urlscan.io logo urlscan.io
SecurityTrails logo

kingadblock.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://becast.onionlive.workers.dev/
Effective URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1b...
Submission: On February 29 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kingadblock.com. The Cisco Umbrella rank of the primary domain is 829099.
TLS certificate: Issued by GTS CA 1P5 on February 11th 2024. Valid for: 3 months.
This is the only time kingadblock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 139.45.197.245 9002 (RETN-AS)
4 139.45.195.8 9002 (RETN-AS)
1 139.45.195.253 9002 (RETN-AS)
16 104.21.21.183 13335 (CLOUDFLAR...)
9 139.45.197.251 9002 (RETN-AS)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
50 10
1    2606:4700:3034::ac43:8d6c (United States)

ASN13335 (CLOUDFLARENET, US)
becast.onionlive.workers.dev
3    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
offmantiner.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
16    104.21.21.183 (None, )

ASN13335 (CLOUDFLARENET, US)
gluxouvauque.com
9    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kingadblock.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:3037::ac43:afa1 (United States)

ASN13335 (CLOUDFLARENET, US)
tururu.info
Apex Domain
Subdomains		 Transfer
16 gluxouvauque.com
gluxouvauque.com
69 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 31094 Failed
4 kingadblock.com
kingadblock.com — Cisco Umbrella Rank: 829099
12 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11764
2 KB
3 offmantiner.com
offmantiner.com — Cisco Umbrella Rank: 151222
16 KB
1 tururu.info
tururu.info
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 306
29 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 42429
468 B
1 workers.dev
becast.onionlive.workers.dev — Cisco Umbrella Rank: 151181
1 KB
0 Failed
function sub() { [native code] }. Failed
50 10
Domain Requested by
16 gluxouvauque.com gluxouvauque.com
9 jouteetu.net gluxouvauque.com
4 kingadblock.com gluxouvauque.com
kingadblock.com
4 my.rtmark.net offmantiner.com
gluxouvauque.com
3 offmantiner.com 1 redirects becast.onionlive.workers.dev
offmantiner.com
1 tururu.info kingadblock.com
1 cdn.jsdelivr.net kingadblock.com
1 datatechone.com offmantiner.com
1 becast.onionlive.workers.dev
0 flcjnflecolckmhfcmhhkichjhajjnlb Failed kingadblock.com
50 10

This site contains no links.

Subject Issuer Validity Valid
onionlive.workers.dev
GTS CA 1P5		 2024-01-04 -
2024-04-03		 3 months crt.sh
offmantiner.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
gluxouvauque.com
E1		 2024-01-14 -
2024-04-13		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
kingadblock.com
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
tururu.info
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Frame ID: 53995E4C97B5DEF12DEBBA761308B460
Requests: 50 HTTP requests in this frame

Frame: https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=787071208469566278&z=4662728&v=12&dr=&inw=1600&inh=1200
Frame ID: 24D340757BDA3E620B81E964F5A9ABCA
Requests: 1 HTTP requests in this frame

Frame: https://kingadblock.com/clear.php
Frame ID: 738F44BB07AC1A1399C6D6E694D578D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Up - Ad Blocker

Page URL History Show full URLs

  1. http://becast.onionlive.workers.dev/ HTTP 307
    https://becast.onionlive.workers.dev/ Page URL
  2. https://offmantiner.com/4/6120639/ Page URL
  3. https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false HTTP 302
    https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z... Page URL
  4. https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z... Page URL
  5. https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

50
Requests

78 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

129 kB
Transfer

404 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://becast.onionlive.workers.dev/ HTTP 307
    https://becast.onionlive.workers.dev/ Page URL
  2. https://offmantiner.com/4/6120639/ Page URL
  3. https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false HTTP 302
    https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60 Page URL
  4. https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2 Page URL
  5. https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://becast.onionlive.workers.dev/ HTTP 307
  • https://becast.onionlive.workers.dev/
Request Chain 5
  • https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false HTTP 302
  • https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
becast.onionlive.workers.dev/
Redirect Chain
  • http://becast.onionlive.workers.dev/
  • https://becast.onionlive.workers.dev/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://becast.onionlive.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8d6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
85d17fd76be5436e-EWR
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 29 Feb 2024 14:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q69c%2B4BH7lSLAWnK2RbVuhg%2BRPwZi4jdotUcEES5%2FrK2feRaVcKhVxJU4gn%2Fnf9OGt7m3O2FyhZd6zPhYoBGzIo6wQNpKOQHtfhbJv4ckC31WeBjTg9y551%2Fi1FI9yvmXUhEuR%2FLJ4NhMj%2BH4JSsfUuSYmFKPSGLsbH0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://becast.onionlive.workers.dev/
Non-Authoritative-Reason
HSTS
/
offmantiner.com/4/6120639/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offmantiner.com/4/6120639/
Requested by
Host: becast.onionlive.workers.dev
URL: https://becast.onionlive.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
db72823deea04b9f2899d96b397fe642b82336ea7203afe24391a5f3317303de

Request headers

Referer
https://becast.onionlive.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 29 Feb 2024 14:11:56 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
c2d1596cd670a3eeef9f26fc1e79d157
sftouch
offmantiner.com/ 		2 B
611 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://offmantiner.com/sftouch?userId=008011f80b7149b0fdef3009e2905828&z=6120639&p_rid=34df6c83-778f-47b9-aadf-d0cfa7143671&p_src=sf&branchId=0&rb=3cXLWqyl1GP1k6_BI9tsmgHhEHu078iDCSRGnntcZI1ZcEksrGTRQVHyXYHnFGo_qHzILAL-IGkH1gJze4HV8R50tDQ0VB2C55TtKzz8ezSROcwW91zPiPwYHDKk4AHJ-FtjC8MvHDk2li0lTstOa5NDQmfRLKMK7uPPdBCgRxhk55CtisgZkwY9mhTvP_Ckq1z9F5r0Fl12bd7PwrtbuGVe3OhMWgowa9SQIGqRBJE-ukQm_EC_TGdk1pTlRpAq9xkQJBenGUM5AuGRxaKbMC04Su1FtReAMsMQNss8uOul1m6agYc4kriZUEC-uQbPXAomcHKMvbpVcqHGXQWbYk6wPQM=
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offmantiner.com/4/6120639/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
e117c6a43a43f314556391ffc46fd3ff
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://offmantiner.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008011f80b7149b0fdef3009e2905828&z=6120639&p_rid=34df6c83-778f-47b9-aadf-d0cfa7143671&p_src=sf
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offmantiner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=34df6c83-778f-47b9-aadf-d0cfa7143671
Requested by
Host: offmantiner.com
URL: https://offmantiner.com/4/6120639/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://offmantiner.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 29 Feb 2024 14:11:57 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://offmantiner.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
/
gluxouvauque.com/
Redirect Chain
  • https://offmantiner.com/?z=6120639&syncedCookie=true&rhd=false
  • https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
52308e8f8d19b1efcaa9a2a11099db72464c9ad49687dde5ae4dd6744bf44c6d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://offmantiner.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d17fdc6a152016-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:11:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7TTWN4uT4Il9nZDV%2BHAQMpEvHVPmWUdJXGeP8EE8zz7MljbcvmSgMeSloRHMlz9T92AlRlzfpvvc4zXlNTSau2jfGpK0XVB%2FKfXMbnzEYw5fRYzmkPuF45lN7odCAbsUJIf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://offmantiner.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Thu, 29 Feb 2024 14:11:57 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://gluxouvauque.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
a8fad04ceacc64a5b3378971c038b540
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=39b8e1eaa5f1bba0148c59537e7b74b2
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a94d9677d6db69dc5a66942c4beb66870562b832269310adeb8e87fab0b9065e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauque.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
gluxouvauque.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbde98eb39d711f803483c5e02c98fda77ad9f55f2f9f41d601df6ed272ce826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 14:11:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Feb 2024 12:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e07222-8b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upXL6uNz2dujq88Ru3MNG23O%2BjwLHS1KQfl6tthzeo5GVXn4MiCG27piQ9fuwVH0i3KBbPO026TImDwf7WKoCcuW%2FCRTLvEq7RtiLN6FoKQnMAprfCFfmYV%2FwpSZZaIz80IS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85d17fddfc042016-IAD
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauque.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/19/4662728/?abt_opts=1&var=6120639&var3=787071205235761509&ymid=&rhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bcb6e2499789bafa5d9a45e31fc286f360c525d5c3dff824f2aa7405f1f862
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
52351fc23095283bd8c85ef4f9775d19
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPsNWq3NHXIZ52CqkQtrvnt%2F1QOTrufXXAJCATvg4FPaG5Np0aEXisMRt2u6dnn5JE32wTo9D2YLeWxnaXQLThfHSRpGxDjBoRo%2B3Ys%2Fetou9CYKtlSGwQ1SPR4Bf6QYKIAB"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d17fddfc112016-IAD
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauque.com/ 		2 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&mprtr=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T22yTEEb0qGJYtgaGHD8ZZUdKPt3R7BkqQ5ff4BPrxWFbRnpyqYNAg4SmuP6vDXRVzff4RRZus%2F892p3qUkJXD1n5R5q%2FTLftIYQDr8pa4x%2F2ieWp0SWT7%2FKTuS04EGQg7Hh"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85d17fddfc152016-IAD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
4662709
gluxouvauque.com/sw-check-permissions/ 		0
1000 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/sw-check-permissions/4662709?var=6120639&ymid=787071205235761509&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itXeuJWC44UZo4LhwtV%2FOMwY5%2BPsUjbdzK9Jej57k88SO2TjVaEfoEAeqVBO2KCNK9JwCKic0GCLFbO58DNC3XnKL3E2oCHT0owXTfUcAAsFIlb%2BjCWUOZMFJBRq9QfGVguQ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85d17fdf09060b3e-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
zone
gluxouvauque.com/ 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787071205235761509&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=17fa547f-c40e-4d56-8d8f-fc496bb78307&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
6ee0a435626829e705480e1bbe07d1cd
date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aExLwtaEiiErRTRREZr3nlLXWX3hZK8l7Q%2BtyoUBJ02C5a1iBsEOXGQzGIhrKXWAwjRXgfRfSHbcgGRIpohjz8abYXzteTM03HzWrOITFiIhQ8He66AWuw%2Fh3JusHawNS%2BSL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauque.com
access-control-allow-credentials
true
cf-ray
85d17fdf09130b3e-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=787071205235761509&var=6120639
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a94d9677d6db69dc5a66942c4beb66870562b832269310adeb8e87fab0b9065e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauque.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0
rhd
gluxouvauque.com/ 		0
0
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
zone
gluxouvauque.com/ 		797 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787071205235761509&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=17fa547f-c40e-4d56-8d8f-fc496bb78307&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:57 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
96b944a074fdd76dfadba53230b2edac
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTpFFsIjRzo%2FPTMdUZgH7vaQjnvl19mwtZOAAlcUJ37dmEIeFFwFMc4dY5ekM%2FFHK1vmTKrtKmS5EKg%2FTs8CR17ywQ2pO%2B8VqmTbiCA%2BzIVri6qgoEnw6n7ngwka9fYZk%2F1H"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85d17fdf193c0b3e-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0
/
gluxouvauque.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a7ee58a2ec68638389cf5924537f5d994eddfd4bc7f90af760794510a75a71af

Request headers

Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d17fdf59b80b3e-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:11:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2j5gkk172J6fBa0IPY1a%2BrO6%2FrAsxCSPiwyjxiIBpZ2VjLIH%2BMPE3d5OQf%2B2ybZsRiSGFB5DBe%2Fky7xAlrMcR7WMkEjBa4vfye05v8WB1%2FO6JuuoePcSErjY8nIgEQiJrbf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
jouteetu.net/ 		0
0
micro.tag.min.js
gluxouvauque.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbde98eb39d711f803483c5e02c98fda77ad9f55f2f9f41d601df6ed272ce826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Feb 2024 14:11:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Feb 2024 12:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e07222-8b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghjf9%2FYxB3JUqw3lgEaZemQIsjRwkVt52lVEnc8nd%2FBShE%2FXiSSEKO1Mzrlrdb7nKv%2BvnJMufbU7B62NACWgzkb8FkD28jW5k%2BricWNfubnrwWbk16KuGf2YtXganxxkHOY6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85d17fdfca800b3e-AMS
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauque.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/19/4662728/?abt_opts=1&var=6120639&var3=787071205235761509&ymid=&rhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f059cb451b59802e9276ca1283427f0680c967b454ec03654fb567df7a46154c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
6ea02e172df3fceec3c4495a2b3ac07c
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyCIIslU3qpJXOdI4cOSYIVPuYfQaMnR0xuhw5hc75%2FrQXsKLqEbZGo%2FTuEPiCrc9C3hjC4J7w8%2Bx%2BVwpYHADAkMFXpoSwK7wfi%2B1ofoF%2FbKtRnb%2FqZVs7ZRyMRDyA9Tw%2BHb"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d17fdfda880b3e-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauque.com/ 		2 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2&mprtr=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.27
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TyLGSYvi5muhSnprPnXpeauy5IVr5qdfGmBVZ9KvxxacAQW9IOkn6XnmM9KGoO7q9TVK1N6wS%2Bj52utYnYW9ssQLOicQMCumLm1YurkU1Q2cgc%2FNwaYg3ez0KNXfSdHkZzh"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85d17fdffac40b3e-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauque.com/sw-check-permissions/ 		0
997 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/sw-check-permissions/4662709?var=6120639&ymid=787071205235761509&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTWtSZCgm56Pf9Dpg5BX6JfspRiTbiehQLGKGsqERCfQB%2BeWzucN88al5WFLviKuaN9nL0iYkFMkTq2fCUp8JZ1ke2WyKZ8MKgKv9N3gJCfTia89UdVBEBY8PbFZS3tIbRHU"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85d17fe01b1a0b3e-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauque.com/ 		0
487 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787071205235761509&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=9298431c-aef0-48e3-8380-d2c0119ecd51&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
856b334d50d49a037b03110c82c2e555
date
Thu, 29 Feb 2024 14:11:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5dOixeTdiNcH3BDdT7MAdinO1NQKZAoa%2BXt%2FPbgbyGksSU5B4ntMdcIUjBIAaO99vsONhBqBy9C4clltXYk3XT6O69BllLETcCySzEQBuP9bI2WwA%2BzzdmjAvZ1fK9vgQZU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauque.com
access-control-allow-credentials
true
cf-ray
85d17fe01b1f0b3e-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=787071205235761509&var=6120639
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a94d9677d6db69dc5a66942c4beb66870562b832269310adeb8e87fab0b9065e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauque.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
rhd
gluxouvauque.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/rhd?rb=z3X01tST58rHQ-PRHnTN1RUeA7pLK2dwwFrbNrC3dYwuEHezFcUt7AACOCR6QGSDCrS7j1VZ3cG03fNXS0gfgyyUQfCXYy0j0lTAJqFzgI7KFPp3VF3uvHMotBM8cDoGWIshf90jihl4miqldFLkEZ5OYcXnTTw51TKb9wFD9474B3PWpJDa-vLY8Tzf2dycfYOimINkYl0DqsqI9Zvc92vW91gPlbbqz1jmLsGUUTSxUkWGYoa06cpjT4vmzrFLfL-wEHi1ORHnsmKozN9WCoEcVchzeyhK8IRcyGc55iQl8XMSBNuCDSW7cU0fGIDFLYIRmnVs9wL2Wg67CJf96tnixqKq-wgOfRQkhNK1IKYuLIBKlqtAHHi-y0JRZ3AzODPWiY87qYSGPy9fUIeb19yDoQ_AACb6oivtEm_k7tywf_hV40TxEh8Y1U2lcr1l4U91fiUji-LUZ4eqb_zi-1I3cO5vup3o_6_EBdDeBtl-auzYYUDkSbcrZnZRA52QthcX_0TFwFuIy96M-4uR9Lk4J28KwNnjMmOtBBiLWsVpTqJcf57HPGmBhGY%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauque.com%2F%3Fs%3D787071205235761509%26ssk%3D7372d4ef62b324b6d57b0acff8c3f327%26svar%3D1709215917%26z%3D6120639%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60%26rdc%3D2&drf=https%3A%2F%2Fgluxouvauque.com%2F%3Fs%3D787071205235761509%26ssk%3D7372d4ef62b324b6d57b0acff8c3f327%26svar%3D1709215917%26z%3D6120639%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6120639&var3=787071205235761509&ymid=&rhd=1&m=link
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43f5b63e4328be285e1bf90d65089130e5077f9cdcbed6569e9beaf796c3b0c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
1248911cbb9e8253d548317dbbecdcf2
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFkgnVI1pEHm%2B3oq682mr0IcR9F2vWGOC6a0fiYismQgRAnBEqW0Hvu9%2FgPT7LP19UITRvmetyZAyYgPA37DMZ73kmttexFskyjV%2BrfrmziXR1h861wnywy5Da8zZOZY093%2B"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d17fe02b2f0b3e-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauque.com/ 		797 B
985 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauque.com&var=6120639&ymid=787071205235761509&var_3=&var_4=&dsig=&tg=1&sw=3.1.493&trace_id=9298431c-aef0-48e3-8380-d2c0119ecd51&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14be0617a5e5b897aa2414ed85990bf6dc9f7270100058a94c4feb1d14ab5757
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
f09bcbe6c3fc739f2bd81e76b3f4b3cb
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWgrsVVkgnluC7QynwxQ9m3QjS5XcPLmYDiYjT4iMhSZY8N6dVWGZGMgK0q%2FygWUEWg%2Fmjga4%2FYdDhLJb%2BHE85kDe0kxQrXnZYhHbwey2%2BIIavXVJyVBOZT7iMjDjw9AZsJq"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85d17fe02b320b3e-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/pfe/current/micro.tag.min.js?z=4662709&ymid=787071205235761509&var=6120639&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauque.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Primary Request extension.php
kingadblock.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e8bcd5fa760e77d71d065a20109dcabafa2fd00fb776e43a832491ec2f7480

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d17fe5490f43a6-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:11:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2iJgvfOVXfCDcxpbYLFHWbJiS7FEZzS4q79FLAWMHtk3RJ1Lqym%2Bo%2FSF6%2F7wWuwNGiWSas50oIUVmZgRa%2BhJ3nhwgyp8Hec8j1x9x0juw1LPAyXPNpCaGrnZGVv8JxNRlt1rKmtNcjYYTMbCwA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
cat.php
gluxouvauque.com/ 		0
752 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauque.com/cat.php?userId=39b8e1eaa5f1bba0148c59537e7b74b2&zoneid=4662728&rb=z3X01tST58rHQ-PRHnTN1RUeA7pLK2dwwFrbNrC3dYwuEHezFcUt7AACOCR6QGSDCrS7j1VZ3cG03fNXS0gfgyyUQfCXYy0j0lTAJqFzgI7KFPp3VF3uvHMotBM8cDoGWIshf90jihl4miqldFLkEZ5OYcXnTTw51TKb9wFD9474B3PWpJDa-vLY8Tzf2dycfYOimINkYl0DqsqI9Zvc92vW91gPlbbqz1jmLsGUUTSxUkWGYoa06cpjT4vmzrFLfL-wEHi1ORHnsmKozN9WCoEcVchzeyhK8IRcyGc55iQl8XMSBNuCDSW7cU0fGIDFLYIRmnVs9wL2Wg67CJf96tnixqKq-wgOfRQkhNK1IKYuLIBKlqtAHHi-y0JRZ3AzODPWiY87qYSGPy9fUIeb19yDoQ_AACb6oivtEm_k7tywf_hV40TxEh8Y1U2lcr1l4U91fiUji-LUZ4eqb_zi-1I3cO5vup3o_6_EBdDeBtl-auzYYUDkSbcrZnZRA52QthcX_0TFwFuIy96M-4uR9Lk4J28KwNnjMmOtBBiLWsVpTqJcf57HPGmBhGY=&var=6120639&var3=787071205235761509&ymid=&rhd=1
Requested by
Host: gluxouvauque.com
URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.21.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 29 Feb 2024 14:11:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
fb52d6b2e948642c5086340cd48cb5b8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAcUAMVSNanT7lZrcIx1dcQo3MhGvIiA3E1HYNAGsQfTVhwR9fjk%2BQMStcn7jvB2HkfnW1scmFTxrq1iqM%2FD0gS58LB9zfdmr2nc02Tfh5qdHkGGzuUKdkG017Ar%2FHrY00PY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauque.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85d17fe3899d0b3e-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9780461
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230069-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iz24MHki9TqwY7XZBoMtuMVUvIsC7HKFiM%2BFf4Jo9BEYi1ud3oPMcAQStV%2BrrKr2pZwkyrwZZ%2B3e7zZIvOmySvQr3Kx8fh75yu2nblI8JCoSf%2FfGxZrey4Wil4XTw3mYcO6gzX%2FbvT7VVgHSueI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85d17fe7ea959957-FRA
icon.png
kingadblock.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/icon.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:59 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 16 Aug 2023 09:41:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64dc99af-1121"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfC0bxpdyGy1%2FDiJHfTrzA%2ButIQ5PcJqUYm00%2F%2BiLOiu6wPTgCoDnECyZsXGehG1GWTXNvl%2BtRF917OBFUF%2FK1Tq5QJRv3uAElz9Clnbf%2Fv9ii%2FNQGwY20LwY2B0UFmCFe1q1B2cYMHHIKGLbDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85d17fe7ebfe43a6-EWR
alt-svc
h3=":443"; ma=86400
content-length
4385
cws.png
kingadblock.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kingadblock.com/images/cws.png
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:11:59 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 04 Sep 2023 08:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f59bc7-d6b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqDfYetTR0fo9pq2w3ClFNc1oJrwEfhaHEBYZ3aIuOqrFrSLpu8hKR5py6YuQD72jebWx8Ul%2BWMRfX6NlVnnY2OCs9ODVf6oWqp9ytAPdQg01qdONxFYaX4dDUF%2BXvhFuFZ3noK5KKnzBWpSf%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
85d17fe7ec0043a6-EWR
alt-svc
h3=":443"; ma=86400
content-length
3435
icon.png
flcjnflecolckmhfcmhhkichjhajjnlb/ 		0
0
a.php
tururu.info/ Frame 24D3 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tururu.info/a.php?id=0083&e=VPGCNBK0FG&c=cjpaHP126pWlp16&r=pa&cid=787071208469566278&z=4662728&v=12&dr=&inw=1600&inh=1200
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:afa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://kingadblock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d17fe9edaa1a40-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:11:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7H2LyQqfyUPqrAeabztwxWRfUotX2SFGOgBTLoLXdJXlYYJJ46DHYSL2ZJuZdfjx0HUn3Y7nWpQz7i2j1iWZCysEfWSd4hAeNHaNsZBRI1e4Vt4ERQerjrvL3XJPCXVIZOccW5NLwLADQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
clear.php
kingadblock.com/ Frame 738F 		0
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kingadblock.com/clear.php
Requested by
Host: kingadblock.com
URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85d17fe87ca943a6-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Feb 2024 14:11:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEDp4ynUw5JUG3rmYohURsA6fGKyorqRO8WFPGkLRd2yWtNG3SErXXyrkMuJlIYd1Y4BPSg4gSNm8lIDef5oJQDd%2FPDz%2FfMOgiLxm3Fmnl9G0UGKQzyRsRMSgzCpWuHKSfWP2Nc%2BQYlAhzdi%2B0o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
gluxouvauque.com
URL
https://gluxouvauque.com/rhd?rb=ioo2Y9fssTeICU6aakNccVDPqtf_He9QW5L-0CxVM8pnZpCdSgeqou1asmD5ITK5hSbY2I1Y3hbq0iX0M6gZuQn9ura-RZcXolDg2crPoMNznsTcALvpc68T7GyTikWz_ivKf8FhWZ2FR59kb4rvRXVXly2D5saUdPlV_7qTJqhHaWDRfQP4_6G3wWIUn_4dhdC8_PrsLsh0QpDDnFeARMTltQp4OWSo8CV1iXt_J-HtKwsO7-c2UpnLtYNe37G-rDgVQkr3DbVfweezopalDfCgCPWi8dCV3eTo4ULGPAjtV8IXWRwIdSvdbFCnTR1BqrhQseRpj_otx9SFbJi4I9umIS_7QxSvJH33NZXfo2MuZ_tDPIr5Q7wik65oNuj016dzDvqUxXvIaOY1VW4o6mo7dlnTFVkR5zqmZvt3rX5v5a_dR4pM8QQFHwpenzDCVgshWMGBmNAc-YWqYRNg6diKROBvJoavizW_2J5BKfYbwRhaTyRJEO_j4MKGM7IID5x5C_0kIuyvqWQNfy3RuGVG-cM8VXKUFxODoQL5Uujz5zVya8xYcw%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauque.com%2F%3Fs%3D787071205235761509%26ssk%3D7372d4ef62b324b6d57b0acff8c3f327%26svar%3D1709215917%26z%3D6120639%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3DEurope%2FBerlin%26bto%3D-60&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6120639&var3=787071205235761509&ymid=&rhd=1&m=link
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
flcjnflecolckmhfcmhhkichjhajjnlb
URL
chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| req_existing_user object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

15 Cookies

Domain/Path Name / Value
offmantiner.com/ Name: OAID
Value: 008011f80b7149b0fdef3009e2905828
offmantiner.com/ Name: oaidts
Value: 1709215916
my.rtmark.net/ Name: ID
Value: 008011f80b7149b0fdef3009e2905828
offmantiner.com/ Name: syncedCookie
Value: true
gluxouvauque.com/ Name: oaidts
Value: 1709215917
gluxouvauque.com/ Name: syncedCookie
Value: true
gluxouvauque.com/ Name: OAID
Value: 39b8e1eaa5f1bba0148c59537e7b74b2
gluxouvauque.com/ Name: prefetchAd_4662728
Value: true
gluxouvauque.com/ Name: reverse
Value: wlD2O5ATrQr-XEJc2H3wLamnwqDd0rcEuhsu8VDXOtI
.tururu.info/ Name: c0083
Value: cjpaHP126pWlp16
.tururu.info/ Name: r0083
Value: pa
.tururu.info/ Name: cid0083
Value: 787071208469566278
.tururu.info/ Name: z0083
Value: 4662728
.tururu.info/ Name: e0083
Value: VPGCNBK0FG
.tururu.info/ Name: _asd
Value: 17092159195263638

15 Console Messages

Source Level URL
Text
other warning URL: https://offmantiner.com/4/6120639/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauque.com/?s=787071205235761509&ssk=7372d4ef62b324b6d57b0acff8c3f327&svar=1709215917&z=6120639&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/Berlin&bto=-60&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2(Line 45)
Message:
Access to XMLHttpRequest at 'chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png' from origin 'https://kingadblock.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://flcjnflecolckmhfcmhhkichjhajjnlb/icon.png
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://kingadblock.com/extension.php?jn=cjpaHP126pWlp16&_d=12&ju=4662728&jq=787071208469566278&jp=pa&oaid=39b8e1eaa5f1bba0148c59537e7b74b2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

becast.onionlive.workers.dev
cdn.jsdelivr.net
datatechone.com
flcjnflecolckmhfcmhhkichjhajjnlb
gluxouvauque.com
jouteetu.net
kingadblock.com
my.rtmark.net
offmantiner.com
tururu.info
flcjnflecolckmhfcmhhkichjhajjnlb
gluxouvauque.com
jouteetu.net
104.21.21.183
139.45.195.253
139.45.195.8
139.45.197.245
139.45.197.251
2606:4700:3034::ac43:8d6c
2606:4700:3037::ac43:afa1
2606:4700::6810:5914
2a06:98c1:3120::3
091483d5419eb9e98f0edd49563409fad2eb24f1d10bc161b9716e0f0ee86b35
14be0617a5e5b897aa2414ed85990bf6dc9f7270100058a94c4feb1d14ab5757
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52308e8f8d19b1efcaa9a2a11099db72464c9ad49687dde5ae4dd6744bf44c6d
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1
a7ee58a2ec68638389cf5924537f5d994eddfd4bc7f90af760794510a75a71af
a94d9677d6db69dc5a66942c4beb66870562b832269310adeb8e87fab0b9065e
bbde98eb39d711f803483c5e02c98fda77ad9f55f2f9f41d601df6ed272ce826
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c43f5b63e4328be285e1bf90d65089130e5077f9cdcbed6569e9beaf796c3b0c
c7e8bcd5fa760e77d71d065a20109dcabafa2fd00fb776e43a832491ec2f7480
d1bcb6e2499789bafa5d9a45e31fc286f360c525d5c3dff824f2aa7405f1f862
db72823deea04b9f2899d96b397fe642b82336ea7203afe24391a5f3317303de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f059cb451b59802e9276ca1283427f0680c967b454ec03654fb567df7a46154c