urlscan.io logo urlscan.io
SecurityTrails logo

youtwitblocker.com Open in urlscan Pro
172.67.146.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425
Effective URL: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Submission: On June 28 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 28 HTTP transactions. The main IP is 172.67.146.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is youtwitblocker.com.
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.
This is the only time youtwitblocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.170.251 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
3 67.212.184.146 32475 (SINGLEHOP...)
2 3 51.68.85.158 16276 (OVH)
2 91.209.226.54 204601 (ON-LINE-D...)
2 12 139.45.197.244 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
1 1 34.147.21.42 396982 (GOOGLE-CL...)
1 172.67.146.156 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
4 188.114.96.3 13335 (CLOUDFLAR...)
28 11
2    172.67.170.251 (United States)

ASN13335 (CLOUDFLARENET, US)
sayingculminate.top
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
yidiandian.xyz
3    67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
go.kelpboat.com
3    51.68.85.158 (United Kingdom)

ASN16276 (OVH, FR)
www.remarsempre.foundation
2    91.209.226.54 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm4923262.25ssd.had.wf
click2kikc.xyz
12    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
dotranquilla.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    34.147.21.42 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.21.147.34.bc.googleusercontent.com
tracking.pretrackings.com
1    172.67.146.156 (United States)

ASN13335 (CLOUDFLARENET, US)
youtwitblocker.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
adblocker2.com
Apex Domain
Subdomains		 Transfer
12 dotranquilla.com
dotranquilla.com — Cisco Umbrella Rank: 404008
30 KB
4 adblocker2.com
adblocker2.com — Cisco Umbrella Rank: 547668
13 KB
3 remarsempre.foundation
www.remarsempre.foundation
5 KB
3 kelpboat.com
go.kelpboat.com
5 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
997 B
2 click2kikc.xyz
click2kikc.xyz
929 B
2 sayingculminate.top
sayingculminate.top
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
30 KB
1 youtwitblocker.com
youtwitblocker.com
3 KB
1 pretrackings.com
tracking.pretrackings.com — Cisco Umbrella Rank: 304099
338 B
1 yidiandian.xyz
yidiandian.xyz
596 B
0 baidu.com Failed
hm.baidu.com Failed
28 12
Domain Requested by
12 dotranquilla.com 2 redirects dotranquilla.com
4 adblocker2.com youtwitblocker.com
3 www.remarsempre.foundation 2 redirects go.kelpboat.com
3 go.kelpboat.com yidiandian.xyz
2 my.rtmark.net dotranquilla.com
2 click2kikc.xyz www.remarsempre.foundation
2 sayingculminate.top sayingculminate.top
1 cdn.jsdelivr.net youtwitblocker.com
1 youtwitblocker.com
1 tracking.pretrackings.com 1 redirects
1 yidiandian.xyz sayingculminate.top
0 hm.baidu.com Failed sayingculminate.top
28 12

This site contains links to these domains. Also see Links.

Domain
adblocker2.com
Subject Issuer Validity Valid
sayingculminate.top
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
yidiandian.xyz
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh
go.kelpboat.com
E5		 2024-06-22 -
2024-09-20		 3 months crt.sh
www.remarsempre.foundation
R11		 2024-06-26 -
2024-09-24		 3 months crt.sh
click2kikc.xyz
R11		 2024-06-15 -
2024-09-13		 3 months crt.sh
dotranquilla.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
youtwitblocker.com
GTS CA 1P5		 2024-06-04 -
2024-09-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
adblocker2.com
WE1		 2024-06-16 -
2024-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Frame ID: 14D4BE7D68F9E0DDDEFD27D07A77B7CF
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Werbeblocker für Twitter/Youtube

Page URL History Show full URLs

  1. https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425 Page URL
  2. https://sayingculminate.top/404/nfp.html Page URL
  3. https://yidiandian.xyz/ Page URL
  4. https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
  5. https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_... Page URL
  6. https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_... HTTP 302
    https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_... HTTP 302
    https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406... Page URL
  7. https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2 Page URL
  8. https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x Page URL
  9. https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://tracking.pretrackings.com/click?pid=21&offer_id=4388&sub1=830629907607593988&sub2=6118780 HTTP 302
    https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

28
Requests

96 %
HTTPS

9 %
IPv6

12
Domains

12
Subdomains

11
IPs

3
Countries

89 kB
Transfer

295 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425 Page URL
  2. https://sayingculminate.top/404/nfp.html Page URL
  3. https://yidiandian.xyz/ Page URL
  4. https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
  5. https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426 Page URL
  6. https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=e729b720c2cf81ce3acb18f159655e2b&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
    https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=3&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
    https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b** Page URL
  7. https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2 Page URL
  8. https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x Page URL
  9. https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://tracking.pretrackings.com/click?pid=21&offer_id=4388&sub1=830629907607593988&sub2=6118780 HTTP 302
    https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=e729b720c2cf81ce3acb18f159655e2b&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
  • https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=3&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=go.kelpboat.com HTTP 302
  • https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b**
Request Chain 15
  • https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
  • https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
uTnwURRAAhqv
sayingculminate.top/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89afe8ce88da2c59-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Jun 2024 18:58:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5fy0woFMK7zGVBJk4bGfzBanEzbCDgzdHG5OLPtH2toiID5CJK6rTwWJaLhQ5w7lwGq4sGk4aikyRAghzNct5y%2B8GOlX1TwLf2TCxY2dl4EOTzZvy4AeTIoCVkuhwqcacR8J0E9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
nfp.html
sayingculminate.top/404/ 		827 B
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sayingculminate.top/404/nfp.html
Requested by
Host: sayingculminate.top
URL: https://sayingculminate.top/uTnwURRAAhqv?ffpu1702285072425
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a78059e3b4ae712da8b6c7d37826a18cf2f21e706853a3104a98782f71cc944

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89afe8cf19c22c59-FRA
content-encoding
br
content-type
text/html
date
Fri, 28 Jun 2024 18:58:38 GMT
last-modified
Fri, 02 Feb 2024 07:20:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1ZUR%2BWYXvzlJHMcukg99kySG6XP3%2BeLivje%2B4YoCdF53RKTY48bdMzOstF5S6d%2FYuZ12j22tB5GdwTtV4%2BVlPNq2sC0mCfQ3QqhxXe1x3pycg5vHR6868wnRXwwPKmBqL6zCGvn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hm.js
hm.baidu.com/ 		0
0
/
yidiandian.xyz/ 		166 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yidiandian.xyz/
Requested by
Host: sayingculminate.top
URL: https://sayingculminate.top/404/nfp.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sayingculminate.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89afe8d059696913-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Jun 2024 18:58:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Brb%2BOGZSHz8pfcDFM8sMQwJldKfo5Yj77TEY0RDrjGEhSo%2FxSQoc0BuA3TjAkDytYluFdBBXrI%2FFS4QraxV8k9Tjen2zCBY7vSKZO0rnNc3EMk6l3X%2BFvUmL77dTBeGzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
go.kelpboat.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
Requested by
Host: yidiandian.xyz
URL: https://yidiandian.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
c6fb2c9ab5947705cf748e56942d6bb0d02cb5d6f0289904e4184139a829a750
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://yidiandian.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Jun 2024 18:58:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
favicon.ico
go.kelpboat.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://go.kelpboat.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Sat, 29 Jun 2024 18:58:39 GMT
favicon.ico
go.kelpboat.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://go.kelpboat.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:39 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Sat, 29 Jun 2024 18:58:39 GMT
/
www.remarsempre.foundation/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426
Requested by
Host: go.kelpboat.com
URL: https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go.kelpboat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Fri, 28 Jun 2024 18:58:41 GMT
Transfer-Encoding
chunked
3
click2kikc.xyz/go/4995/
Redirect Chain
  • https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=e729b720c2cf81ce3acb18f159655e2b&eyer=0.8381926734431695&eyei=0&eyew...
  • https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426&eyeg=3&eyer=0.8381926734431695&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=...
  • https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b**
279 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b**
Requested by
Host: www.remarsempre.foundation
URL: https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
09aa5e79b76f6c5f58341ad39622b4886cfb898579f91afd668085253ed94f62

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.remarsempre.foundation/?sl=5816354-62543&pub_click_id=M7385630568286781462&site=25426-06aaba3z&pub_sub_id=25426
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
279
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jun 2024 18:58:41 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Fri, 28 Jun 2024 18:58:41 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Fri, 28 Jun 2024 18:58:41 GMT
Location
https://click2kikc.xyz/go/4995/3?subid2=902&subid1=330005ffc02f8e3d1d12104881761a85d31030628-202406-flb*5816354-62543**sl_5816354-62543*da80d3f48619436ba2f45e7c3abbd90a8a54072b**
7482447
dotranquilla.com/4/ 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
34126d41f6e2ad7b3523bab82e3ce16c3ec34c9898db1684c200d4dd268300f6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Fri, 28 Jun 2024 18:58:41 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
e27a64e73822db104d3ecd6937781192
favicon.ico
click2kikc.xyz/ 		0
170 B 		Other
General
Check archive.org
Download Go to
Full URL
https://click2kikc.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm4923262.25ssd.had.wf
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 18:58:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
sftouch
dotranquilla.com/ 		2 B
605 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/sftouch?userId=008089b3af2846fdf5e04a21e8f64ad4&z=7482447&p_rid=00be3580-90b9-4fcb-b24f-2857b65bbd1c&p_src=sf&branchId=0&rb=ksX-zzVF8icNevoL0NS0cNnYAAR5mN5sS_yiR03iVhch9zyEeZX9sg7X2wAQAOgNfCD8plQ-HdpGqMf_Fh3upYnDcKc67LyA4HiBHTBPNMglxjTGwHp1L9Ue0U8NnUdWC6vNvNiuQP39EILFOKEzAXWfGMjInRoM49OESbCLiUR9URzVpgqYP1-Lzxij1aZC0vhlInMeK8Y2LS1wGR-FrI0qXvI6pMfmf2HiwEdypaP_c7S3iXviUT4TTamDTr856FvuwN4ZIylf8gr3M5Z9M9SldY0ypwnCoG4Hlg9qi7EodwfT4kF60gCY1E-L97q1-L618Q==
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
d9a438a0a5da837019a4e52c7752a2f6
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://dotranquilla.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008089b3af2846fdf5e04a21e8f64ad4&z=7482447&p_rid=00be3580-90b9-4fcb-b24f-2857b65bbd1c&p_src=sf
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dotranquilla.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
dotranquilla.com/log/ 		12 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=00be3580-90b9-4fcb-b24f-2857b65bbd1c
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-Type
text/plain;charset=UTF-8
Referer
https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dotranquilla.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
dotranquilla.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/4/7482447?var=4995&ymid=13mjps4d000g2
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 28 Jun 2024 18:58:41 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
dotranquilla.com/4/6118780/
Redirect Chain
  • https://dotranquilla.com/?z=7482447&syncedCookie=true&rhd=false
  • https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1ebb27f3bee8af1807baa971f0401980ed347030f6ee7409aeaf66fa65cf2771
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://dotranquilla.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Fri, 28 Jun 2024 18:58:41 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
41e2f7b51ea22944f320e45f41d4c508

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://dotranquilla.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Fri, 28 Jun 2024 18:58:41 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://dotranquilla.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
6d748ffe007aef8af76859a4b8d19fa8
favicon.ico
dotranquilla.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 28 Jun 2024 18:58:41 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
sftouch
dotranquilla.com/ 		2 B
605 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/sftouch?userId=008089b3af2846fdf5e04a21e8f64ad4&z=6118780&p_rid=7ba05f25-4780-48ba-9fe2-9b15ba79b009&p_src=sf&branchId=0&rb=skcIqYxM9xWV32Fso4Vd6hA0FHLBpDfTv95hv_Yzt8f6S94Y98bQNVpydtIS69cM04BiBL9ju6Y4yT0RqiNEHfj-3oEoVJpekcrWUie8PX9Wumw_qNpyrfcp4W8m43gSOxpkIeLJ89M8F-c28_Zy7wmeAMwHMhBCN9DUWyRrYg3J7AF98v4FnBzl5vJU9MRSCuVIsUu6QZR5i9paj2biBZ8vXr47OPLuBxFqGPwzyZUBzYmpmUjcEPKmtteNbvhD48fGtciqHakNE1JUuLpCLFDB2I6Ro1Z2Fgl4rDwGysx_D8ub
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
1d3b09df84af5dbf598a16cb127eb811
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://dotranquilla.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008089b3af2846fdf5e04a21e8f64ad4&z=6118780&p_rid=7ba05f25-4780-48ba-9fe2-9b15ba79b009&p_src=sf
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dotranquilla.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://dotranquilla.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
dotranquilla.com/log/ 		12 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7ba05f25-4780-48ba-9fe2-9b15ba79b009
Requested by
Host: dotranquilla.com
URL: https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-Type
text/plain;charset=UTF-8
Referer
https://dotranquilla.com/4/6118780/?var=7482447&btz=Europe/Berlin&bto=-120&bar=x
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dotranquilla.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
dotranquilla.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 28 Jun 2024 18:58:41 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request extension.php
youtwitblocker.com/
Redirect Chain
  • https://dotranquilla.com/?z=6118780&syncedCookie=false&rhd=false
  • https://tracking.pretrackings.com/click?pid=21&offer_id=4388&sub1=830629907607593988&sub2=6118780
  • https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.146.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123639d60e09ebb20ada15f599c05dcb4e18beb829ee63c375189954d15a8800

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://dotranquilla.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89afe8e2ef4f9143-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Jun 2024 18:58:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7t071Bip2tNgfrZlOKvlTxuGr%2FiFerXFFbCnUpeyhxhRSQJ8JFLD%2BosIE59hwAkgyWxbzQqv8niyT%2F90XXnk49ILUXtvRRJhmlpKuMOPXURv0CszOQVlMC2ufV77zFMmTi9J6G8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 28 Jun 2024 18:58:41 GMT
location
https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
server
nginx
x-adjust-use-original-forwarded-for
1
favicon.ico
dotranquilla.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dotranquilla.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Referer
https://dotranquilla.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 28 Jun 2024 18:58:41 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: youtwitblocker.com
URL: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://youtwitblocker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jun 2024 18:58:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
1529081
x-jsd-version
5.2.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230022-FRA
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
icon.png
adblocker2.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblocker2.com/images/icon.png
Requested by
Host: youtwitblocker.com
URL: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200cad84844c713047fb7cc4f0bddae0b6a153d346bb815adab45acba73fad4b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://youtwitblocker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 27 Oct 2023 08:56:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"653b7b3c-2005"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1tm0m07JVLu%2BN52egNqhMGV3TGneHcKrfIgJj8hv%2FmHIt5b0kti89L31IDZIziGBJU7Yvi91tlZxQbQ9OJ%2FVxRYYDEGfy3fbvKKsL3ITONp0CWTqPTm%2BgABu3vaxo8Yew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
89afe8e4191a5c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
8197
chromewebstore.png
adblocker2.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adblocker2.com/images/chromewebstore.png
Requested by
Host: youtwitblocker.com
URL: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://youtwitblocker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Jun 2023 14:52:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"649c493d-d6b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BDgCUng6PcieMP%2FT%2FL6JJc4JSLPr9B0NDzngFMtHRbh9OO8BhGzU8cjbUSdWrqIH30UIGqXMm0Wa2DyAFmRvJcJGYbqQXBLILDsgfEetUBI%2FLjLWolaEMWb4tOxYwQhMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
89afe8e419185c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
3435
email-decode.min.js
adblocker2.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adblocker2.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: youtwitblocker.com
URL: https://youtwitblocker.com/extension.php?it=chpr6cTB88&_d=3&ja=21_6118780&iw=667f07e10658d70001244d0b&iv=pr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://youtwitblocker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Jun 2024 17:43:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"667c5334-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AFVm5BA53eivmPSQqYv4YHcfoChbnxqSiSmAi3CpP3FCfaY3IFQI3ZxyG8blg4j7za%2FVrPe2bmYfKxyQ6haUPJbTfIO0rT4TUYTab1qQgetwNjzeTzl8YVWQMX2C6GVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89afe8e4191c5c80-FRA
expires
Sun, 30 Jun 2024 18:58:41 GMT
icon.png
adblocker2.com/images/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://adblocker2.com/images/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200cad84844c713047fb7cc4f0bddae0b6a153d346bb815adab45acba73fad4b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://youtwitblocker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 18:58:41 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 27 Oct 2023 08:56:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"653b7b3c-2005"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1tm0m07JVLu%2BN52egNqhMGV3TGneHcKrfIgJj8hv%2FmHIt5b0kti89L31IDZIziGBJU7Yvi91tlZxQbQ9OJ%2FVxRYYDEGfy3fbvKKsL3ITONp0CWTqPTm%2BgABu3vaxo8Yew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
89afe8e4191a5c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
8197

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

8 Cookies

Domain/Path Name / Value
click2kikc.xyz/ Name: mobitck
Value: 1
dotranquilla.com/ Name: OAID
Value: 008089b3af2846fdf5e04a21e8f64ad4
dotranquilla.com/ Name: oaidts
Value: 1719601121
my.rtmark.net/ Name: ID
Value: 008089b3af2846fdf5e04a21e8f64ad4
dotranquilla.com/ Name: syncedCookie
Value: true
tracking.pretrackings.com/ Name: afclick
Value: 667f07e10658d70001244d0b
tracking.pretrackings.com/ Name: afoffers
Value: {"4388":1719601121}
.youtwitblocker.com/ Name: _asd
Value: 17196011219093241