xglamour.win Open in urlscan Pro
104.21.8.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://appconfig.semana.com/vidopuziw64388.php
Effective URL:
https://xglamour.win/vidopuziw64388.php
Submission: On January 04 via manual (January 4th 2023, 12:21:18 am UTC) from SE — Scanned from SE

Summary HTTP 75 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 21 domains to perform 75 HTTP transactions. The main IP is 104.21.8.172, located in and belongs to CLOUDFLARENET, US. The main domain is xglamour.win.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2023. Valid for: 3 months.

This is the only time xglamour.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.190.183.107 54.190.183.107	16509 (AMAZON-02) (AMAZON-02)
5	104.21.8.172 104.21.8.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.201.202 142.250.201.202	15169 (GOOGLE) (GOOGLE)
1	104.21.234.228 104.21.234.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.187.238 172.67.187.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.235.49 104.21.235.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
1	87.240.185.135 87.240.185.135	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	104.21.234.5 104.21.234.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	67.202.114.141 67.202.114.141	32748 (STEADFAST) (STEADFAST)
1	185.178.208.40 185.178.208.40	57724 (DDOS-GUARD) (DDOS-GUARD)
1	87.240.185.133 87.240.185.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	104.26.10.39 104.26.10.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.70 99.86.4.70	16509 (AMAZON-02) (AMAZON-02)
2 4	104.21.233.127 104.21.233.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.137.35 172.64.137.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	87.250.247.181 87.250.247.181	13238 (YANDEX) (YANDEX)
3	45.155.120.156 45.155.120.156	35277 (LLHOST-IN...) (LLHOST-INC-SRL)
9	20.119.175.244 20.119.175.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.180.234 142.250.180.234	15169 (GOOGLE) (GOOGLE)
1 2	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
75	22

1 54.190.183.107 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-183-107.us-west-2.compute.amazonaws.com

appconfig.semana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.8.172 (None, )

ASN13335 (CLOUDFLARENET, US)

xglamour.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.202 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.228 (None, )

ASN13335 (CLOUDFLARENET, US)

lp.cutefans.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.187.238 (United States)

ASN13335 (CLOUDFLARENET, US)

tg.onedragon.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.49 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.readdetectiveconan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.185.135 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv135-185-240-87.vk.com

sun9-8.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

safebooru.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.234.5 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

img1.gelbooru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.202.114.141 (Palos Park, United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip141.67-202-114.static.steadfastdns.net

gelbooru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.178.208.40 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

cs10.pikabu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.185.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-185-240-87.vk.com

sun9-6.userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.10.39 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.donmai.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-70.fra6.r.cloudfront.net

image.tmdb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.233.127 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

img2.rule34.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rule34.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.137.35 (United States)

ASN13335 (CLOUDFLARENET, US)

static12.hentai-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static4.hentai-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 87.250.247.181 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: avatars.mds.yandex.net

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.155.120.156 (Haarlem, Netherlands)

ASN35277 (LLHOST-INC-SRL, RO)
PTR: push-eu-gr3-04.texdom.org

superiordating.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 20.119.175.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssl.microsofttranslator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.234 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

ssl.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	microsofttranslator.com ssl.microsofttranslator.com — Cisco Umbrella Rank: 144549	42 KB
9	gelbooru.com 6 redirects img1.gelbooru.com — Cisco Umbrella Rank: 707620 gelbooru.com — Cisco Umbrella Rank: 129374	2 KB
8	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 4153	128 KB
5	xglamour.win xglamour.win	87 KB
4	rule34.us 2 redirects img2.rule34.us — Cisco Umbrella Rank: 186095 rule34.us — Cisco Umbrella Rank: 160101	3 MB
3	superiordating.top superiordating.top	29 KB
3	imgur.com i.imgur.com — Cisco Umbrella Rank: 4867	4 MB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 520 fonts.googleapis.com — Cisco Umbrella Rank: 127	64 KB
2	bing.com 1 redirects ssl.bing.com — Cisco Umbrella Rank: 138191 www.bing.com — Cisco Umbrella Rank: 90	565 B
2	hentai-img.com static12.hentai-img.com — Cisco Umbrella Rank: 745506 static4.hentai-img.com — Cisco Umbrella Rank: 912868
2	donmai.us cdn.donmai.us — Cisco Umbrella Rank: 130083	464 KB
2	safebooru.org safebooru.org	232 KB
2	userapi.com sun9-8.userapi.com — Cisco Umbrella Rank: 39184 sun9-6.userapi.com — Cisco Umbrella Rank: 39421	191 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	tmdb.org image.tmdb.org — Cisco Umbrella Rank: 11011	78 KB
1	pikabu.ru cs10.pikabu.ru — Cisco Umbrella Rank: 178997	109 KB
1	readdetectiveconan.com cdn.readdetectiveconan.com — Cisco Umbrella Rank: 487960	122 KB
1	onedragon.win tg.onedragon.win	744 B
1	cutefans.win lp.cutefans.win	976 B
1	semana.com 1 redirects appconfig.semana.com	236 B
0	booru.org Failed furry.booru.org Failed
75	21

	Domain	Requested by
9	ssl.microsofttranslator.com	xglamour.win ssl.microsofttranslator.com ajax.googleapis.com
8	avatars.mds.yandex.net	xglamour.win
6	gelbooru.com	3 redirects xglamour.win
5	xglamour.win	xglamour.win
3	superiordating.top	tg.onedragon.win superiordating.top
3	img1.gelbooru.com	3 redirects
3	i.imgur.com	xglamour.win
2	rule34.us	1 redirects xglamour.win
2	img2.rule34.us	1 redirects xglamour.win
2	cdn.donmai.us	xglamour.win
2	safebooru.org	xglamour.win
2	ajax.googleapis.com	xglamour.win tg.onedragon.win
1	fonts.gstatic.com	fonts.googleapis.com
1	www.bing.com
1	ssl.bing.com	1 redirects
1	fonts.googleapis.com	superiordating.top
1	static4.hentai-img.com	xglamour.win
1	static12.hentai-img.com	xglamour.win
1	image.tmdb.org	xglamour.win
1	sun9-6.userapi.com	xglamour.win
1	cs10.pikabu.ru	xglamour.win
1	sun9-8.userapi.com	xglamour.win
1	cdn.readdetectiveconan.com	xglamour.win
1	tg.onedragon.win	xglamour.win
1	lp.cutefans.win	xglamour.win
1	appconfig.semana.com	1 redirects
0	furry.booru.org Failed	xglamour.win
75	27

This site contains links to these domains. Also see Links.

Domain
www.bing.com
aka.ms
www.facebook.com

Subject Issuer	Validity	Valid
*.xglamour.win GTS CA 1P5	`2023-01-02` - `2023-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-06` - `2023-02-05`	a year	crt.sh
*.onedragon.win E1	`2022-12-25` - `2023-03-25`	3 months	crt.sh
*.readdetectiveconan.com GTS CA 1P5	`2022-11-21` - `2023-02-19`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.userapi.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-06-07` - `2023-04-03`	10 months	crt.sh
cs10.pikabu.ru R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
donmai.us Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
*.tmdb.org Amazon	`2022-11-22` - `2023-12-21`	a year	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
superiordating.top R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.microsofttranslator.com Microsoft Azure TLS Issuing CA 01	`2022-10-25` - `2023-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xglamour.win/vidopuziw64388.php
Frame ID: A53CEDC1975AD7E1085FF315F64B02C0
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Riko made in abyss naked | 🍓riko (made in abyss) drawn by tsuda_nanafushi Danbooru

Page URL History Show full URLs

http://appconfig.semana.com/vidopuziw64388.php HTTP 301
https://xglamour.win/vidopuziw64388.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

61 %
HTTPS

0 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

8747 kB
Transfer

8935 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bing.com/translator

Search URL Search Domain Scan URL

URL: https://aka.ms/widget-retirement
Title: Unavailable

Search URL Search Domain Scan URL

URL: http://www.bing.com/translator

Search URL Search Domain Scan URL

URL: https://www.facebook.com/microsofttranslator

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://appconfig.semana.com/vidopuziw64388.php HTTP 301
https://xglamour.win/vidopuziw64388.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://img1.gelbooru.com/images/e1/7b/e17b1467904f28e9594cfe2e7ce0720f.jpeg HTTP 302
https://gelbooru.com/hotlink.php?hash=/images/e1/7b/e17b1467904f28e9594cfe2e7ce0720f.jpeg HTTP 302
https://gelbooru.com/index.php?page=post&s=view&id=5147897

Request Chain 16

https://img1.gelbooru.com/images/f2/e6/f2e6c0391f15c8a6e240094fc1967db7.png HTTP 302
https://gelbooru.com/hotlink.php?hash=/images/f2/e6/f2e6c0391f15c8a6e240094fc1967db7.png HTTP 302
https://gelbooru.com/index.php?page=post&s=view&id=3496284

Request Chain 17

https://img1.gelbooru.com/images/bd/0c/bd0c854c042b09e9210d988ce144ace1.jpeg HTTP 302
https://gelbooru.com/hotlink.php?hash=/images/bd/0c/bd0c854c042b09e9210d988ce144ace1.jpeg HTTP 302
https://gelbooru.com/index.php?page=post&s=view&id=4721201

Request Chain 26

https://img2.rule34.us/images/ad/e1/ade180613cb51e210bf1efcec8331f86.jpeg HTTP 302
https://rule34.us/hotlink.php?hash=/images/ad/e1/ade180613cb51e210bf1efcec8331f86.jpeg HTTP 302
https://rule34.us/index.php?r=posts/view&id=4305937

Request Chain 64

https://ssl.bing.com/widget/metrics.js HTTP 302
https://www.bing.com/widget/metrics.js

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request vidopuziw64388.php Show response
xglamour.win/
Redirect Chain

http://appconfig.semana.com/vidopuziw64388.php
https://xglamour.win/vidopuziw64388.php

29 KB
9 KB

192ms
94ms

Document
text/html

104.21.8.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320d2f35257e40397ca02a6601c960e5fc5e1a5cae19d821ef4d327795dc212b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 783fd00afcb1b505-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 00:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3JuulDIPPLthLK8w66Ms0rBIHLYWEvPlHrgWd1x9LguJfMV0sduXhqWr4dDjsi5444jarA1xs%2FMjSpgzlZo1zShKQKJetw1CwxmkWvfnSSVYI1as3%2B7NErT538B2HY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 04 Jan 2023 00:21:11 GMT
Location: https://xglamour.win/vidopuziw64388.php
Server: nginx/1.22.0
Transfer-Encoding: chunked

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 218ms
63ms Script
text/javascript 142.250.201.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js?ver=1.7.1

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f10.1e100.net

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jan 2024 10:14:08 GMT

GET
H2 200 jquery.lazyload.js Show response
xglamour.win/js/ 9 KB
3 KB 45ms
43ms Script
application/javascript 104.21.8.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglamour.win/js/jquery.lazyload.js
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975da8d895d45c00422e72e16e66ecb493035db188913c3efd40ea7c9e156b79

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/vidopuziw64388.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Aug 2022 20:24:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23
etag: W/"23cc-5e69de1e9c080-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJtmmpV54VPbTrtHt2XHqg0lZ%2FAgg8z%2BuOC4nikdVvg7iNddCbTPgt34GLaaYqbcdIN8iHjB3G7s1ueVHcc9nycZUXzMxI8El62dwzDmKG10obFxCbeZV%2BsggiigDM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 783fd00bad0bb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
xglamour.win/ 4 KB
1 KB 47ms
45ms Stylesheet
text/css 104.21.8.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xglamour.win/style.css
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.8.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8e58bd1179ba979a1d4bcbcb66d9b901b17c7e33d9bab5f5f78a1cc753d9a9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/vidopuziw64388.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Aug 2022 20:24:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23
etag: W/"f2f-5e69de1e9c080-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpCCglL%2BCuPfD1syMCtcZ3CogL3%2F%2FOocNqZh9v3byxpkf92ueoqAwwIgh7W54L9Kw%2F4yDetBp%2Bl9izHP6cFhIWDmGiH0%2Bsz1Lr6qovc0M6xoTYQS%2BWYxemCWmDNdT38%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 783fd00bad08b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 popunder.js Show response
lp.cutefans.win/js/ 812 B
976 B 178ms
58ms Script
application/javascript 104.21.234.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cutefans.win/js/popunder.js
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 12:38:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3667
etag: W/"60a506d8-32c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x29zHwz4v6bkmcJGWtPgK4VHZuK24InliXIdv8jIkZwouV8J026ZzFehtpioOfK%2FoRzhfC0UdF492aDah8RBY3KdIB5hY9oKESI39TTwIrmTJPVrFeAHitSs4NgBWWV9zLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, no-transform
cf-ray: 783fd00c6986b8c4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pops Show response
tg.onedragon.win/ 195 B
744 B 209ms
79ms Script
application/javascript 172.67.187.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tg.onedragon.win/pops
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.187.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5243d0a061cf1dc7e87d93cf9aec7b28eca3e81468d3af885139fc99d066085

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:21:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1i7CuFqm2f38vTJ0lE8MLXZ14100CR9CmIjSEZG%2BB3XCNZQ9XyT84S88OCUwzbfxwNTRJtCfuZ7QiN6Uw6vrcVx%2Fgzuk3DJOVkdTQplPasewxPKSQy22%2FUPNj2VadKVeF5d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 783fd00c79020b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 de_tik_tok_2.jpg
xglamour.win/wp-content/ 70 KB
71 KB 62ms
61ms Image
image/jpeg 104.21.8.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xglamour.win/wp-content/de_tik_tok_2.jpg
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.8.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a1079d7b9c855827ffc37415458622deb28874a03c30882c281ca828ffa9d8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/vidopuziw64388.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:11 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 18:29:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3697
etag: "119aa-5c97509a94c80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pvud17dBa5nbTh8Fe0rWTgvTgTq7fBMk7xzB%2BilgFDWnpuYvkgklCcleVSniOaL0W%2FthUcCgM%2BKpE1mQYP3rqc8NXRs2xvkzMWUYvaHjSXXYaPjxEzl9AChGPusUE9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 783fd00d0b530a67-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72106

GET
H3 200 play.png
xglamour.win/ 3 KB
4 KB 86ms
85ms Image
image/png 104.21.8.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xglamour.win/play.png
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.8.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5367c792e8ace11cabf1a6f0ae3377aeaa99569a080a7baca55f0190c604453c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/vidopuziw64388.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:11 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 28 Jul 2022 18:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ce2-5e4e1809b7700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rteZwyzynnLMD38fWUVCP%2FDtk531Ju%2BhSkZ0q%2BKPNMbGzBvZOpRH1e8PPGxy43%2BWhiAquBAg%2B8SAlRlxjXWHp6WY9%2Fh2mYCqEb2W8XsHYJAyHEm8h6K3CSqgAckhqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 783fd00d8bca0a67-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3298

GET
H2 200 18.jpg
cdn.readdetectiveconan.com/file/mangap/2679/10024000/ 122 KB
122 KB 407ms
276ms Image
image/jpeg 104.21.235.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.readdetectiveconan.com/file/mangap/2679/10024000/18.jpg
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.235.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f77e3b3f62f34c744131a377eb928c2a33c2ea814afb3569c1f78a67555086

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_z1bf723a776f423fd793d0017_f103423e2bcc3c4ce_d20200812_m110018_c002_v0001142_t0008
x-bz-replication-status: COMPLETED
x-bz-content-sha1: 339fa4b6826accc288b96b3c93a9cba7079c3612
x-bz-file-name: 2679/10024000/18.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 124459
x-bz-info-src_last_modified_millis: 1597230015272
x-bz-upload-timestamp: 1597230018000
last-modified: Sun, 01 Jan 2023 02:09:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2HjZPMDQtYusvqjZwOzhCkpP8JKyBPsBZkmB7MZEP7G11LDzzGIrh2RV2t%2F8ce8IW0fmCa6OyC0vBErg%2F6mN76WPaen6SgxrYDsMA8sxEFTM%2BSxrLs9RyRpfmSBtWQ1%2BJ%2FyHG3wYn9PCn3TKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 783fd00fd843b900-AMS

GET
H2 200 dtnPDsE.gif
i.imgur.com/ 4 MB
4 MB 403ms
271ms Image
image/gif 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/dtnPDsE.gif

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0f8b4a11d5f03c655b6dc5562da901fa8f3d4379760dee984d1d2eb266346274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 22
x-cache: HIT, MISS
x-amz-storage-class: STANDARD_IA
content-length: 3791005
x-served-by: cache-iad-kiad7000028-IAD, cache-hhn-etou8220053-HHN
last-modified: Sat, 15 Jul 2017 21:22:31 GMT
server: cat factory 1.0
x-timer: S1672791672.308033,VS0,VE206
etag: "578c126433d23d92aad869f26b53defb"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 6JoN5BgBp2E.jpg
sun9-8.userapi.com/impg/UKwNVBSffcwY5tIV-hozVSe_3m3_6OdBMHegUw/ 108 KB
108 KB 174ms
75ms Image
image/jpeg 87.240.185.135
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-8.userapi.com/impg/UKwNVBSffcwY5tIV-hozVSe_3m3_6OdBMHegUw/6JoN5BgBp2E.jpg?size=604x453&quality=96&sign=686cec16532f3c5011539a71a7ecd3f3&type=album

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.185.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv135-185-240-87.vk.com

Software

kittenx /

Resource Hash

0e1146382c8afb9fc15c842c81531637e52fdd8602be1752be81a306a08be974

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
strict-transport-security: max-age=15768000
x-frontend: front221107
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
x-imp: 838720
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Quic
content-length: 110521
expires: Fri, 03 Feb 2023 00:21:12 GMT

GET
H2 200 d36d1042671976ad518a39a28aaf4025a14c35f9.jpg
safebooru.org/images/2326/ 140 KB
141 KB 152ms
44ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safebooru.org/images/2326/d36d1042671976ad518a39a28aaf4025a14c35f9.jpg?2438106
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f75f3b2dded3f1e6d61c8bfdd81da8b3feadd13be87c14fb1c1630a6040f66

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143832
last-modified: Sun, 21 Jan 2018 09:00:02 GMT
server: cloudflare
etag: "5a645692-231d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmNIUnRNkH0uA10wPKwxJ1w31Rb6PamsXtA09I8SMU9bWDPoJ6EZfHCl7IdBv7EpFfugyEmP9GwnM2UBlSqvU8YBsgENhlaH4yIxYiDHP%2BYHFhvebJTX6iIe2kAXBFoL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 783fd00fca8b0b3d-OSL
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 y4vssqz.jpg
i.imgur.com/ 711 KB
712 KB 282ms
159ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/y4vssqz.jpg

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

752af532064c7cc2469aad35ea475a88f957be65db464de503b117d63a7d655f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2399073
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 728205
x-served-by: cache-iad-kjyo7100029-IAD, cache-hhn-etou8220053-HHN
last-modified: Sat, 05 Aug 2017 04:40:09 GMT
server: cat factory 1.0
x-timer: S1672791672.308097,VS0,VE3
etag: "112cdfbfea4623f71160d5dc37693b39"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2

200

index.php
gelbooru.com/
Redirect Chain

https://img1.gelbooru.com/images/e1/7b/e17b1467904f28e9594cfe2e7ce0720f.jpeg
https://gelbooru.com/hotlink.php?hash=/images/e1/7b/e17b1467904f28e9594cfe2e7ce0720f.jpeg
https://gelbooru.com/index.php?page=post&s=view&id=5147897

0
0

304ms
303ms

Image
text/html

67.202.114.141
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gelbooru.com/index.php?page=post&s=view&id=5147897
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Server: 67.202.114.141 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip141.67-202-114.static.steadfastdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

location: index.php?page=post&s=view&id=5147897
pragma: no-cache
date: Wed, 04 Jan 2023 00:21:12 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
server: nginx/1.18.0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 og_og_1604970614219955928.jpg
cs10.pikabu.ru/post_img/2020/11/10/2/ 109 KB
109 KB 195ms
85ms Image
image/jpeg 185.178.208.40
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs10.pikabu.ru/post_img/2020/11/10/2/og_og_1604970614219955928.jpg

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.40 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

a142bb52826f52f2f47f9ce7a5e4e580f95e10b936d01e61c12699684828b7ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 03 Jan 2023 15:44:04 GMT
last-modified: Tue, 10 Nov 2020 01:10:03 GMT
server: ddos-guard
age: 31028
etag: "5fa9e86b-1b2c0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
ddg-cache-status: HIT,HIT
cache-control: max-age=604800
accept-ranges: bytes
content-length: 111296
expires: Tue, 10 Jan 2023 15:44:04 GMT

GET
H2 200 yqzGFKb.jpg
i.imgur.com/ 165 KB
165 KB 174ms
51ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/yqzGFKb.jpg

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

188c8049c97e66a408e732ae9c60849938f2f765f134683ad0d8d36f0dab8d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 387583
x-cache: MISS, HIT
x-amz-storage-class: STANDARD_IA
content-length: 168571
x-served-by: cache-iad-kcgs7200024-IAD, cache-hhn-etou8220053-HHN
last-modified: Sat, 15 Jul 2017 23:34:57 GMT
server: cat factory 1.0
x-timer: S1672791672.308150,VS0,VE1
etag: "2487564cb8568de4712167eb595aedc1"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 pDiBNPxhTdQ.jpg
sun9-6.userapi.com/c854532/v854532764/21baf2/ 82 KB
83 KB 225ms
80ms Image
image/jpeg 87.240.185.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sun9-6.userapi.com/c854532/v854532764/21baf2/pDiBNPxhTdQ.jpg

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.185.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv133-185-240-87.vk.com

Software

kittenx /

Resource Hash

2d29bc6ee3e7ea90e10c729e24f1071bc150ee2773537f4d58190357e056ac4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
strict-transport-security: max-age=15768000
x-frontend: front221105
last-modified: Fri, 17 Apr 2020 21:41:37 GMT
server: kittenx
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Frontend
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Quic
content-length: 84364
expires: Fri, 03 Feb 2023 00:21:12 GMT

GET
H2

200

index.php
gelbooru.com/
Redirect Chain

https://img1.gelbooru.com/images/f2/e6/f2e6c0391f15c8a6e240094fc1967db7.png
https://gelbooru.com/hotlink.php?hash=/images/f2/e6/f2e6c0391f15c8a6e240094fc1967db7.png
https://gelbooru.com/index.php?page=post&s=view&id=3496284

0
0

304ms
304ms

Image
text/html

67.202.114.141
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gelbooru.com/index.php?page=post&s=view&id=3496284
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Server: 67.202.114.141 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip141.67-202-114.static.steadfastdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

location: index.php?page=post&s=view&id=3496284
pragma: no-cache
date: Wed, 04 Jan 2023 00:21:12 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
server: nginx/1.18.0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2

200

index.php
gelbooru.com/
Redirect Chain

https://img1.gelbooru.com/images/bd/0c/bd0c854c042b09e9210d988ce144ace1.jpeg
https://gelbooru.com/hotlink.php?hash=/images/bd/0c/bd0c854c042b09e9210d988ce144ace1.jpeg
https://gelbooru.com/index.php?page=post&s=view&id=4721201

0
0

165ms
165ms

Image
text/html

67.202.114.141
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gelbooru.com/index.php?page=post&s=view&id=4721201
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Server: 67.202.114.141 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip141.67-202-114.static.steadfastdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

location: index.php?page=post&s=view&id=4721201
pragma: no-cache
date: Wed, 04 Jan 2023 00:21:12 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
server: nginx/1.18.0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 51cc2afcb33db47d2cb2f31809597a4f.png
cdn.donmai.us/original/51/cc/ 423 KB
424 KB 379ms
264ms Image
image/png 104.26.10.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.donmai.us/original/51/cc/51cc2afcb33db47d2cb2f31809597a4f.png

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14baf0aa272495dc229241a3e90d93923250a1728dbcd9ed9546e208c691a8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
via: 172.71.95.14, irys, irys/danbooru-images-86957d77bf-4whb6
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 433500
last-modified: Fri, 23 Feb 2018 09:31:31 GMT
server: cloudflare
etag: "5a8fdf73-69d5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrKzDoEufZ0ZaFY97hJxzguu92VSLAhYlNi0MCYsy%2FTaOKBpcq8EuE37Wa%2BaRVerphHyKTSPlPnBsIYJEmbyn8q%2Fwk1wSosbmLtG2AOE3xm9MtlA5EVg5BbLIzSjBRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 783fd0100c96b722-AMS

GET
H2 200 rvaydf3c9lN6lY6bRXVHBfX0T0y.jpg
image.tmdb.org/t/p/original/ 77 KB
78 KB 295ms
161ms Image
image/jpeg 99.86.4.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/original/rvaydf3c9lN6lY6bRXVHBfX0T0y.jpg
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-70.fra6.r.cloudfront.net
Software: openresty /
Resource Hash: ae2f5cbca8bac83e5e86244adb7e34c6c822b5d7840c8dd48a55cdc130218b50

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Sun, 13 Aug 2017 00:16:54 GMT
server: openresty
x-amz-cf-pop: FRA6-C1
etag: "5efa7f402148bce9e67a4cb517a78849"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-tag: rvaydf3c9lN6lY6bRXVHBfX0T0y
cache-control: public, max-age=31536000
imagery: degrade=82, sample=2x2, difference=1.148
alt-svc: h3=":443"; ma=86400
content-length: 79211
x-amz-cf-id: XfN6wS4n7DEky7Vu-yICFsz7sRnp0NCH4P4Lhkphc5FWn7RBI0uHTA==

GET
H2 200 859832796c06e2b7040ee28f5f0db809.png
img2.rule34.us/images/85/98/ 3 MB
3 MB 182ms
57ms Image
image/png 104.21.233.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.rule34.us/images/85/98/859832796c06e2b7040ee28f5f0db809.png
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.233.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38810fec7d251abf2051ff9618b2018ada8774ec75a75c9795e5df3115b4b729

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1388766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2659194
last-modified: Tue, 16 Jun 2020 13:32:48 GMT
server: cloudflare
etag: "5ee8ca00-28937a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syHozWe66PR%2ByuK5rnSUkDlOza7bkzmj5Pcf5lPHS5LvwJaTgfHzQ4n79mdejFiJhjtAXO34Rq7VehsRiLPgCRfR5ARkXGvkaOlEwukD557fg9%2FzRKavICXwnVQa21gJ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 783fd0101a90b8ae-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET sample_a2bf857458cda04a74df4072c506eb1a.jpg
furry.booru.org/samples/1788/ 0
0

GET
H2 403 33.jpg
static12.hentai-img.com/upload/20210316/697/713029/ 0
0 343ms
226ms Image
text/html 172.64.137.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static12.hentai-img.com/upload/20210316/697/713029/33.jpg
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 403 79.jpg
static4.hentai-img.com/upload/20170805/321/328130/ 0
0 356ms
236ms Image
text/html 172.64.137.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.hentai-img.com/upload/20170805/321/328130/79.jpg
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 8651d5d59739bcdc7baa9ccd1f3fbb51.jpg
cdn.donmai.us/original/86/51/ 39 KB
40 KB 330ms
214ms Image
image/jpeg 104.26.10.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.donmai.us/original/86/51/8651d5d59739bcdc7baa9ccd1f3fbb51.jpg

Requested by

Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3adce41b96930ae725962759fb0ab7e86fbef6532172a8dce4313cac8876e497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
via: 172.71.94.234, irys, irys/danbooru-images-86957d77bf-4whb6
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40307
last-modified: Fri, 03 Nov 2017 22:44:07 GMT
server: cloudflare
etag: "59fcf137-9d73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFi1bsYZMqCPdkrbboD7kYQrvIsFMXI50ooBma6hIduo4G6lUaXE8FLWJdQiWi6m%2FAPfbyNiefCmLgqLDT7i%2BnsHh09x9j808%2B1a1Dl4inMqu6laEuCqvZ2Y8bqh8vc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 783fd0100c97b722-AMS

GET
H2 200 sample_90d58ca7d745ab61052520ea951745877c31b45e.jpg
safebooru.org/samples/2839/ 91 KB
91 KB 2256ms
2168ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safebooru.org/samples/2839/sample_90d58ca7d745ab61052520ea951745877c31b45e.jpg?2957828
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e44f09b9241181addc81ace9fcf87b8c552aca6b62b97dd6ee11ee3ea0e54f8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:14 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Nov 2019 14:00:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5de12494-16b43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bl33LV3FyjM4HA2sdGqI2y6fr%2Ba43u%2FhS9gZHkKCeYVaefXg2zNi%2BmNR7zjk5x8HDd6sgN%2FjYvNpx7m7LMXcagWU%2FjadZFVnpG8XU%2FM6P8tIsaeDR7SxI3bd%2FoIXLHF1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 783fd00fca8c0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92995
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

index.php
rule34.us/
Redirect Chain

https://img2.rule34.us/images/ad/e1/ade180613cb51e210bf1efcec8331f86.jpeg
https://rule34.us/hotlink.php?hash=/images/ad/e1/ade180613cb51e210bf1efcec8331f86.jpeg
https://rule34.us/index.php?r=posts/view&id=4305937

0
0

214ms
165ms

Image
text/html

104.21.233.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rule34.us/index.php?r=posts/view&id=4305937
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H3
Server: 104.21.233.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:21:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAkvjK%2BvI4PwLiaxxjxTvbcK2gOS3a0PA3dzSeXiM0QKbNtHcEeM%2Bm3bW1EWrqBbG34LuZbR2QSgIiwbd3uwrqyiQXW4BtGTW3TXdXIZmNP04%2BROD%2B49V5Z%2B5A8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: index.php?r=posts/view&id=4305937
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 783fd0113c2bb8ae-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 i
avatars.mds.yandex.net/ 15 KB
15 KB 249ms
118ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=94dd754bf30e579fa9ac49dad462e29a-4594612-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 1877708b8943d975220b6e38f42b76f534d644c4201046cfc133eca50968d963

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
last-modified: Wed, 04 Jan 2023 00:21:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14904
x-request-id: b380be626841422b

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 190ms
63ms Script
text/javascript 142.250.201.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tg.onedragon.win
URL: https://tg.onedragon.win/pops

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f10.1e100.net

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xglamour.win/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 04 Jan 2023 00:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 00:18:30 GMT

GET
H/1.1 200
OK p.js Show response
superiordating.top/js/push/ 19 KB
19 KB 219ms
103ms Script
application/javascript 45.155.120.156
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://superiordating.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1
Requested by: Host: tg.onedragon.win
URL: https://tg.onedragon.win/pops
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.155.120.156 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: push-eu-gr3-04.texdom.org
Software: nginx /
Resource Hash: d112be22f5670582cbff8333b8999be4197939dc64eeaa1b3ebb89a4ebdce379

Request headers

Referer: https://xglamour.win/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 04 Jan 2023 00:21:12 GMT
Last-Modified: Sun, 12 Jul 2020 15:13:32 GMT
Server: nginx
ETag: "5f0b289c-4a20"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18976

GET
H/1.1 200
OK style.css
superiordating.top/js/push/ 7 KB
7 KB 90ms
90ms Stylesheet
text/css 45.155.120.156
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://superiordating.top/js/push/style.css
Requested by: Host: superiordating.top
URL: https://superiordating.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.155.120.156 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: push-eu-gr3-04.texdom.org
Software: nginx /
Resource Hash: a02d23216c6457f31398e32ee141cc2ac5dc02597897f3ea4b2c213bcba7deb7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:21:12 GMT
Last-Modified: Sun, 20 Dec 2020 20:01:56 GMT
Server: nginx
ETag: "5fdfadb4-1b84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7044

GET i
avatars.mds.yandex.net/ 0
0

GET /
xglamour.win/%3Cbr%20/%3Ehttps://lookaside.fbsbx.com/lookaside/crawler/media/ 0
0

GET i
avatars.mds.yandex.net/ 0
0

GET
H2 200 WidgetV3.ashx Show response
ssl.microsofttranslator.com/ajax/v3/ 82 KB
35 KB 441ms
136ms Script
application/x-javascript 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.microsofttranslator.com/ajax/v3/WidgetV3.ashx?siteData=ueOIGRSKkd965FeEGM5JtQ**&ctf=False&ui=true&settings=Manual&from=
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85200335fd5c692fdc6b6869a17e77547f0733adb0ac8fe1a6102da5ac2eda65

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:21:11 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
cache-control: no-cache
x-ms-trans-info: s=11C1C
content-length: 35684
expires: -1

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 237ms
87ms Stylesheet
text/css 142.250.180.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Requested by

Host: superiordating.top
URL: https://superiordating.top/js/push/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f10.1e100.net

Software

ESF /

Resource Hash

ccf51aecf26c713a061b5ac74a83d36cf71dfab5e9f767e768fbab450bdef1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://superiordating.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 00:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 23:51:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 00:21:12 GMT

GET
H2 200 i
avatars.mds.yandex.net/ 16 KB
17 KB 162ms
162ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=285670a8f6c3f5b33478405cfe7858bb-4439117-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 7f0f0dae8e0767cd7a251490d4a685e84dc6372f1c6c34a645390efc85aba8b6

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
last-modified: Wed, 04 Jan 2023 00:21:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 16792
x-request-id: 78fbcca1bda88b61

GET
H2 200 i
avatars.mds.yandex.net/ 23 KB
23 KB 141ms
141ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=f54d254222af39807adb58dc9554cac7-4079986-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 7e1eb82a4b81f45cb861d480c8f717812ef73372e44866861fc7afbe5d2bf175

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
last-modified: Wed, 04 Jan 2023 00:21:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23338
x-request-id: 2c60847ec514245e

GET
H2 200 i
avatars.mds.yandex.net/ 15 KB
16 KB 152ms
152ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=e9b0fe8492dfe1ca29f6d593d84fae91-4936013-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: db87d1b6a9f2b1107f57a1642bb9d0f10c43f6102fbc62cf87aabe1ee5f92228

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
last-modified: Wed, 04 Jan 2023 00:21:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 15788
x-request-id: aa31ba0a0ae16ffd

GET
H2 200 i
avatars.mds.yandex.net/ 22 KB
22 KB 96ms
96ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=f5d3efaf3aaa0886cd4d13da4616c8e4-5906571-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: be7f9199c1c852d8002216ff8fbc1056b50512ca75bc6d3e4c801a85d1969306

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:12 GMT
last-modified: Wed, 04 Jan 2023 00:21:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22046
x-request-id: 70096902860b339f

GET
H2 200 i
avatars.mds.yandex.net/ 13 KB
14 KB 65ms
65ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=1593858bc17f520662493a72505e4d94-5499599-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: fc7d9cedb16eb7b5376c1bc2ee2b57255b81d57cc060da8050daee3e7a6f9bec

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Wed, 04 Jan 2023 00:21:13 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 13674
x-request-id: 3120cb20f0e65357

GET
H2 200 i
avatars.mds.yandex.net/ 10 KB
11 KB 104ms
103ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=49c851b1e7bf23967e3506657b6ecae9-5159711-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 4331e624b00606589ce2de2cdf1cd2b3ab16d3e6ae06f2c5ceb7d8460fa5fca1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Wed, 04 Jan 2023 00:21:13 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10470
x-request-id: 74011dbf9f2a30fd

GET
H2 200 i
avatars.mds.yandex.net/ 10 KB
11 KB 97ms
97ms Image
image/webp 87.250.247.181
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/i?id=33c22617e711cbc2992cddfbbb3e4f5d-4866825-images-thumbs&n=13
Requested by: Host: xglamour.win
URL: https://xglamour.win/vidopuziw64388.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.247.181 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 992852f23fee40139c5193f97bed4b1e6d35befc974f372616cd6cd2e6fe5b27

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Wed, 04 Jan 2023 00:21:13 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10424
x-request-id: fd964365470afd32

GET
H2 200 WidgetV3.css
ssl.microsofttranslator.com/static/27828690/css/ 13 KB
3 KB 131ms
131ms Stylesheet
text/css 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.microsofttranslator.com/static/27828690/css/WidgetV3.css?v=27828690
Requested by: Host: ssl.microsofttranslator.com
URL: https://ssl.microsofttranslator.com/ajax/v3/WidgetV3.ashx?siteData=ueOIGRSKkd965FeEGM5JtQ**&ctf=False&ui=true&settings=Manual&from=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2592ba8d75e8421d9d6c884b8b8d6e1dff738bcecf560801581de0c80223e4b8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "8077a932da8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 2608

GET
H2

404

metrics.js
www.bing.com/widget/
Redirect Chain

https://ssl.bing.com/widget/metrics.js
https://www.bing.com/widget/metrics.js

0
0

99ms
77ms

Script
text/html

204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/widget/metrics.js
Protocol: H2
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:14 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DA5AD9943ED4F99A87C64DDFED388D1 Ref B: STOEDGE1112 Ref C: 2023-01-04T00:21:14Z
vary: Accept-Encoding
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-cache: CONFIG_NOCACHE
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-5lE7IESbJdqo8qMAoSUI0ww/UFraXwTjM0DpTE9Lbno='; base-uri 'self';report-to csp-endpoint
content-type: text/html
cache-control: private
content-length: 1

Redirect headers

location: https://www.bing.com/widget/metrics.js
date: Wed, 04 Jan 2023 00:21:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F9251ACBEEA04971813B54F015B9588E Ref B: STOEDGE1112 Ref C: 2023-01-04T00:21:14Z
content-length: 0

GET
H2 200 WidgetLauncher.css
ssl.microsofttranslator.com/static/27828690/css/ 2 KB
1 KB 131ms
131ms Stylesheet
text/css 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.microsofttranslator.com/static/27828690/css/WidgetLauncher.css?v=27828690
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3eb98d625988f78a066b9a5ab80202251970bd314d81a323ca762f33311a09fd

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "4c68ed32da8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 1073

GET
H2 200 close_x.png
ssl.microsofttranslator.com/static/27828690/img/ 333 B
399 B 131ms
129ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.microsofttranslator.com/static/27828690/img/close_x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad022fd53c580787f819907c29f8e463c0b38e3f0a207cc8114640f592e57d5b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "ba2ed332da8d91:0"
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 333

GET
H2 200 bingmark.png
ssl.microsofttranslator.com/static/27828690/img/ 368 B
426 B 131ms
130ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.microsofttranslator.com/static/27828690/img/bingmark.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 859c14a7f4d5f0bf22a7d506ec526fc4521e5b8b187018798e8cf3e4db919298

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "9f7ec232da8d91:0"
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 368

GET
H2 200 fbookmark.png
ssl.microsofttranslator.com/static/27828690/img/ 310 B
368 B 131ms
130ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.microsofttranslator.com/static/27828690/img/fbookmark.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 78575038e018a1ed8d6aae156b8891bb779a3b66c340a2e183efcad2793d0f69

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "8b57bb32da8d91:0"
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 310

GET
H2 200 email_icon.png
ssl.microsofttranslator.com/static/27828690/img/ 288 B
346 B 131ms
131ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.microsofttranslator.com/static/27828690/img/email_icon.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e60efeee64ce3ba0d992566a6fc335438439ca70d02595d20ab400e562a142ff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "a230b432da8d91:0"
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 288

GET
H2 200 embed_question.png
ssl.microsofttranslator.com/static/27828690/img/ 260 B
317 B 132ms
131ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.microsofttranslator.com/static/27828690/img/embed_question.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 755c7ff4b447f5d119403dccaf2b5ed4963053d96cffef0c19f07c6b68129932

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "193b632da8d91:0"
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 260

GET
H2 200 binglogo_dark.png
ssl.microsofttranslator.com/static/27828690/img/ 1 KB
1 KB 132ms
131ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.microsofttranslator.com/static/27828690/img/binglogo_dark.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 393cec9afecdf72ddd4311d190d1fc309c8a702bf9507b79e5cebad4f1d20798

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:21:13 GMT
last-modified: Mon, 05 Dec 2022 18:48:43 GMT
server: Microsoft-IIS/10.0
etag: "ba2ed332da8d91:0"
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
x-ms-trans-info: s=11C1C
content-length: 1457

GET
H/1.1 200
OK susan37_ico2.jpg
superiordating.top/js/push/images/ 3 KB
3 KB 89ms
89ms Image
image/jpeg 45.155.120.156
LLHOST-INC-SRL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://superiordating.top/js/push/images/susan37_ico2.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.155.120.156 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS: push-eu-gr3-04.texdom.org
Software: nginx /
Resource Hash: 73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xglamour.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:21:16 GMT
Last-Modified: Sun, 20 Dec 2020 18:28:50 GMT
Server: nginx
ETag: "5fdf97e2-b88"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2952

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 185ms
60ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xglamour.win
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 448741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 19:42:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: furry.booru.org
URL: https://furry.booru.org/samples/1788/sample_a2bf857458cda04a74df4072c506eb1a.jpg?1814549

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=e7273b358ad5a2afc01eb6483048a08b-5008667-images-thumbs&n=13%3Cbr%20/%3Ehttps://d.furaffinity.net/art/toonexterminator/1334910164/1334910164.toonexterminator_another_victimdaversion.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=ea2f09dbcadee5c8217ddb8dd7d0de01-5704334-images-thumbs&n=13%3Cbr%20/%3Ehttps://www.freevector.com/uploads/vector/preview/1062/FreeVector-Sticking-Tongue-Out.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=0c6efb528b235f350a7596884328efcc-5424908-images-thumbs&n=13%3Cbr%20/%3Ehttps://i.pinimg.com/originals/fa/3d/2b/fa3d2b74b8261bde1161436c9139a8cf.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=be5c40d800d12a23361f135aee743bd7-5499599-images-thumbs&n=13%3Cbr%20/%3Ehttps://imgcloud.pw/images/2022/01/23/XH5nEF.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=f3cb88cc920e278f2a158fce705c1b0b-4688474-images-thumbs&n=13%3Cbr%20/%3Ehttps://hentaibedta.net/wp-content/uploads/2012/02/Haruka-Gangabang.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=0026d958447f06f82166a0aad66299fd-5233124-images-thumbs&n=13%3Cbr%20/%3Ehttps://cdn.over40handjobs.com/content/cock-twitching2.gif

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=075713662be165650380239713531794-5235774-images-thumbs&n=13%3Cbr%20/%3Ehttps://thumb-p1.xhcdn.com/a/6bF42iX-MqIl4jNnumh-_g/000/097/241/251_1000.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=60c3cd7f629798f42aa4520c59c40232-5244955-images-thumbs&n=13%3Cbr%20/%3Ehttp://xyya.net/uploads/posts/2016-12/1482085739_00746-42.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=2a0000017a0026f4765896f583b30e987b5e-4270085-images-thumbs&n=13%3Cbr%20/%3Ehttps://content.production.cdn.art19.com/images/71/72/47/f4/717247f4-5845-4ca6-b6f7-968c61cc8ecc/ad4dde22817c8fefc9bed8d5367f7af6300df583777f60e9d224f0ebe5f4df6fecb0a3d045dd816d125f1aa9703017737b92e6e1a61900af26cca7cb3caa2a25.jpeg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=d0ee2f581707fafd7d3a12d1915bdbaf-5232384-images-thumbs&n=13%3Cbr%20/%3Ehttps://i.imgflip.com/3hwfnq.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=15242c31b536cfffd47199482e9e340f-4252923-images-thumbs&n=13%3Cbr%20/%3Ehttps://coub-attachments.akamaized.net/coub_storage/coub/simple/cw_image/5404ce64e27/6f3e80e7824432c622bd1/1411393339_1403021890_00025.jpg

Domain: xglamour.win
URL: https://xglamour.win/%3Cbr%20/%3Ehttps://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=233764478321713

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=ecb68a0dc716a0ec8cb9444e0a7925bf-5264085-images-thumbs&n=13%3Cbr%20/%3Ehttps://www.timeout.ru/wp-content/uploads/serials/362299.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=1b06be34cbedbddc668fbeb37608bd57-4787453-images-thumbs&n=13%3Cbr%20/%3Ehttps://empiresportsmedia.com/wp-content/uploads/2020/05/USATSI_12275285-2048x1558.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=7db3bd5af53db63f27d88dacd074c686-5540534-images-thumbs&n=13%3Cbr%20/%3Ehttps://ae01.alicdn.com/kf/H129d2558990e4dbd9709b03b959dd8cfN.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=849ebe54efb9ed7fa5a9d2649eb3ee3c-5875933-images-thumbs&n=13%3Cbr%20/%3Ehttps://qph.fs.quoracdn.net/main-qimg-e3440882817688c6da22a8c4bc99c1a2

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=f896343fe8d7bd0836b528348d251187-5392366-images-thumbs&n=13%3Cbr%20/%3Ehttps://image.winudf.com/v2/image/Y29tLmFzaG9rc29mdC5hbm5hbWF5eWFrZWVydGhhbmFsdV9zY3JlZW5zaG90c18wX2JjNzE1MThm/screen-0.jpg?fakeurl=1&type=.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=2a0000017a104cf828d96b56870c9b1c05de-4571210-images-thumbs&n=13%3Cbr%20/%3Ehttps://the007world.com/wp-content/uploads/2020/06/Kourtney-Kellar.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=2a7e9bc8b4053673bec08c06b9b187b3-5368517-images-thumbs&n=13%3Cbr%20/%3Ehttps://costumerocket.com/wp-content/uploads/2019/04/jessie-cowboy-boots.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=43ac22ca33b24f64897983345b2b515a-5675003-images-thumbs&n=13%3Cbr%20/%3Ehttps://i.imgur.com/iBe8Zvp.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=fe2fe94a36ff2c87396d5c0fd561e5ee-6542844-images-thumbs&n=13%3Cbr%20/%3Ehttps://thumb-p9.xhcdn.com/a/iWoT0iufsHBm9vdfQNC8oA/000/460/423/349_1000.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=dae38c0262eda02e2097a33990714cd8-7090441-images-thumbs&n=13%3Cbr%20/%3Ehttps://vdojkah.com/uploads/posts/2021-10/1633625637_44-vdojkah-com-p-golie-obaldennie-devki-erotika-vkontakte-47.jpg

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/i?id=205ee2987f2f1cd6ebc1d3f1e46f5a97-5288127-images-thumbs&n=13%3Cbr%20/%3Ehttps://i.pinimg.com/736x/61/ff/fb/61fffbbb297f7f324d31111ea1c51537--calligraphy-letters-hand-lettering.jpg

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xglamour.win/dating.html	1969-12-31 23:59:59	Name: kxxxf Value: Riko%20made%20in%20abyss%20naked
.bing.com/	1970-01-20 18:01:27	Name: MUID Value: 00014013CAC26D023B84529CCB4D6C43
.bing.com/	1970-01-20 08:40:34	Name: SUID Value: M

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tg.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tg.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tg.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://superiordating.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://furry.booru.org/samples/1788/sample_a2bf857458cda04a74df4072c506eb1a.jpg?1814549 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=285670a8f6c3f5b33478405cfe7858bb-4439117-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://static12.hentai-img.com/upload/20210316/697/713029/33.jpg Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=f54d254222af39807adb58dc9554cac7-4079986-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://static4.hentai-img.com/upload/20170805/321/328130/79.jpg Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=e9b0fe8492dfe1ca29f6d593d84fae91-4936013-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=f5d3efaf3aaa0886cd4d13da4616c8e4-5906571-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=1593858bc17f520662493a72505e4d94-5499599-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=49c851b1e7bf23967e3506657b6ecae9-5159711-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xglamour.win/vidopuziw64388.php Message: Mixed Content: The page at 'https://xglamour.win/vidopuziw64388.php' was loaded over HTTPS, but requested an insecure element 'http://avatars.mds.yandex.net/i?id=33c22617e711cbc2992cddfbbb3e4f5d-4866825-images-thumbs&n=13'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.bing.com/widget/metrics.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appconfig.semana.com
avatars.mds.yandex.net
cdn.donmai.us
cdn.readdetectiveconan.com
cs10.pikabu.ru
fonts.googleapis.com
fonts.gstatic.com
furry.booru.org
gelbooru.com
i.imgur.com
image.tmdb.org
img1.gelbooru.com
img2.rule34.us
lp.cutefans.win
rule34.us
safebooru.org
ssl.bing.com
ssl.microsofttranslator.com
static12.hentai-img.com
static4.hentai-img.com
sun9-6.userapi.com
sun9-8.userapi.com
superiordating.top
tg.onedragon.win
www.bing.com
xglamour.win
avatars.mds.yandex.net
furry.booru.org
xglamour.win
104.21.233.127
104.21.234.228
104.21.234.5
104.21.235.49
104.21.8.172
104.26.10.39
142.250.180.234
142.250.186.99
142.250.201.202
146.75.120.193
172.64.137.35
172.67.187.238
185.178.208.40
188.114.96.3
20.119.175.244
204.79.197.200
45.155.120.156
54.190.183.107
67.202.114.141
87.240.185.133
87.240.185.135
87.250.247.181
99.86.4.70
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e1146382c8afb9fc15c842c81531637e52fdd8602be1752be81a306a08be974
0f8b4a11d5f03c655b6dc5562da901fa8f3d4379760dee984d1d2eb266346274
14baf0aa272495dc229241a3e90d93923250a1728dbcd9ed9546e208c691a8aa
1877708b8943d975220b6e38f42b76f534d644c4201046cfc133eca50968d963
188c8049c97e66a408e732ae9c60849938f2f765f134683ad0d8d36f0dab8d93
2592ba8d75e8421d9d6c884b8b8d6e1dff738bcecf560801581de0c80223e4b8
2d29bc6ee3e7ea90e10c729e24f1071bc150ee2773537f4d58190357e056ac4c
320d2f35257e40397ca02a6601c960e5fc5e1a5cae19d821ef4d327795dc212b
38810fec7d251abf2051ff9618b2018ada8774ec75a75c9795e5df3115b4b729
393cec9afecdf72ddd4311d190d1fc309c8a702bf9507b79e5cebad4f1d20798
39f77e3b3f62f34c744131a377eb928c2a33c2ea814afb3569c1f78a67555086
3adce41b96930ae725962759fb0ab7e86fbef6532172a8dce4313cac8876e497
3eb98d625988f78a066b9a5ab80202251970bd314d81a323ca762f33311a09fd
4331e624b00606589ce2de2cdf1cd2b3ab16d3e6ae06f2c5ceb7d8460fa5fca1
45a1079d7b9c855827ffc37415458622deb28874a03c30882c281ca828ffa9d8
4e44f09b9241181addc81ace9fcf87b8c552aca6b62b97dd6ee11ee3ea0e54f8
5367c792e8ace11cabf1a6f0ae3377aeaa99569a080a7baca55f0190c604453c
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786
752af532064c7cc2469aad35ea475a88f957be65db464de503b117d63a7d655f
755c7ff4b447f5d119403dccaf2b5ed4963053d96cffef0c19f07c6b68129932
78575038e018a1ed8d6aae156b8891bb779a3b66c340a2e183efcad2793d0f69
7e1eb82a4b81f45cb861d480c8f717812ef73372e44866861fc7afbe5d2bf175
7f0f0dae8e0767cd7a251490d4a685e84dc6372f1c6c34a645390efc85aba8b6
85200335fd5c692fdc6b6869a17e77547f0733adb0ac8fe1a6102da5ac2eda65
859c14a7f4d5f0bf22a7d506ec526fc4521e5b8b187018798e8cf3e4db919298
88f75f3b2dded3f1e6d61c8bfdd81da8b3feadd13be87c14fb1c1630a6040f66
975da8d895d45c00422e72e16e66ecb493035db188913c3efd40ea7c9e156b79
992852f23fee40139c5193f97bed4b1e6d35befc974f372616cd6cd2e6fe5b27
a02d23216c6457f31398e32ee141cc2ac5dc02597897f3ea4b2c213bcba7deb7
a142bb52826f52f2f47f9ce7a5e4e580f95e10b936d01e61c12699684828b7ce
ad022fd53c580787f819907c29f8e463c0b38e3f0a207cc8114640f592e57d5b
ae2f5cbca8bac83e5e86244adb7e34c6c822b5d7840c8dd48a55cdc130218b50
be7f9199c1c852d8002216ff8fbc1056b50512ca75bc6d3e4c801a85d1969306
ccf51aecf26c713a061b5ac74a83d36cf71dfab5e9f767e768fbab450bdef1ec
cd8e58bd1179ba979a1d4bcbcb66d9b901b17c7e33d9bab5f5f78a1cc753d9a9
d112be22f5670582cbff8333b8999be4197939dc64eeaa1b3ebb89a4ebdce379
d5243d0a061cf1dc7e87d93cf9aec7b28eca3e81468d3af885139fc99d066085
db87d1b6a9f2b1107f57a1642bb9d0f10c43f6102fbc62cf87aabe1ee5f92228
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60efeee64ce3ba0d992566a6fc335438439ca70d02595d20ab400e562a142ff
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc7d9cedb16eb7b5376c1bc2ee2b57255b81d57cc060da8050daee3e7a6f9bec

xglamour.win Open in urlscan Pro 104.21.8.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

61 %HTTPS

0 %IPv6

21 Domains

27 Subdomains

22 IPs

5 Countries

8747 kBTransfer

8935 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xglamour.win Open in urlscan Pro
104.21.8.172 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

61 %
HTTPS

0 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

8747 kB
Transfer

8935 kB
Size

3
Cookies

75 HTTP transactions
0 data transactions