urlscan.io logo urlscan.io
SecurityTrails logo

3tght76h.com Open in urlscan Pro
78.46.92.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGK...
Effective URL: https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gx...
Submission: On January 10 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 32 HTTP transactions. The main IP is 78.46.92.254, located in Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is 3tght76h.com.
TLS certificate: Issued by R11 on January 9th 2025. Valid for: 3 months.
This is the only time 3tght76h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.1 39572 (ADVANCEDH...)
14 104.21.80.1 13335 (CLOUDFLAR...)
1 7 139.45.197.119 9002 (RETN-AS R...)
1 104.21.96.1 13335 (CLOUDFLAR...)
1 3 78.46.92.254 24940 (HETZNER-A...)
1 2 104.17.246.203 13335 (CLOUDFLAR...)
3 216.58.206.36 15169 (GOOGLE)
1 172.217.16.200 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
32 10
2    88.208.22.1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com
28939356-30440-ex.alumniterist.com
14    104.21.80.1 (None, )

ASN13335 (CLOUDFLARENET, US)
glamour.dating
7    139.45.197.119 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
oalsoudaustety.net
1    104.21.96.1 (None, )

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
3    78.46.92.254 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.254.92.46.78.clients.your-server.de
gl0a7loeki02do.com
3tght76h.com
2    104.17.246.203 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f4.1e100.net
www.google.com
1    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
14 glamour.dating
glamour.dating
523 KB
7 oalsoudaustety.net
oalsoudaustety.net Failed
17 KB
3 google.com
ads.google.com Failed
www.google.com — Cisco Umbrella Rank: 3
968 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
25 KB
2 3tght76h.com
3tght76h.com
62 KB
2 alumniterist.com
28939356-30440-ex.alumniterist.com
4 KB
1 gstatic.com
www.gstatic.com
218 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
72 KB
1 gl0a7loeki02do.com
gl0a7loeki02do.com — Cisco Umbrella Rank: 877697
648 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
651 B
32 10
Domain Requested by
14 glamour.dating 28939356-30440-ex.alumniterist.com
glamour.dating
7 oalsoudaustety.net glamour.dating
oalsoudaustety.net
3 www.google.com 3tght76h.com
www.gstatic.com
2 unpkg.com 1 redirects 3tght76h.com
2 3tght76h.com 3tght76h.com
2 28939356-30440-ex.alumniterist.com 1 redirects
1 www.gstatic.com www.google.com
1 www.googletagmanager.com 3tght76h.com
1 gl0a7loeki02do.com 1 redirects
1 my.rtmark.net oalsoudaustety.net
0 ads.google.com Failed 28939356-30440-ex.alumniterist.com
32 11

This site contains no links.

Subject Issuer Validity Valid
*.alumniterist.com
R10		 2024-12-15 -
2025-03-15		 3 months crt.sh
glamour.dating
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
oalsoudaustety.net
R10		 2024-11-08 -
2025-02-06		 3 months crt.sh
my.rtmark.net
WE1		 2025-01-04 -
2025-04-04		 3 months crt.sh
3tght76h.com
R11		 2025-01-09 -
2025-04-09		 3 months crt.sh
*.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Frame ID: 482640102E7299B748E980DEF02334D5
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=nl&v=RTbEo8_aWOvLbjGuoA8Hj2oS&size=normal&cb=b26hoxq1o6xy
Frame ID: C6DC42DB7C82E2C542BE790CDC0768B4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RTbEo8_aWOvLbjGuoA8Hj2oS&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Frame ID: 4FFBA86454736B98A7A744124EB2E536
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Captcha

Page URL History Show full URLs

  1. https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTl... Page URL
  2. https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTl... HTTP 307
    https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231 Page URL
  3. https://oalsoudaustety.net/4/7643309?var=19023231 Page URL
  4. https://oalsoudaustety.net/?z=7643309&syncedCookie=true&rhd=false HTTP 302
    https://gl0a7loeki02do.com/news.php?key=rnkcziah1bh8rwinwgy9&SUBID=901491986140508459&cost=0.001500&zon... HTTP 302
    https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

32
Requests

91 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

5
Countries

920 kB
Transfer

1478 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0 Page URL
  2. https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2230%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Fri%20Jan%2010%202025%2008%3A59%3A17%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231 Page URL
  3. https://oalsoudaustety.net/4/7643309?var=19023231 Page URL
  4. https://oalsoudaustety.net/?z=7643309&syncedCookie=true&rhd=false HTTP 302
    https://gl0a7loeki02do.com/news.php?key=rnkcziah1bh8rwinwgy9&SUBID=901491986140508459&cost=0.001500&zoneid=7643309&browser=chrome&browserversion=131&device=desktop&isp=nforce%20entertainment%20b.v.&country=NL&os=linux&osversion=unspecified_linux&carrier=?&language=nl HTTP 302
    https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2230%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Fri%20Jan%2010%202025%2008%3A59%3A17%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Request Chain 24
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@1.7.9/dist/axios.min.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g
28939356-30440-ex.alumniterist.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
mail.armadaboard.com
Software
nginx /
Resource Hash
667f6d9fb9c74ba408d1ac0f8176e883cd4ffe59ada89dd950d411acc6c7f465

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Fri, 10 Jan 2025 07:59:17 GMT
expires
Fri, 10 Jan 2025 07:59:17 UTC
last-modified
Fri, 10 Jan 2025 07:59:17 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/ 		0
0
/
glamour.dating/DATING7/
Redirect Chain
  • https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=ht...
  • https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Requested by
Host: 28939356-30440-ex.alumniterist.com
URL: https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24901c3b6ff1121a32f41d3fd7f355dfe06186b74d14b3478eda681021834d0c

Request headers

Referer
https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ffb20761f4eb8be-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 10 Jan 2025 07:59:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bURYXzomjhohdoC7eSYk3JJQN3liCb%2B%2BUi7QNs07sAvhqsff3m0elnk1mumbCv5LsdrPScPvLAI4rtPIJmiHJMH6hn4oroo2%2BxkQn%2FS18dH3z71hAG0P5V0doUFdpEw0VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 10 Jan 2025 07:59:17 GMT
expires
Fri, 10 Jan 2025 07:59:17 UTC
last-modified
Fri, 10 Jan 2025 07:59:17 UTC
location
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
main.css
glamour.dating/DATING7/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://glamour.dating/DATING7/css/main.css
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a13cf5808f491597be2fb4c1db298c815937c827f561d0e72e7a3da52cec63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=691200
content-encoding
zstd
cf-cache-status
HIT
age
110672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fc%2F2Y1UwYyRedetNxyjxIabct1qr4N0FfsJ7V1JkMvQ203myXv8pXDq33BiDf0SuqbZYWa3a8q19hkzFlXV2HkXxjqQiiJyxC7WderU1bUDya7Cb72Obl5kboww4DJiMHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ffb20778f50b8be-AMS
expires
Thu, 16 Jan 2025 01:14:44 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Fri, 21 Jun 2024 13:35:03 GMT
vary
Accept-Encoding
server
cloudflare
jquery.min.js
glamour.dating/DATING7/libs/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glamour.dating/DATING7/libs/jquery.min.js
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=691200
content-encoding
zstd
cf-cache-status
HIT
age
280816
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFiJ1sNyVbpUVQEtJPvfxdxEOCG3gBY14LCIy1ITymQr6njdyBKgkNFflTyr5Q70VFJ31RPhJvnP5jhQEyBL0eDsp%2FYoUbuIByuB6wC58NQtvG0cJULGryEENLnui%2FVmdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ffb20778f4fb8be-AMS
expires
Tue, 14 Jan 2025 01:59:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 06:29:56 GMT
vary
Accept-Encoding
server
cloudflare
btn1.png
glamour.dating/DATING7/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/btn1.png
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231

Response headers

cf-cache-status
HIT
age
53429
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzHyL6WzaN7%2FaO0Pdw1YtG6gqkCuSCVXNMylDSCyYPeAS6ov%2Beve4guewnVbyQ1Pwq5Xmy7Ap%2FiSY3rSrYNqwgfyrXoOCn9g1XPvE2zIlfpjRl042%2BO3VelxBJ8AMLcBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 17:08:47 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/png
last-modified
Fri, 21 Jun 2024 06:30:24 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20778f51b8be-AMS
accept-ranges
bytes
content-length
6866
x-turbo-charged-by
LiteSpeed
server
cloudflare
btn2.png
glamour.dating/DATING7/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/btn2.png
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42269355807fe5c4d7dabbccff1cc602725b5ffccae86759412219b83198a180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231

Response headers

cf-cache-status
HIT
age
53429
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSkZBHAZpXiEpl4d55wkbrpzoqyJZ4DRj68hMIybCPkJibioK9zabwKYinObu1iZVk9yfOIhRfV%2BH3FFRgYe0yBlnXH%2FsgAGKlfkxahDT63toWvQGgXfHzOgLAOONpUQuA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 17:08:47 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/png
last-modified
Fri, 21 Jun 2024 06:30:26 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20778f52b8be-AMS
accept-ranges
bytes
content-length
9771
x-turbo-charged-by
LiteSpeed
server
cloudflare
main.js
glamour.dating/DATING7/libs/ 		521 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glamour.dating/DATING7/libs/main.js
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70910209572bcf5a0ba1022d53bb9fe24d82ed842370c70234994dd2b29ba1a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=691200
content-encoding
zstd
cf-cache-status
HIT
age
280816
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nCCmoXyCilhL5GJAIIPyVwmlWMf9fklrpR85wjI31GxOz%2F0V1ZHKSa3uc9Gbt9fdTnY7EhXxUbif5T8N1Sy2elGsRih5UloBU7iB%2Fb6eU7Sv%2FIaTan5y3ushGHxRDBWEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ffb2077bf53b8be-AMS
expires
Tue, 14 Jan 2025 01:59:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
x-turbo-charged-by
LiteSpeed
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 06:29:58 GMT
vary
Accept-Encoding
server
cloudflare
g1_open.jpg
glamour.dating/DATING7/image/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g1_open.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
110672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cvN%2BvrnjRiBMcIAoBzQuErwTMecDwRxLdQ4Q%2BcpLJacwsD00mc3MGoo6pziBE%2FWy3OgTmnAkmxn3BchSFHPrVxRMhab5n%2BxlJDG21oR%2BwjRvkdRpW1AHv%2BI955wt3%2FtOg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 01:14:45 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:43 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f54b8be-AMS
accept-ranges
bytes
content-length
93160
x-turbo-charged-by
LiteSpeed
server
cloudflare
g1_close.jpg
glamour.dating/DATING7/image/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g1_close.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
110672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjRLUDJQsVHRDk6AZpJ%2BTaD12n37qk%2F9UQOUDjJMesldhzvtvCy%2FCWR4ZPwgJITeezp6%2FhS699lRwDZ0Zd34YYVRa8%2BjYbxpDgKcqKrExtEtH4lPEXatwPqRjA9uvCZwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 01:14:45 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:45 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f55b8be-AMS
accept-ranges
bytes
content-length
30767
x-turbo-charged-by
LiteSpeed
server
cloudflare
g2_open.jpg
glamour.dating/DATING7/image/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g2_open.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
248200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYkGBbet7zuVgyqv7PB6d3bjBcZgYY5z00P7nR5vdUugYl8y%2FfwGyoQ8yVPgDU%2FyVUJ7HSPHYyysB4FX2%2FDofmYk1L5E%2F2FCJs9cKJywFi%2BGN5hO5dQDrMrbrNFVskyM2A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Jan 2025 11:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:38 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f56b8be-AMS
accept-ranges
bytes
content-length
88081
x-turbo-charged-by
LiteSpeed
server
cloudflare
g2_close.jpg
glamour.dating/DATING7/image/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g2_close.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
110672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1HZlf%2FlNmp8GpvvQPx%2F2JMseKD9Rw%2B7yciDCU0%2FK4z6RBM8yIltxfJfkNq9weJlg23ozORBWO3hmyIeO7gibOrXvC9StSUDgqwdstmPX5HZ3HAjcp9%2FdksAoB0wsnEqqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 01:14:45 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:41 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f5bb8be-AMS
accept-ranges
bytes
content-length
37541
x-turbo-charged-by
LiteSpeed
server
cloudflare
g3_open.jpg
glamour.dating/DATING7/image/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g3_open.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
248200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DIBNNnRxk4c%2BeW0tRWZpFThBrFyElOXcdWG77BvUr1dNXscuFHIgBlM3JsXPpHvzSM9WuA0mONZyPQRrmOg4S7UDreNZzN7bxyao3Gmsx9w5C%2BJ6Tt1GtzFeIeyI2sUJew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Jan 2025 11:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:55 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f58b8be-AMS
accept-ranges
bytes
content-length
82627
x-turbo-charged-by
LiteSpeed
server
cloudflare
g3_close.jpg
glamour.dating/DATING7/image/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g3_close.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
248200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fAlSEXhDMMQ8YPkoyMuknzga2f7uqzkmaaVoYrZ3OuepRGIGIvG7aSSVfpLpKNG9kHwSbxacvGrQKUrOn69WsBk%2F21wxdC1diaYd9A7cMUPz%2BQPpm2Sn3OH%2F4o%2FDGja%2BFA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Jan 2025 11:02:36 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f57b8be-AMS
accept-ranges
bytes
content-length
32473
x-turbo-charged-by
LiteSpeed
server
cloudflare
g4_open.jpg
glamour.dating/DATING7/image/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g4_open.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
110672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ln9Pn%2FcPYWzm9xC8T6mHX1U2g0XvZkW7uNkBZ%2BoYJpGzEOGD1P7vSsN8G8swqfiAx3nUoL6S9Va0mLD09v5K%2FSCVrB39QpPJiGwD2d%2B%2FrMtTxV8k8na3K26MroNF23th3g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 01:14:45 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:52 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f5ab8be-AMS
accept-ranges
bytes
content-length
82505
x-turbo-charged-by
LiteSpeed
server
cloudflare
g4_close.jpg
glamour.dating/DATING7/image/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glamour.dating/DATING7/image/g4_close.jpg
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://glamour.dating/DATING7/css/main.css

Response headers

cf-cache-status
HIT
age
110672
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGupMzmN5EGw%2FLNWUGXs9Na1QqEwfuKicZY1pzAiqS%2BB%2Bdk2JRr0An6akL7PBuqRoJEYesnSeMJCIU1tJCSucf2yI4g6JBZe%2BzXf8cKgR%2BYL8gQ1YnaJj%2FUyuXQEE1UQ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 16 Jan 2025 01:14:45 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:17 GMT
content-type
image/jpeg
last-modified
Fri, 21 Jun 2024 06:35:50 GMT
vary
Accept-Encoding
cache-control
public, max-age=691200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ffb20780f59b8be-AMS
accept-ranges
bytes
content-length
30098
x-turbo-charged-by
LiteSpeed
server
cloudflare
7643309
oalsoudaustety.net/4/ 		0
0
7643309
oalsoudaustety.net/4/ 		31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oalsoudaustety.net/4/7643309?var=19023231
Requested by
Host: glamour.dating
URL: https://glamour.dating/DATING7/?do=push&zoneid=30440&campaignid=325228&hostid=19023231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.119 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
02cfe75e2292e8e689e6558075fd99cdb99d52671794c64a0489ab3b19de1abf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://glamour.dating/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Fri, 10 Jan 2025 07:59:18 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
img.gif
my.rtmark.net/ 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00814d30dfd44e25e4a5a0177bf52a96&z=7643309&p_rid=1d1971aa-3bda-4694-b3a1-0147cc48376f&p_src=sf
Requested by
Host: oalsoudaustety.net
URL: https://oalsoudaustety.net/4/7643309?var=19023231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://oalsoudaustety.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h082R33kviNmZze03xlfI9M4xYjjWc0yA4g83C7oattlnhLDSJdRu0RVKX5WKF09ssPOk%2B0YlJOSf69d8CdpTnsQ0RB76SfgTSwjniZcfhsgw0b8j8d9IYsEWcuYs6f2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 10 Jan 2025 07:59:18 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8ffb207a290b0baa-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
oalsoudaustety.net/ 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oalsoudaustety.net/sftouch?userId=00814d30dfd44e25e4a5a0177bf52a96&z=7643309&p_rid=1d1971aa-3bda-4694-b3a1-0147cc48376f&p_src=sf&branchId=0&rb=oj2jBJ26MrGwsJP8oB46wG7YTBZ0g0bNbyNEdUCH0zg0k8YBSafMavqRSoViKJekg2F6B6GghpoIhPLVuSLFt88DlQtdsVZrq-t8vzJPoXfi7pZZw5Qz7RBQedIKXYdBrxSg7bIUgA1aQyhgPaYO0_80jmTPhFRs8CmgvYcQ1PwDmqQXgKzqSoT_ICe6vn3LX6277WGyXMMG0xPagC1vnReZZlRR8z71I9dfTnFqiVtQc9tDlacfNFa1yGOzFdhxLytqHPPHqzYWs9OE4lDog4EKPdqxwQ70jcvEYqght7ox_NE9KdOIcOLuHdADfNfbNmuhtGmU4Bc3wreZSRT57KSH8JpqqfvC&w_img=1
Requested by
Host: oalsoudaustety.net
URL: https://oalsoudaustety.net/4/7643309?var=19023231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.119 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://oalsoudaustety.net/4/7643309?var=19023231

Response headers

access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Fri, 10 Jan 2025 07:59:18 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
ef0275a6ee4ea778c5a7b98a23a3189a
access-control-allow-origin
*
content-length
43
server
nginx
add
oalsoudaustety.net/log/ 		12 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oalsoudaustety.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1d1971aa-3bda-4694-b3a1-0147cc48376f
Requested by
Host: oalsoudaustety.net
URL: https://oalsoudaustety.net/4/7643309?var=19023231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.119 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://oalsoudaustety.net/4/7643309?var=19023231

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://oalsoudaustety.net
content-length
12
date
Fri, 10 Jan 2025 07:59:18 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
oalsoudaustety.net/async_log/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oalsoudaustety.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1d1971aa-3bda-4694-b3a1-0147cc48376f
Requested by
Host: oalsoudaustety.net
URL: https://oalsoudaustety.net/4/7643309?var=19023231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.119 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://oalsoudaustety.net/4/7643309?var=19023231

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://oalsoudaustety.net
content-length
0
date
Fri, 10 Jan 2025 07:59:18 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
oalsoudaustety.net/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oalsoudaustety.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.119 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://oalsoudaustety.net/4/7643309?var=19023231

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Fri, 10 Jan 2025 07:59:18 GMT
pragma
public
server
nginx
Primary Request /
3tght76h.com/1/
Redirect Chain
  • https://oalsoudaustety.net/?z=7643309&syncedCookie=true&rhd=false
  • https://gl0a7loeki02do.com/news.php?key=rnkcziah1bh8rwinwgy9&SUBID=901491986140508459&cost=0.001500&zoneid=7643309&browser=chrome&browserversion=131&device=desktop&isp=nforce%20entertainment%20b.v....
  • https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
78.46.92.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.254.92.46.78.clients.your-server.de
Software
nginx/1.22.0 /
Resource Hash
d0a17fd2701bb4c0baa8a37c32bbf9623e724b7892b3e0cf85711af30149d861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://oalsoudaustety.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Jan 2025 07:59:18 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Jan 2025 07:59:18 GMT
Location
https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
favicon.ico
oalsoudaustety.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://oalsoudaustety.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.119 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://oalsoudaustety.net/afu.php?zoneid=7643309&var=7643309&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Fri, 10 Jan 2025 07:59:18 GMT
pragma
public
server
nginx
axios.min.js
unpkg.com/axios@1.7.9/dist/
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@1.7.9/dist/axios.min.js
53 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@1.7.9/dist/axios.min.js
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Protocol
H2
Server
104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf48244581d6cb6486d6702f7372292284faef2489a3be419ac1bc70606be72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3tght76h.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"d322-jO32YHmnvWmO/sus6Gyfc4bMqU4"
age
59538
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 07:59:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JH5TT46QR76N545M1XE4QMBW-ams
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8ffb20803e4966e0-AMS
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/axios@1.7.9/dist/axios.min.js
content-encoding
br
cf-cache-status
HIT
age
317
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8ffb207fad7966e0-AMS
access-control-allow-origin
*
date
Fri, 10 Jan 2025 07:59:19 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JH7K9DQ8AM7DMFHJ2V29HMT2-ams
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
bf4f8108a8cc4aea0a1a918112d0c6ab319b1122403645b469eae66515194a6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3tght76h.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 07:59:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 10 Jan 2025 07:59:18 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-547JG5H
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
860c31a052cd2a22ba83b5b0a90a4b5dee3091300c8112aee19cb1e1542d703a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3tght76h.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 10 Jan 2025 07:59:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:59:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 10 Jan 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
73037
x-xss-protection
0
server
Google Tag Manager
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
8aaa3ab956c212e79058bd4c1d494ea676b8d0cda6e22d43af3c1095dd184fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://3tght76h.com
Referer
https://3tght76h.com/

Response headers

content-encoding
gzip
age
243227
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 12:25:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 12:25:32 GMT
last-modified
Mon, 06 Jan 2025 05:01:14 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222902
x-xss-protection
0
server
sffe
bg.png
3tght76h.com/1/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3tght76h.com/1/bg.png
Requested by
Host: 3tght76h.com
URL: https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
78.46.92.254 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.254.92.46.78.clients.your-server.de
Software
nginx/1.22.0 /
Resource Hash
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3tght76h.com/1/?lpkey=177d362d494f62d658&uclick=3z9zhefnvr&uclickhash=3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"6554c665-efb2"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61362
Date
Fri, 10 Jan 2025 07:59:19 GMT
Content-Type
image/png
Last-Modified
Wed, 15 Nov 2023 13:23:49 GMT
Server
nginx/1.22.0
anchor
www.google.com/recaptcha/api2/ Frame C6DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui&co=aHR0cHM6Ly8zdGdodDc2aC5jb206NDQz&hl=nl&v=RTbEo8_aWOvLbjGuoA8Hj2oS&size=normal&cb=b26hoxq1o6xy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tbvhd_pd69QEKaUi8_2E0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3tght76h.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tbvhd_pd69QEKaUi8_2E0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 07:59:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 4FFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RTbEo8_aWOvLbjGuoA8Hj2oS&k=6LcCY5cUAAAAAA_SZQSTJfioaxkS1vVcGuv9gNui
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gE89ofFs9BYCHpr96GfWcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3tght76h.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gE89ofFs9BYCHpr96GfWcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 07:59:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.google.com
URL
https://ads.google.com/
Domain
oalsoudaustety.net
URL
https://oalsoudaustety.net/4/7643309?var=19023231

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| axios object| dataLayer function| recaptcha_callback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_66260

5 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 00814d30dfd44e25e4a5a0177bf52a96
oalsoudaustety.net/ Name: OAID
Value: 00814d0fa6ec4fcfe264dd365ff9a71b
oalsoudaustety.net/ Name: oaidts
Value: 1736495958
gl0a7loeki02do.com/ Name: uclick
Value: 3z9zhefnvr
gl0a7loeki02do.com/ Name: uclickhash
Value: 3z9zhefnvr-3z9zhefnvr-twwj-syvr-2tbg-gxwh8n-gxwhwj-0e16fc

3 Console Messages

Source Level URL
Text
rendering warning URL: https://28939356-30440-ex.alumniterist.com/jCxFDYMxOQ7oZtczvVjEKidMl9kRvoHRdqtUapiUHZMXNsmXodtV9MmOUYNqKNOZlo4Bd6V3gvTleuuzHOOnYRWKmq6luLGKcwcfTr9O7n9Pp_smq7cxCSdMfiAE4g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.com%2Fsearch%2Fvideos%2Fprettyboi2000x&referer=http...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D00141E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://oalsoudaustety.net/4/7643309?var=19023231
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D00141E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://oalsoudaustety.net/afu.php?zoneid=7643309&var=7643309&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A010E301141E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28939356-30440-ex.alumniterist.com
3tght76h.com
ads.google.com
gl0a7loeki02do.com
glamour.dating
my.rtmark.net
oalsoudaustety.net
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
ads.google.com
oalsoudaustety.net
104.17.246.203
104.21.80.1
104.21.96.1
139.45.197.119
142.250.186.67
172.217.16.200
216.58.206.36
78.46.92.254
88.208.22.1
02cfe75e2292e8e689e6558075fd99cdb99d52671794c64a0489ab3b19de1abf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
24901c3b6ff1121a32f41d3fd7f355dfe06186b74d14b3478eda681021834d0c
27a13cf5808f491597be2fb4c1db298c815937c827f561d0e72e7a3da52cec63
42269355807fe5c4d7dabbccff1cc602725b5ffccae86759412219b83198a180
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
667f6d9fb9c74ba408d1ac0f8176e883cd4ffe59ada89dd950d411acc6c7f465
70910209572bcf5a0ba1022d53bb9fe24d82ed842370c70234994dd2b29ba1a9
860c31a052cd2a22ba83b5b0a90a4b5dee3091300c8112aee19cb1e1542d703a
8aaa3ab956c212e79058bd4c1d494ea676b8d0cda6e22d43af3c1095dd184fe4
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
9cf48244581d6cb6486d6702f7372292284faef2489a3be419ac1bc70606be72
bf4f8108a8cc4aea0a1a918112d0c6ab319b1122403645b469eae66515194a6a
d0a17fd2701bb4c0baa8a37c32bbf9623e724b7892b3e0cf85711af30149d861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f000409df7dd5222fc51cc35113519a133596c011f61bc5a7f65f9dcd2843a37
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7