urlscan.io logo urlscan.io
SecurityTrails logo

kingadblock.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://becast.onionlive.workers.dev/
Effective URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c...
Submission: On February 29 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kingadblock.com. The Cisco Umbrella rank of the primary domain is 829099.
TLS certificate: Issued by GTS CA 1P5 on February 11th 2024. Valid for: 3 months.
This is the only time kingadblock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 139.45.197.245 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
1 37.48.68.71 60781 (LEASEWEB-...)
15 172.64.207.29 13335 (CLOUDFLAR...)
11 139.45.197.251 9002 (RETN-AS)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
50 10
1    2606:4700:3030::6815:923 (United States)

ASN13335 (CLOUDFLARENET, US)
becast.onionlive.workers.dev
3    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
offmantiner.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
15    172.64.207.29 (United States)

ASN13335 (CLOUDFLARENET, US)
gluxouvauque.com
11    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kingadblock.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:3037::ac43:afa1 (United States)

ASN13335 (CLOUDFLARENET, US)
tururu.info
Apex Domain
Subdomains		 Transfer
15 gluxouvauque.com
gluxouvauque.com
68 KB
11 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 31094 Failed
4 kingadblock.com
kingadblock.com — Cisco Umbrella Rank: 829099
12 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11764
2 KB
3 offmantiner.com
offmantiner.com — Cisco Umbrella Rank: 151222
16 KB
1 tururu.info
tururu.info
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 306
29 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 42429
468 B
1 workers.dev
becast.onionlive.workers.dev — Cisco Umbrella Rank: 151181
1 KB
0 Failed
function sub() { [native code] }. Failed
50 10
Domain Requested by
15 gluxouvauque.com gluxouvauque.com
11 jouteetu.net gluxouvauque.com
4 kingadblock.com gluxouvauque.com
kingadblock.com
4 my.rtmark.net offmantiner.com
gluxouvauque.com
3 offmantiner.com 1 redirects becast.onionlive.workers.dev
offmantiner.com
1 tururu.info kingadblock.com
1 cdn.jsdelivr.net kingadblock.com
1 datatechone.com offmantiner.com
1 becast.onionlive.workers.dev
0 flcjnflecolckmhfcmhhkichjhajjnlb Failed kingadblock.com
50 10

This site contains no links.

Subject Issuer Validity Valid
onionlive.workers.dev
GTS CA 1P5		 2024-01-04 -
2024-04-03		 3 months crt.sh
offmantiner.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
gluxouvauque.com
E1		 2024-01-14 -
2024-04-13		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
kingadblock.com
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
tururu.info
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Frame ID: A825481A0F5DDA751EED1F14ACE63BF6
Requests: 50 HTTP requests in this frame

Frame: https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=787072913013748456&z=4662728&v=12&dr=&inw=1600&inh=1200
Frame ID: 21C02F43D8A0490DD647C86084D8F4DF
Requests: 1 HTTP requests in this frame

Frame: https://kingadblock.com/clear.php
Frame ID: 7619B9D5F8B16034A95728FFCB49C067
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Up - Ad Blocker

Page URL History Show full URLs

  1. http://becast.onionlive.workers.dev/ HTTP 307
    https://becast.onionlive.workers.dev/ Page URL
  2. https://offmantiner.com/4/6120639/ Page URL
  3. https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false HTTP 302
    https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z... Page URL
  4. https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z... Page URL
  5. https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

50
Requests

80 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

128 kB
Transfer

404 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://becast.onionlive.workers.dev/ HTTP 307
    https://becast.onionlive.workers.dev/ Page URL
  2. https://offmantiner.com/4/6120639/ Page URL
  3. https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false HTTP 302
    https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Page URL
  4. https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2 Page URL
  5. https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://becast.onionlive.workers.dev/ HTTP 307
  • https://becast.onionlive.workers.dev/
Request Chain 5
  • https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false HTTP 302
  • https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
becast.onionlive.workers.dev/
Redirect Chain
  • http://becast.onionlive.workers.dev/
  • https://becast.onionlive.workers.dev/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://becast.onionlive.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:923 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
85d189c5aad86f1d-CDG
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 29 Feb 2024 14:18:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW4%2BVDtjuKxX6iLLYLE%2BKof15L57Q0a2OAY3aET6Si6bBEkzxbEIGp1HSm2l2MP401wrOEr1Xki8xiTtei%2BmvJZ8ecl8ufjzeIWAsBeTJCPsVMPbr%2BHklZ8xJDUHERUPZLQcO9Ag0N72IbLbT7erpY1xIfk5PYOhxvZy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://becast.onionlive.workers.dev/
Non-Authoritative-Reason
HSTS
/
offmantiner.com/4/6120639/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offmantiner.com/4/6120639/
Requested by
Host: becast.onionlive.workers.dev
URL: https://becast.onionlive.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
cd5510ca4b3c9d6d7f2f9c6ecd4ed6c4e8957767862cfcac8a9a6cd2f7b3ac3c

Request headers

Referer
https://becast.onionlive.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 29 Feb 2024 14:18:43 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
6b0637a00190653062bea23c4bbd9bec
sftouch
offmantiner.com/ 		2 B
610 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://offmantiner.com/sftouch?userId=0080118e5f534296e9ddf51d89d5a9c8&z=6120639&p_rid=f92210be-2ebc-4cf4-8443-fb981a5fb9ec&p_src=sf&branchId=0&rb=bgjr8N--1JqmwSbDMSd0bzTsHkfNM6ptWBqQgPMFp68AjYMwcxVhVZoDphjLjKmvXnGNHxoRtadqrWN2_DhFGSX_7Cf9zf3p9Q43GVDxNnju-p3ztKm6fWom4W0tz50oy2gp0hylI3ugXoeySKf_pi-M9Xnk7C31ueOCzf_QOq3wENUaQBBjkdesYxbwyfRoMy2GnZtcFRo3D1R_nmFYYWcQ7Bg3wHOKMZN_WX7fknyGBTdzxkiWa5iN4OcikX3-2N2Xkmo4cLPBFXpPeGYz78NossXoWurt0b13uSwVan3h31UumSsz77GZtUoRDpZuDQc2Tf3MhrGQm3i2yonOaQ==
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offmantiner.com/4/6120639/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
3eea50a1db6d223ab42c1567cc111a72
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://offmantiner.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080118e5f534296e9ddf51d89d5a9c8&z=6120639&p_rid=f92210be-2ebc-4cf4-8443-fb981a5fb9ec&p_src=sf
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offmantiner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f92210be-2ebc-4cf4-8443-fb981a5fb9ec
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://offmantiner.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 29 Feb 2024 14:18:43 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://offmantiner.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
/
gluxouvauque.com/
Redirect Chain
  • https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false
  • https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
fa52656db55b19899a9de3d3fe8e33dfe0bb95ed506315fc5a8b54af0df5d3b7

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://offmantiner.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d189c75d4eb891-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:18:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPyNE7%2BsoYE%2FnhDTxMyr0K%2BKeyhU9ZSFW%2BHUQFUNmY0v8rRKGMYJTnaE%2BE3rzfa6gCziLsqo1qeBCqmV8mWt6u9WRNRWGM9a3cR5Bv0jwnoZfHgb8pXJktKbyMr%2BFOUNN66H"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://offmantiner.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Thu, 29 Feb 2024 14:18:43 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://gluxouvauque.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
407b6c5b409817bda8708e4c6981f6a5
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=a5bf03868170c43524383f7dc6d7a095
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e69fbe640cf9ba761d58bf6c54c3e56630c64617ecb0a3c5e1badb90ac546f91
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauque.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
gluxouvauque.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbde98eb39d711f803483c5e02c98fda77ad9f55f2f9f41d601df6ed272ce826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 14:18:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Feb 2024 12:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e07222-8b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZx3v1Hb%2B4cPoP6k1HzEZ8dtpMiP7ij43v3cE6DU3nSnlYSYbcos7VFkcDuNdTcfgwRQvQ0H2YT535oCueU1Luu1XzJ%2Fo83lawg0HwulZy9tlsxHkfcgEcwx3hRjMku2%2BXyO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85d189c80e2eb891-AMS
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauque.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/19/4662728/?abt_opts=1&var=6120639&var3=787072908840411277&ymid=&rhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea788f1c63e4546f938297c1ab441b62385263081370af0eff7577598a9b3e9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
6e0d797cfa9bf5018c05b3e475d43a3a
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhpAbepz%2ButbfVNXtbMVuYmrHOpuSDjd5MRco%2F23UizLMZn9HuSLg57MWmBPDU%2BB9iNk7abDu%2BuBx85VRt0gD8%2BEKXwDF9GnOrL3i5CX7XcP6b4ffEsJacHKnm3JRM3w5B0w"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d189c81e4cb891-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauque.com/ 		2 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&mprtr=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WovlvQyXlWAL4C9fZ5Uoe4lWDm5k6xLw7NdvkkNHG1qGdv95Szz75Wndxr8ToXbF%2BHRLdd9ui5CdxJYVeFacNaJR8ewjE9ALNskq%2BQWsjwQAZhCx%2B6v31kk%2BwRa%2Fq%2FDB8eIq"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85d189c81e4fb891-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
4662709
gluxouvauque.com/sw-check-permissions/ 		0
968 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/sw-check-permissions/4662709?var=6120639&ymid=787072908840411277&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP5%2BtrtL4GLYM8IDJiHgx2SyU9BM0SGFrlJuPEKLFr66zs4dPfInOUkg0mwrWJMPQfVeRiUZYwNkzTAZfQqonlfn63dZpjhztv24HQ2qkpmpPsmRkG%2Fw94i2l%2BEuve0PEEu7"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85d189c85eaab891-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
zone
gluxouvauque.com/ 		0
366 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787072908840411277&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=9650313f-abd6-487a-9b60-56d9db8deb30&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
804bdf441d5ee9faac5daaf0e8684ac0
date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ftQIWKdVDDuDuOqVcTzfRm99cJXL4WsnhE0K5ixBLub4kS1ZtNIjBIgLyUccRGBXtc9CT9rC2WA%2BsLmStrFkx%2FTlYDuyOCjMXMqoMYgmvOlduOD6dd%2B0YsjrbC7QsTfVY2Q"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauque.com
access-control-allow-credentials
true
cf-ray
85d189c85eb0b891-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=787072908840411277&var=6120639
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e69fbe640cf9ba761d58bf6c54c3e56630c64617ecb0a3c5e1badb90ac546f91
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauque.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0
rhd
gluxouvauque.com/ 		0
0
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
zone
gluxouvauque.com/ 		793 B
786 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787072908840411277&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=9650313f-abd6-487a-9b60-56d9db8deb30&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:43 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
08141d24a9cff927ae91c7d30051038c
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvaEPt1K31OAjjV8KIqXl2HxzC6oyTrpetFy4uUahOqXNx6%2FN%2Bmm86jqYbM%2FytYsUXc8%2FvGSgn5boMDNV6jlOOVD1rP%2BNqycqn9a%2Fol0XXXx5PqwAQC9OGNNXgSwez7SRMX%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85d189c86ef0b891-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0
/
gluxouvauque.com/ 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e6b2909e40be6bbe7cf565e31b66771307ce8fb214dc4ee57fada84eafe72510

Request headers

Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d189c87f07b891-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:18:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3XyqGQzHiVdBUqXBLSvIu3Ac1luQaFKuYxz3ydj8JWOsmS%2BlEWNd%2BQ3hE2T1Cr%2BHWSJk1kFjelgnDVZIA0Obi1McsdX58bOcXwh0k4S2I9AB8TrmEfOogeFtaPSLd5fyx%2FO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
jouteetu.net/ 		0
0
micro.tag.min.js
gluxouvauque.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbde98eb39d711f803483c5e02c98fda77ad9f55f2f9f41d601df6ed272ce826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 14:18:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Feb 2024 12:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e07222-8b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU8xqzEUXe8yAHCCWiTwIVjGIvDlwvmLBm1K8ijdE1qEjjrbbG8FYcsd5GLZiRc1k%2Br5T7xVDWBDBTyrrSCunVlHAHZlfGohLrQkJXZAaVdRMXLoepEWrmPMwapny%2B3KyD1j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85d189c94c3b2017-IAD
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauque.com/ 		2 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2&mprtr=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiOwt%2B0nKu0PRVn1zxKJUzZ2m88PHPob0eA9ManM7BlBD0SiH9Rq%2BSF%2FaVFShAPp2ZQ0HhLaiCeZVSErrztAwe9XKNP03%2B4nxh5zdu53I6jD6d0Ocr7dz%2BOXNb%2BFsYn81FWt"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85d189c94c4b2017-IAD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
/
gluxouvauque.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/19/4662728/?abt_opts=1&var=6120639&var3=787072908840411277&ymid=&rhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68d9ee83e7f43558fa2110ac75badf6cb76e41e56765bbdd5ffaa12d47281af
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:44 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
0612d49b9b4528046c03614d43dfc404
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yLlXlyUrDjDg8kNSJt2sggIey4i4cm7hIHKPOyPY%2FbfbR%2FttRWZuhojmJFJJlJOHfCT0M%2BteLcVuFhHmUl2VEi%2FXFeHov4jadIBVPYLnENH5OlJq8G8bdZlK4NbajesVodq"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d189c94c562017-IAD
expires
Tue, 11 Jan 1994 10:00:00 GMT
rhd
gluxouvauque.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/rhd?rb=vaxhZqgvbv_6ZmkNniOStXncngHQOBGaWvz5CME-jL73KsE1axRgGa-Qr63PUT1CiTKBRxTGkB1UslEfKEwdB7pukL5QWIf_Q0MTid8BwOfdL798MomSoqODTpP6Aj81NDs5h3PCGzzm9LsyUc5KPnl8qH6p3n0idCpkKrmD_7bTWm53hWBZap-gBX_GZ932JoyK6ErosJhDrYV3Foor9q1ugp6sDtPiyI5Abv8ZtXHPsfguVS_-82YoCgzTPl5c85B4kglCufQ4oBECFub5SY8bRgwKPoV2KRkU1a_IaHZCltD5TIQS8EROyY6-Od7n4takMuwNCmFyjc4bDT_2YN_FJHxbK6DW5m5ASF2FvYVtnfzXY7IgfYtkwOQPSqS51KeIOyuqZcSfRt3P88yx4s9uq0PbJwvAqkSbJzWeN3cLZxf7e3opLpWEIPp3Pxu2gHTOkuY6P8YUDATMTYWLECBOV1AOB1jwSSDX-91nJFlhnTHxy6LwoeVDBvAEqxfrnP0o0XGI4DDCPmSRF4qnrNdrpiOa7vXQIKx6KPikKWIoq2oAFso0QA%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauque.com%2F%3Fs%3D787072908840411277%26ssk%3Dc024c49ace9df5d7a9bc303373f37ca0%26svar%3D1709216323%26z%3D6120639%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60%26rdc%3D2&drf=https%3A%2F%2Fgluxouvauque.com%2F%3Fs%3D787072908840411277%26ssk%3Dc024c49ace9df5d7a9bc303373f37ca0%26svar%3D1709216323%26z%3D6120639%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6120639&var3=787072908840411277&ymid=&rhd=1&m=link
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a930d5683f521a16b85d2a28366e592bed0d0a57f67797f3742a0db91f869e3f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:44 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
d43c44def8e275a4760f4accd3b22e94
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUBddcSvNdsiF%2BKQGsEVZ0GPkhldSCDUV1MyUK8sMTXKT7utBJ8A4STDarWjE8KxmNw5rT5qkqMaKDISvxBWz7Dqhegoe%2BUXXdxkrd291%2B%2FvsuTfcYdBlj4AZns3d%2BRXEyMO"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d189cafe8e2017-IAD
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauque.com/sw-check-permissions/ 		0
1002 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/sw-check-permissions/4662709?var=6120639&ymid=787072908840411277&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxWI1BpU4mSJwsrYS0eGHJ%2FjIiocd8FZp6s0BJgn%2B14cGZad8keWgosQHvfF%2B7%2BeNjpyTzocv%2FaopmiuGWEiIVtFa6ANlhNtfu%2BDAK39uzaxFYQ0WTu2LyKQTAUoWgDaxiGc"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85d189cb9f512017-IAD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauque.com/ 		0
486 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787072908840411277&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=77faefe7-05d1-4848-94cd-85acf338a573&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
31748a7e657b5f107efbe7a1ab24f9dd
date
Thu, 29 Feb 2024 14:18:44 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3C0DoMfrJl5wQzDATAyD3%2FY56m%2Bxoz104m4SqluZp7wsccQR%2BpxXNDspBEcT6Q0xK1A8%2FIuf6q5F4gX0g291vgp2OHulqdPN8l9d0RoaOozzwhET5OEaQ2i0zfM5cYWmNY7f"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauque.com
access-control-allow-credentials
true
cf-ray
85d189cb9f532017-IAD
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=787072908840411277&var=6120639
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e69fbe640cf9ba761d58bf6c54c3e56630c64617ecb0a3c5e1badb90ac546f91
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:44 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauque.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauque.com/ 		793 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787072908840411277&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=77faefe7-05d1-4848-94cd-85acf338a573&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.207.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e055dd1c2463586268f0621835f7681ccadb87c6f1a190c88e3b99fff7da51f9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:44 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
4547763e570bdf933876517339cbb899
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqanvtNv3LoZiJvkk1dRQui12d9%2FZMcSwcp5TGaOnP%2BVZPbwNIKoZMxtoLdv5npV5qUy1gesU7IRF%2FYC0%2FQGNe9XFO8TvtY3kFDtXS1YzooljB%2BAUD%2B9TKIyevQ6nMNkSF7O"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85d189cbaf642017-IAD
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787072908840411277&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Primary Request extension.php
kingadblock.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9cb60ad097bc5b0ca3fa492067d83485ec705e61a0fe532e91d93efc7bda778

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d189ceea460253-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:18:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCWt%2Ffj%2BvDjoVd8h0A%2FG1kxES%2FIGtM5QA4zv%2FjHuYZIHkrnEpbn6f68vsg88h3B%2FvUammz1SWsWPiDswZN%2Bjr3dBnjixiEzuv73d2sAUuwBNsLH1pIA0jjBrbyxZ2sXmVcy0Ue%2FUAofHQ%2FV3WQk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cat.php
gluxouvauque.com/ 		0
0
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9366453
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGeRisB10vFSOzGLvSzVgNXtEEhQpwqeY4IyAtUQ7NgK%2F8W0rH9ECmaO%2BM8sRIfpnPAowSFRvfqrLR1UIuHNLaK4KznrvWXEeWaLr7gLwxnbc2asIcZhwOrO%2BzRDGETpWE7d6yCq54LOJMZVy9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85d189cf4c841913-FRA
icon.png
kingadblock.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/icon.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:45 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 16 Aug 2023 09:41:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64dc99af-1121"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6N2e2PTf7Acjw70IFfZYHMAQ2wTzhpJCN2vehOwmSv8RcYv1PSckApt8YDiYkBkW1MM7qi%2BCkin1OQV7IvN5pyC4JdpcrgnraylmG3I%2BzOX9iSOQBkKvuGo0JqJIBxHkzYlhq%2FRlErB%2Bw3b6QE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85d189cf3a9e0253-CDG
alt-svc
h3=":443"; ma=86400
content-length
4385
cws.png
kingadblock.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/cws.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:18:45 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 04 Sep 2023 08:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f59bc7-d6b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq90o1nIboFhVNGeozVwkINOay5jtyafnFNos8dELrYx1AqqqTOhSh6vkej8nQ9%2FEoX%2F1C7wlwWZrEACUy6wVSEIfo9b39YaW0h2dBsp9U9M%2BuDnasM6OT2v2kqdjTviJaZQTZCoy5s4JeLmWuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85d189cf3aa10253-CDG
alt-svc
h3=":443"; ma=86400
content-length
3435
icon.png
flcjnflecolckmhfcmhhkichjhajjnlb/ 		0
0
a.php
tururu.info/ Frame 21C0 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=787072913013748456&z=4662728&v=12&dr=&inw=1600&inh=1200
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:afa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://kingadblock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d189cfc97fb8e2-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:18:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6QKAypxiCHKwv8fOCockuTSG%2Bb3VLaVvVt1eX2mAKwfzhWwOduFo7FxwzSr4dZpTVtrCQG8%2FX810j311%2FpD308pFjw%2BkPL%2FokeJu5tBIXp5KUs3HDvMYYu5a3ZL4DL7pKAXdvdu2NU%2B0A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
clear.php
kingadblock.com/ Frame 7619 		0
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/clear.php
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d189cf8e507025-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:18:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxQrnSEfwc2BXQXmlioYdN7hjDAc0M8mzARs4yIr7aF%2FaSRJX7dqyYcenl%2BJlB1SS6MmCEM24i5mztKnYAgPhYjL9DwOyhUGOWyZ28QN%2B8b0l7f0XnX4pK0rDFqKggwm3xFfF9c61Y%2FBpCdo%2FGc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
gluxouvauque.com
URL
https://gluxouvauque.com/rhd?rb=ljbc-tjQlbtEnPucJoke6jBYLnJvjlrMrWhDSyG2ci3WMK9WE5GC698rAkwZaoP1F8jCdXq2_mGbgWpoNdToVu8-Ex4kHU9tDza5JGIxFssCvqE-_BitGdTJRcM511gZuFfLIQeyZbeVJAuxla7ZCMyuYonwOFQA_gnMiLPThnyArYfQOEiJ8tLzbfiZzp3gEPBhB9z7MnpDNsdHZ3KuI1DQWP9v4q2BkD-SpaNugkNwWUKZQFFAA1wZHPE64EyIcSIwEBQR09tKj862qCw_S08OHg_A3-BnDkmCqdzhtTT37bkCj69fhv3S40ptly1iA7hfhROCP-wijlrvL13Wz6orNnfAowlviXNVL6C5zGIag9AXl8oeAqOFPdjnticwd8DY-rDNhssNB0YdHrHjBXpA3IJ0u7JpiMgGAonl2utRJdaXSFSFr13W-4930YTENsDt9-WSd_Hx8EKqkZ6mj5bYhj_kl-1OAG3UQZ5wnOYYsXAr1B-74jIwYSPxqkZsUjIpkT1fZRuxQNf-IY6Mx3zvy1oWryMb2mEiGPhnPhasH2dV&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauque.com%2F%3Fs%3D787072908840411277%26ssk%3Dc024c49ace9df5d7a9bc303373f37ca0%26svar%3D1709216323%26z%3D6120639%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6120639&var3=787072908840411277&ymid=&rhd=1&m=link
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
gluxouvauque.com
URL
https://gluxouvauque.com/cat.php?userId=a5bf03868170c43524383f7dc6d7a095&zoneid=4662728&rb=vaxhZqgvbv_6ZmkNniOStXncngHQOBGaWvz5CME-jL73KsE1axRgGa-Qr63PUT1CiTKBRxTGkB1UslEfKEwdB7pukL5QWIf_Q0MTid8BwOfdL798MomSoqODTpP6Aj81NDs5h3PCGzzm9LsyUc5KPnl8qH6p3n0idCpkKrmD_7bTWm53hWBZap-gBX_GZ932JoyK6ErosJhDrYV3Foor9q1ugp6sDtPiyI5Abv8ZtXHPsfguVS_-82YoCgzTPl5c85B4kglCufQ4oBECFub5SY8bRgwKPoV2KRkU1a_IaHZCltD5TIQS8EROyY6-Od7n4takMuwNCmFyjc4bDT_2YN_FJHxbK6DW5m5ASF2FvYVtnfzXY7IgfYtkwOQPSqS51KeIOyuqZcSfRt3P88yx4s9uq0PbJwvAqkSbJzWeN3cLZxf7e3opLpWEIPp3Pxu2gHTOkuY6P8YUDATMTYWLECBOV1AOB1jwSSDX-91nJFlhnTHxy6LwoeVDBvAEqxfrnP0o0XGI4DDCPmSRF4qnrNdrpiOa7vXQIKx6KPikKWIoq2oAFso0QA==&var=6120639&var3=787072908840411277&ymid=&rhd=1
Domain
flcjnflecolckmhfcmhhkichjhajjnlb
URL
chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

15 Cookies

Domain/Path Name / Value
offmantiner.com/ Name: OAID
Value: 0080118e5f534296e9ddf51d89d5a9c8
offmantiner.com/ Name: oaidts
Value: 1709216323
my.rtmark.net/ Name: ID
Value: 0080118e5f534296e9ddf51d89d5a9c8
offmantiner.com/ Name: syncedCookie
Value: true
gluxouvauque.com/ Name: oaidts
Value: 1709216323
gluxouvauque.com/ Name: syncedCookie
Value: true
gluxouvauque.com/ Name: OAID
Value: a5bf03868170c43524383f7dc6d7a095
gluxouvauque.com/ Name: prefetchAd_4662728
Value: true
gluxouvauque.com/ Name: reverse
Value: Wm2VSJ38hVeYfmG1Mfy3YC2qAzQR21kN3FF_6i9-TgE
.tururu.info/ Name: c0083
Value: cjpaHP126pWlp16
.tururu.info/ Name: r0083
Value: pa
.tururu.info/ Name: cid0083
Value: 787072913013748456
.tururu.info/ Name: z0083
Value: 4662728
.tururu.info/ Name: e0083
Value: VPGCNBK0FG
.tururu.info/ Name: _asd
Value: 17092163254860533

15 Console Messages

Source Level URL
Text
other warning URL: https://offmantiner.com/4/6120639/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787072908840411277&ssk=c024c49ace9df5d7a9bc303373f37ca0&svar=1709216323&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095(Line 45)
Message:
Access to XMLHttpRequest at 'chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png' from origin 'https://kingadblock.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787072913013748456&jp=pa&oaid=a5bf03868170c43524383f7dc6d7a095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

becast.onionlive.workers.dev
cdn.jsdelivr.net
datatechone.com
flcjnflecolckmhfcmhhkichjhajjnlb
gluxouvauque.com
jouteetu.net
kingadblock.com
my.rtmark.net
offmantiner.com
tururu.info
flcjnflecolckmhfcmhhkichjhajjnlb
gluxouvauque.com
jouteetu.net
139.45.195.8
139.45.197.245
139.45.197.251
172.64.207.29
2606:4700:3030::6815:923
2606:4700:3037::ac43:afa1
2606:4700::6810:5914
2a06:98c1:3121::3
37.48.68.71
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
2ea788f1c63e4546f938297c1ab441b62385263081370af0eff7577598a9b3e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1
a68d9ee83e7f43558fa2110ac75badf6cb76e41e56765bbdd5ffaa12d47281af
a930d5683f521a16b85d2a28366e592bed0d0a57f67797f3742a0db91f869e3f
bbde98eb39d711f803483c5e02c98fda77ad9f55f2f9f41d601df6ed272ce826
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
cd5510ca4b3c9d6d7f2f9c6ecd4ed6c4e8957767862cfcac8a9a6cd2f7b3ac3c
e055dd1c2463586268f0621835f7681ccadb87c6f1a190c88e3b99fff7da51f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69fbe640cf9ba761d58bf6c54c3e56630c64617ecb0a3c5e1badb90ac546f91
e6b2909e40be6bbe7cf565e31b66771307ce8fb214dc4ee57fada84eafe72510
e9cb60ad097bc5b0ca3fa492067d83485ec705e61a0fe532e91d93efc7bda778
fa52656db55b19899a9de3d3fe8e33dfe0bb95ed506315fc5a8b54af0df5d3b7