7YbcHxinLgtQQYZPXrnSiSIdwHMDJtLSK%2BsEsM6BjiBHNhxh5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51d53c3234cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
owl.carousel.js
xylimited.com/wp-content/themes/wp-travel-magazine/js/ 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/js/owl.carousel.js?ver=2.2.1
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvFIpWJGlT67HtmeRUE4FDx4B4q6DEe%2BIrzaTChHx%2FbVFQVvRRIeJnPm4sjWz%2BSC9gOi%2FVSvSqICurb7pgUPl7Fp5GoFH0yotOC7%2Fnt5vNep%2FcmogwAQgBgg%2BHQZL5ZJCoIdZSEttGScu%2BOS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51d5ecfe34cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
navigation.js
xylimited.com/wp-content/themes/wp-travel-magazine/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xylimited.com/wp-content/themes/wp-travel-magazine/js/navigation.js?ver=1.0.0
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://xylimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:57:33 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 27 Dec 2021 06:07:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldyZuIg4eKQiMvQ6rLM%2BRE5hhXbjgUa%2FZQGpZ19dEXNFV6o%2FWnAyzJyhmRMbu1VzQKNsQasqy85aKu6BddaPIZOT6AhBMsa32MexnLQUbi001THGmr9ey8IIFYponHO3FaHSgu%2FtPuYfyTVT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
719f51d7bf1234cf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
go.php
front.greengoplatform.com/ 		0
0
back.php
front.greengoplatform.com/
Redirect Chain
  • https://front.greengoplatform.com/go.php?lid=3337&pid=9646&cid=114733
  • https://front.greengoplatform.com/go.php?sid=6856&pid=9954&cid=347853
  • https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853
882 B
622 B 		Document
General
Check archive.org
Download Go to
Full URL
https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.95.147 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
vps.euromeds.to
Software
nginx /
Resource Hash

Request headers

Referer
https://xylimited.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
419
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Jun 2022 02:57:34 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Jun 2022 02:57:33 GMT
Location
https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853
Server
nginx
/
gloveryforbluewine.com/ 		0
0
/
gloveryforbluewine.com/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron
Requested by
Host: front.greengoplatform.com
URL: https://front.greengoplatform.com/back.php?sid=6856&pid=9954&cid=347853
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
32e0e145f9f0aa4c8228769b1c1cf31e3b952b616140f3e89b9b05eba70a0c65
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://front.greengoplatform.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 02:57:34 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
Primary Request /
0.gloveryforbluewine.com/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron
Requested by
Host: xylimited.com
URL: https://xylimited.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
ad6a2d5cf4abe78930759740cd38cbc2532982b5c5085f2c83a9cf1eb028b6e3
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gloveryforbluewine.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 02:57:36 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xylimited.com
URL
https://xylimited.com/wp-content/uploads/2022/02/Situs-Slot-Online-Deposit-Pulsa-Termurah-2022-150x150.jpg
Domain
xylimited.com
URL
https://xylimited.com/wp-content/uploads/2022/01/slotlah-150x150.jpg
Domain
xylimited.com
URL
https://xylimited.com/wp-content/uploads/2022/01/Cara-Menang-Main-Slot-150x150.jpg
Domain
xylimited.com
URL
https://xylimited.com/wp-content/uploads/2022/01/stok-foto8-150x150.jpeg
Domain
xylimited.com
URL
https://xylimited.com/wp-content/uploads/2022/01/Cara-Agar-Menang-Bermain-Judi-Bola-Online-150x150.jpg
Domain
xylimited.com
URL
https://xylimited.com/wp-content/uploads/2022/02/Situs-Slot-Online-Deposit-Pulsa-Termurah-2022-300x155.jpg
Domain
front.greengoplatform.com
URL
https://front.greengoplatform.com/go.php?lid=3337&pid=9646&cid=114733
Domain
gloveryforbluewine.com
URL
https://gloveryforbluewine.com/?p=mvqtsylggu5gi3bpg4ytqmy&sub1=speacker&sub2=dextron

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| urlB64ToUint8Array

2 Cookies

Domain/Path Name / Value
.gloveryforbluewine.com/ Name: uuid
Value: 0a20f0e3-326c-4f1f-b875-55b8b9e8ef0f
.0.gloveryforbluewine.com/ Name: uuid
Value: 0a20f0e3-326c-4f1f-b875-55b8b9e8ef0f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gloveryforbluewine.com
fonts.googleapis.com
front.greengoplatform.com
gloveryforbluewine.com
opus-i.biz
track.greengoplatform.com
trick.legendarytable.com
xylimited.com
front.greengoplatform.com
gloveryforbluewine.com
xylimited.com
101.99.95.147
185.177.94.108
2404:6800:4004:801::200a
2606:4700:3032::6815:15e6
2606:4700:3034::6815:1eba
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03683c4942d589be9e183aedb095f920f71ddc44b6663f77196e31ffc562c1e5
04b49aa9543c847370f133bb1fa375c5a722047254d092e8280ddc7a57bef2c6
103ca54a9f783b9a191f37c00c80a1cd48196809ad65c17af218cdfbca0f2226
270ad4f93dbaa451fba2638dc5eda7dad4640e0aac68ca243ddaa714e9bd7e47
32e0e145f9f0aa4c8228769b1c1cf31e3b952b616140f3e89b9b05eba70a0c65
36aa42382294bd06e999e8ce16e36f39bdcb56e9b95bbbc97f76f1e2c0cdaf99
552e1820e4689c8805f3818c2dd8bc19e8ff8d51769f079e7e2261eadeba1f94
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
838c33dfda697a63eb2dd4f66540082c09f0c09819c18e5ff7c1a84a93fc5fcf
9f2407325a9ea969c54abe49367c6e5a3e9d390f1e607444004d8347cdab4bab
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
ad6a2d5cf4abe78930759740cd38cbc2532982b5c5085f2c83a9cf1eb028b6e3
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
df162e466be5d728d93bdbc617652a3697cf054ddd2c135c17b8c26c60121f4d
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e