URL: https://krolex.biz/
Submission: On November 11 via api from US — Scanned from GB

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 56 HTTP transactions. The main IP is 185.174.173.11, located in Amsterdam, Netherlands and belongs to ITLDC-EU, US. The main domain is krolex.biz.
TLS certificate: Issued by R10 on November 10th 2024. Valid for: 3 months.
This is the only time krolex.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 185.174.173.11 21100 (ITLDC-EU)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 12 2a02:6b8::1:119 13238 (YANDEX)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 144.76.28.254 24940 (HETZNER-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 176.9.82.58 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
56 15
Apex Domain
Subdomains
Transfer
31 krolex.biz
krolex.biz
2 MB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9307
4 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
10 KB
4 yandex.ru
informer.yandex.ru — Cisco Umbrella Rank: 93086
mc.yandex.ru — Cisco Umbrella Rank: 4610
78 KB
4 linkslot.ru
linkslot.ru — Cisco Umbrella Rank: 973868
17 KB
2 surfe.pro
static.surfe.pro — Cisco Umbrella Rank: 508664
rt58.surfe.pro — Cisco Umbrella Rank: 626854
8 KB
1 surfe.be
static.surfe.be — Cisco Umbrella Rank: 891731
304 KB
1 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 941
74 KB
1 freepik.com
img.freepik.com — Cisco Umbrella Rank: 19755
11 KB
1 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 31161
1 freekassa.ru
cdn.freekassa.ru
3 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1139
29 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
28 KB
56 13
Domain Requested by
31 krolex.biz krolex.biz
8 mc.yandex.com 3 redirects krolex.biz
mc.yandex.ru
4 linkslot.ru krolex.biz
linkslot.ru
3 mc.yandex.ru 1 redirects krolex.biz
3 www.gstatic.com krolex.biz
www.gstatic.com
1 fonts.gstatic.com krolex.biz
1 static.surfe.be krolex.biz
1 translate.googleapis.com
1 rt58.surfe.pro krolex.biz
1 img.freepik.com krolex.biz
1 ad.a-ads.com krolex.biz
1 cdn.freekassa.ru krolex.biz
1 informer.yandex.ru krolex.biz
1 translate.google.com krolex.biz
1 static.surfe.pro krolex.biz
1 cdnjs.cloudflare.com krolex.biz
56 16

This site contains links to these domains. Also see Links.

Domain
surfe.pro
linkslot.ru
translate.google.com
payeer.com
metrika.yandex.ru
freekassa.ru
Subject Issuer Validity Valid
*.krolex.biz
R10
2024-11-10 -
2025-02-08
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
surfe.pro
WE1
2024-09-17 -
2024-12-16
3 months crt.sh
linkslot.ru
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-10-20 -
2025-04-01
5 months crt.sh
freekassa.ru
WE1
2024-11-04 -
2025-02-02
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2023-12-27 -
2025-01-26
a year crt.sh
*.freepik.com
E6
2024-10-21 -
2025-01-19
3 months crt.sh
*.surfe.pro
E5
2024-09-24 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
surfe.be
WE1
2024-10-25 -
2025-01-23
3 months crt.sh

This page contains 4 frames:

Primary Page: https://krolex.biz/
Frame ID: 30620085C150638EFF7F331898C5EDB9
Requests: 54 HTTP requests in this frame

Frame: https://ad.a-ads.com/2364103?size=468x60
Frame ID: 4DB390160126524CF1249D7F023A5286
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 473951DBF2B52AC300F558B3A8842FB7
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: F388014C31FD0ACD06E8D05A5FBCAE79
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

KROLEX : Заработок без вложений и реклама сайтов

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

96 %
HTTPS

79 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

2641 kB
Transfer

3712 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10550.Uu47_u6dDgk9VpCeAiekDzU5pXHhEgh9We87ZInjqUjDFVxXT1vfmI9kDv7RcWUI.uon9KSHvixrVwHcc2wH9pFULSdc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10550.l6sK76-AMwb-8KhoqrBjgmuEn3ZEfIruLEUUMV6w2btwlBLjCrzEK-NuDTBUO__VVxFDE5_nP6D-qaIuPNg9Jd5wAiPd313rAUKHWvMjStTCV2qdA-xV005uadg27TDMRhgGF9F9s35pmhYfz14rG26Jh4T0pSwtWuphI0tfYLNanopPIQxVdA5r8QbrOwdkW842z1ZqxiW1_PQDjVBlovUFFaiT2KifdtG9Lj_W6xk%2C.YaxnODxKm_c29sPTmR5mfTDZLqI%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.5lARtxASqEf5TQmHoPiNnTcQ_awYtjaeKFk6wwb4sSKDgdz9EOxHuxGO83-hIaL1pWCpZ56Ln8lkk234lJF1kECg2hyrO7UCcbFkTYxfrKXRaZ919Q1DoGQpwfrUunbu3H13EaNNYt5ZO2nbVWl3MWPjpr7g8FUECiJD66D6-mP0FyCCGuUs6tdICojyoRTEFe55hXwozz_8GZ6seFmd-A%2C%2C.cFqzvY_lieVy32AD26Xun-vQlOY%2C
Request Chain 50
  • https://mc.yandex.com/watch/98874621?wmode=7&page-url=https%3A%2F%2Fkrolex.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1640384077357%3Ahid%3A802865940%3Az%3A0%3Ai%3A20241111094341%3Aet%3A1731318221%3Ac%3A1%3Arn%3A661442408%3Arqn%3A1%3Au%3A1731318221593127276%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A854%3Awv%3A2%3Ads%3A36%2C133%2C47%2C2%2C1%2C0%2C%2C674%2C0%2C%2C%2C%2C893%3Aco%3A0%3Acpf%3A1%3Ans%3A1731318219870%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731318222%3At%3AKROLEX%20%3A%20%D0%97%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
  • https://mc.yandex.com/watch/98874621/1?wmode=7&page-url=https%3A%2F%2Fkrolex.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1640384077357%3Ahid%3A802865940%3Az%3A0%3Ai%3A20241111094341%3Aet%3A1731318221%3Ac%3A1%3Arn%3A661442408%3Arqn%3A1%3Au%3A1731318221593127276%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A854%3Awv%3A2%3Ads%3A36%2C133%2C47%2C2%2C1%2C0%2C%2C674%2C0%2C%2C%2C%2C893%3Aco%3A0%3Acpf%3A1%3Ans%3A1731318219870%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731318222%3At%3AKROLEX%20%3A%20%D0%97%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
krolex.biz/
16 KB
6 KB
Document
General
Full URL
https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed / PHP/7.3.33
Resource Hash
706bc14b67238733efc0c5d7f61b45166aedc2b87be29aa6c317ffb98b34a30a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Nov 2024 09:43:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
bloggersans.css
krolex.biz/assets/fonts/
2 KB
402 B
Stylesheet
General
Full URL
https://krolex.biz/assets/fonts/bloggersans.css
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
006ba17d24c70cecc1009bff8c6157f7c9531e7d5e3a6e678c0f0be3fc913c5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
294
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/css
last-modified
Sun, 10 Nov 2024 11:13:44 GMT
vary
Accept-Encoding
server
LiteSpeed
all.min.css
krolex.biz/assets/icons/fontawesome/
455 KB
73 KB
Stylesheet
General
Full URL
https://krolex.biz/assets/icons/fontawesome/all.min.css
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
9b86b6299d962d699cb1f3927528f4e6d7a2ad93abef1167a9c356566e33e2f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
75124
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/css
last-modified
Sun, 10 Nov 2024 11:14:00 GMT
vary
Accept-Encoding
server
LiteSpeed
bootstrap.min.css
krolex.biz/assets/css/
160 KB
21 KB
Stylesheet
General
Full URL
https://krolex.biz/assets/css/bootstrap.min.css?v=1
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
67941210ad55cc146ecc321d23d20dbc005b1d2b4d0ed307d462612e74dcff00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
21230
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/css
last-modified
Sun, 10 Nov 2024 11:13:38 GMT
vary
Accept-Encoding
server
LiteSpeed
style.css
krolex.biz/assets/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://krolex.biz/assets/css/style.css?v=1
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
8dc4409c2b0e9804f665a9f9be5e5dcd5936cb808961e8412a7f2c6f1c95c694

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
2970
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/css
last-modified
Sun, 10 Nov 2024 11:13:41 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
86 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-15851"
age
492093
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSv5j4xhVUA1iBrSWCs068JiEIeC%2FxHQ3CRABvbx2h%2F1RYbav11EQgBINJqZGsuz2dSxgk1j5k%2Fe0%2F5pjjus0wAe191x66qFzYEQC%2BcSbWZ8xvK8ljWsCZEG4FPKwftGgKh%2F7BgSl5jqXYrMPRBMyL8I"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 09:43:40 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0d56dd99019492-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27748
server
cloudflare
ads.png
krolex.biz/img/
7 KB
7 KB
Image
General
Full URL
https://krolex.biz/img/ads.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
c47877a0056c47c4dc1d37c9032cc904f588f3f270ef1d409a49d10b38533045

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
6825
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:40 GMT
server
LiteSpeed
gift.png
krolex.biz/img/
5 KB
5 KB
Image
General
Full URL
https://krolex.biz/img/gift.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
af364a32e9ec2f63ab32efdd30b164ce4c7ad53e5bc8fbab9fac0c01eff4220a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
4811
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:43 GMT
server
LiteSpeed
best.png
krolex.biz/img/
5 KB
5 KB
Image
General
Full URL
https://krolex.biz/img/best.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
215acf8f9bb7af078d13f3973ced347e70ab881f5a7a4c03802f016dd516fe77

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
5410
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:41 GMT
server
LiteSpeed
users.png
krolex.biz/img/
6 KB
7 KB
Image
General
Full URL
https://krolex.biz/img/users.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
ee2cfc67c361d681a970aaa6e8683ad402ff311da3c034eae4fc7aafdbed509a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
6622
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:52 GMT
server
LiteSpeed
ticket.png
krolex.biz/img/
6 KB
6 KB
Image
General
Full URL
https://krolex.biz/img/ticket.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
a6bf9fe32d62b113205032271cd7345a836237e7b5f4fe45a8650a8bdc2d1ec2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
5925
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:51 GMT
server
LiteSpeed
contest.png
krolex.biz/img/
5 KB
5 KB
Image
General
Full URL
https://krolex.biz/img/contest.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
3e4282478fdff0ffedab245b0a98bb80429f6920de0cf07c7dabb7c6091425c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
4694
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:42 GMT
server
LiteSpeed
net.js
static.surfe.pro/js/
5 KB
3 KB
Script
General
Full URL
https://static.surfe.pro/js/net.js
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:ddae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4440e72c2c1e11a92577da7f30ae8587d51135d063dc39bbff5ff1bd05a45a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66bdede7-1207"
age
27979
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJp2H6Gb3hDeFfVlQLZHAUarZoiRbin%2F20AzsHiuEakbXlQODfe%2Ff3nigFmRlJJhKIBtL5%2B%2BW0U69dK0mdHpjey4Pu2QMp6DBPb0R2niMyzgG5SF3o4Am%2BEU9Zj%2FeV4G44B%2FVfhr5YOk1%2FF3atvD"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27582&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4279&delivery_rate=23030&cwnd=12000&unsent_bytes=0&cid=1048c8018642027c&ts=89&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
application/javascript
last-modified
Thu, 15 Aug 2024 12:00:39 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0d56de598abf04-LHR
server
cloudflare
bancode_new.php
linkslot.ru/
7 KB
4 KB
Script
General
Full URL
https://linkslot.ru/bancode_new.php?id=364546
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acf7a0b245df640c3bbea86532f8396b09724e9ca944b9fcc8ec37acbb72348

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aq84NkYQkhFyUgW4hBrS3zmEDRNP7%2FIfQXIRu%2F7FY2Hjy3Jf1cihey%2FhUKMQj9k4JEk9SdSgCTyhG6Y9CML1OcOkSXbLcLNqNLC2P4H5DhFcyDtp8kSkg22gQrYlWO3sa31eRZaFaQyWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0d56df1c8f94ab-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29459&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4213&recv_bytes=3080&delivery_rate=470&cwnd=12000&unsent_bytes=0&cid=1b1f9f7e3eeb0f87&ts=707&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 09:43:41 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
ru.png
krolex.biz/img/lang/
1 KB
1 KB
Image
General
Full URL
https://krolex.biz/img/lang/ru.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
e1c6a99d99018e5063086246352cf80adce3ae48b8ae3d30e421773b761b26ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1333
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:02 GMT
server
LiteSpeed
us.png
krolex.biz/img/lang/
1 KB
1 KB
Image
General
Full URL
https://krolex.biz/img/lang/us.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
125cad470660541e6e2258dfa448d0adc212b615889a69d85c810f46d6b901eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1471
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:03 GMT
server
LiteSpeed
es.png
krolex.biz/img/lang/
1005 B
1 KB
Image
General
Full URL
https://krolex.biz/img/lang/es.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
08e25c77dccdd34c77dd324f0c09c8111b06e8f19bcdc8fc7c6eddcb0a50600c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1005
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:00 GMT
server
LiteSpeed
it.png
krolex.biz/img/lang/
2 KB
2 KB
Image
General
Full URL
https://krolex.biz/img/lang/it.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
4fda01a0c41952149dbda1c214ce6a8b0c1164be72d0ddc8d90fff9c3cc763fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
2040
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:01 GMT
server
LiteSpeed
de.png
krolex.biz/img/lang/
1 KB
1 KB
Image
General
Full URL
https://krolex.biz/img/lang/de.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
2674ed530727482017f61db09cfde3fc2a492e6c44a03c80ab5e0265be0ed52e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1124
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:59 GMT
server
LiteSpeed
fr.png
krolex.biz/img/lang/
2 KB
2 KB
Image
General
Full URL
https://krolex.biz/img/lang/fr.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
55609e5e725e38747e15a59506fb1485cfd27842f35be78837638e13635c2b98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1764
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:00 GMT
server
LiteSpeed
ae.png
krolex.biz/img/lang/
1 KB
1 KB
Image
General
Full URL
https://krolex.biz/img/lang/ae.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
27a83b164f60c0ab729ab76c9c7f829cdc52b2b13991b010b7eb1365a2a422d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1360
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:58 GMT
server
LiteSpeed
tr.png
krolex.biz/img/lang/
2 KB
2 KB
Image
General
Full URL
https://krolex.biz/img/lang/tr.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
87aedffa5b5737f457cbddfad654a0d4c57caca3ff0c727934bc74dd7821f383

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1636
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:03 GMT
server
LiteSpeed
bd.png
krolex.biz/img/lang/
1 KB
1 KB
Image
General
Full URL
https://krolex.biz/img/lang/bd.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
25a9cb7a4abbfbeed294806bac547e7d42da9e1b1678be3c77ac7ca2b9c6fb78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1282
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:58 GMT
server
LiteSpeed
ms.png
krolex.biz/img/lang/
2 KB
2 KB
Image
General
Full URL
https://krolex.biz/img/lang/ms.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
78fa04887c439d6902b0cb689d472ad2e273129012de48d1a9706c881efee5cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
1985
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:15:01 GMT
server
LiteSpeed
element.js
translate.google.com/translate_a/
84 KB
29 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c8058b6460b621b5c3d50d192d33d936895f7050dc7bbf6bf143196f5538575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 09:43:40 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
payeer.png
krolex.biz/img/
3 KB
4 KB
Image
General
Full URL
https://krolex.biz/img/payeer.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
11551b680f8e3f8d34212c9ea9e88fff7bfb6697976b50856a70ce09b52d7c30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
3558
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:47 GMT
server
LiteSpeed
2_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/98874621/
1 KB
2 KB
Image
General
Full URL
https://informer.yandex.ru/informer/98874621/2_1_FFFFFFFF_EFEFEFFF_0_pageviews
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
4529f689ec8407bccc3fd8112e3b3b410198421859cd2a597f8b2dbea553dcfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
expires
Mon, 11-Nov-2024 09:43:41 GMT
content-length
1321
x-xss-protection
1; mode=block
last-modified
Mon, 11-Nov-2024 09:43:41 GMT
content-type
image/png
small-white-2.png
cdn.freekassa.ru/banners/
2 KB
3 KB
Image
General
Full URL
https://cdn.freekassa.ru/banners/small-white-2.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c040c91320f82fefe519b70a8e426c1b7597e78c42cc06994dfee01a9992afa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *; default-src 'self' data: wss: mc.yandex.ru mc.yandex.com fpnpmcdn.net cdnwbstts.com *.hcaptcha.com *.fptls.com *.cdnwbstts.com *.fpjs.io *.fpapi.io *.youtube.com finana.io fokusdoom.ru pay.finana.io *.google-analytics.com *.google.com.ua *.gstatic.com *.googletagmanager.com *.google.com *.jivosite.com freekassa.ru freekassa.com *.freekassa.ru *.freekassa.com *.googletagmanager.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'; script-src 'self' blob: mc.yandex.ru mc.yandex.com fpnpmcdn.net fokusdoom.ru hcaptcha.com *.google-analytics.com *.google.com.ua *.gstatic.com *.googletagmanager.com *.google.com *.jivosite.com *.freekassa.ru *.freekassa.com *.googleapis.com *.googletagmanager.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.jivosite.com *.google.com.ua *.freekassa.ru *.freekassa.com; font-src 'self' data: *.gstatic.com 'unsafe-inline'; style-src-elem 'self' data: *.jivosite.com *.googleapis.com *.freekassa.ru *.freekassa.com 'unsafe-inline'; base-uri 'none'; form-action 'self' *; style-src 'self' *.googleapis.com *.freekassa.ru *.freekassa.com *.googletagmanager.com *.jivosite.com 'unsafe-inline' ; style-src-attr 'self' *.googleapis.com *.freekassa.ru *.freekassa.com freekassa.ru freekassa.com 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cf-cache-status
HIT
etag
"6b7-5bee814952f0c"
age
2294
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FCpKbk2OBg8417ZNeNra1dtszvT7pdOeYWGoFvciEeo0kSDuxwoYDMb%2Bk33iwV3oPyvBNkDrSiYeDsBLQuYcmfiLS2wV4riRnM36oWQHMGUeBfc7NOfe1NeZFCg8zxODzgzLkjG6rJ59zMNjCY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=3095&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4014&recv_bytes=2264&delivery_rate=1245801&cwnd=254&unsent_bytes=0&cid=5c0c9a06bdde8777&ts=56&x=0"
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Thu, 01 Apr 2021 12:07:50 GMT
vary
Origin, Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains
content-security-policy
frame-ancestors 'self' *; default-src 'self' data: wss: mc.yandex.ru mc.yandex.com fpnpmcdn.net cdnwbstts.com *.hcaptcha.com *.fptls.com *.cdnwbstts.com *.fpjs.io *.fpapi.io *.youtube.com finana.io fokusdoom.ru pay.finana.io *.google-analytics.com *.google.com.ua *.gstatic.com *.googletagmanager.com *.google.com *.jivosite.com freekassa.ru freekassa.com *.freekassa.ru *.freekassa.com *.googletagmanager.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'; script-src 'self' blob: mc.yandex.ru mc.yandex.com fpnpmcdn.net fokusdoom.ru hcaptcha.com *.google-analytics.com *.google.com.ua *.gstatic.com *.googletagmanager.com *.google.com *.jivosite.com *.freekassa.ru *.freekassa.com *.googleapis.com *.googletagmanager.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.jivosite.com *.google.com.ua *.freekassa.ru *.freekassa.com; font-src 'self' data: *.gstatic.com 'unsafe-inline'; style-src-elem 'self' data: *.jivosite.com *.googleapis.com *.freekassa.ru *.freekassa.com 'unsafe-inline'; base-uri 'none'; form-action 'self' *; style-src 'self' *.googleapis.com *.freekassa.ru *.freekassa.com *.googletagmanager.com *.jivosite.com 'unsafe-inline' ; style-src-attr 'self' *.googleapis.com *.freekassa.ru *.freekassa.com freekassa.ru freekassa.com 'unsafe-inline';
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0d56dfccf5531b-LHR
accept-ranges
bytes
content-length
1719
x-xss-protection
1; mode=block
server
cloudflare
links.js
krolex.biz/assets/js/
745 B
518 B
Script
General
Full URL
https://krolex.biz/assets/js/links.js
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
13b3832c2a3dd6c8f0731685c1e9375394c5827d5d117c59138e99f7acc29057

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
br
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
281
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/javascript
last-modified
Sun, 10 Nov 2024 11:14:24 GMT
vary
Accept-Encoding
server
LiteSpeed
bootstrap.bundle.min.js
krolex.biz/assets/js/
76 KB
22 KB
Script
General
Full URL
https://krolex.biz/assets/js/bootstrap.bundle.min.js
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
br
accept-ranges
bytes
content-length
22192
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/javascript
last-modified
Sun, 10 Nov 2024 11:14:19 GMT
vary
Accept-Encoding
server
LiteSpeed
common.js
krolex.biz/assets/js/
1 KB
458 B
Script
General
Full URL
https://krolex.biz/assets/js/common.js
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
ede207c18efa910548dac27b61044f77ac587239fd6a69e3545b0abbf107970c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
br
accept-ranges
bytes
content-length
415
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
text/javascript
last-modified
Sun, 10 Nov 2024 11:14:20 GMT
vary
Accept-Encoding
server
LiteSpeed
2364103
ad.a-ads.com/ Frame 4DB3
0
0
Document
General
Full URL
https://ad.a-ads.com/2364103?size=468x60
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krolex.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 11 Nov 2024 09:43:40 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://krolex.biz/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
cute-bunny-carrot-seamless-pattern-background_42349-726.jpg
img.freepik.com/premium-vector/
11 KB
11 KB
Image
General
Full URL
https://img.freepik.com/premium-vector/cute-bunny-carrot-seamless-pattern-background_42349-726.jpg
Requested by
Host: krolex.biz
URL: https://krolex.biz/assets/css/style.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f831bff65d6afd973ecfd12aadf19fefeffb9d03f32e812b13b52a40d704b83c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

mpulse_cdn_cache
HIT
x-robots-tag
noimageai
cache-control
private, no-transform, max-age=604800
etag
"4bd5fcfb32f58bbeba610e42d7c3a712"
x-check-cacheable
YES
mpulse_origin_time
0
expires
Mon, 18 Nov 2024 09:43:40 GMT
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10886
x-serial
133
date
Mon, 11 Nov 2024 09:43:40 GMT
last-modified
Thu, 21 Sep 2023 16:30:02 GMT
content-type
image/avif
rabbit2.png
krolex.biz/img/
336 KB
337 KB
Image
General
Full URL
https://krolex.biz/img/rabbit2.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
e6bc58f58b1d0f420a81e8e5751f14ceb95e4c389bd51d01abe6e523ae024d63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
344453
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:50 GMT
server
LiteSpeed
fa-solid-900.woff2
krolex.biz/assets/icons/webfonts/
264 KB
264 KB
Font
General
Full URL
https://krolex.biz/assets/icons/webfonts/fa-solid-900.woff2
Requested by
Host: krolex.biz
URL: https://krolex.biz/assets/icons/fontawesome/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
4dd3561bac1f21c70270e2f4d93e30b9eaa7538b5fb12b6f6d5d9a74033e5750

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://krolex.biz
Referer
https://krolex.biz/assets/icons/fontawesome/all.min.css

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
270360
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
font/woff2
last-modified
Sun, 10 Nov 2024 11:14:14 GMT
server
LiteSpeed
Bloggersansbold.woff2
krolex.biz/assets/fonts/
24 KB
24 KB
Font
General
Full URL
https://krolex.biz/assets/fonts/Bloggersansbold.woff2
Requested by
Host: krolex.biz
URL: https://krolex.biz/assets/fonts/bloggersans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
90f73d07d757515cd14eb80218d6e2efcc84ddc8c7756a62bf7f7738e3ea6b66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://krolex.biz
Referer
https://krolex.biz/assets/fonts/bloggersans.css

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
24864
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
font/woff2
last-modified
Sun, 10 Nov 2024 11:13:48 GMT
server
LiteSpeed
Bloggersans.woff2
krolex.biz/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://krolex.biz/assets/fonts/Bloggersans.woff2
Requested by
Host: krolex.biz
URL: https://krolex.biz/assets/fonts/bloggersans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
f7d5cfc4662be9127df3302f0f957b9c7a5f768ade734a3cc06846a6eb5da54a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://krolex.biz
Referer
https://krolex.biz/assets/fonts/bloggersans.css

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:40 GMT
accept-ranges
bytes
content-length
23772
date
Mon, 11 Nov 2024 09:43:40 GMT
content-type
font/woff2
last-modified
Sun, 10 Nov 2024 11:13:46 GMT
server
LiteSpeed
teaser
rt58.surfe.pro/net/
15 KB
4 KB
XHR
General
Full URL
https://rt58.surfe.pro/net/teaser?sid=404715&w=652&seed=12177614103012213&doc_ref=&href=aHR0cHM6Ly9rcm9sZXguYml6Lw==
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
176.9.82.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.58.82.9.176.clients.your-server.de
Software
nginx / PHP/7.3.29
Resource Hash
070c0ddef81682f318b649b125f9fdbfca57ba7f895325b40677058801a313b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://krolex.biz/

Response headers

the-rule
net-teaser
content-encoding
gzip
speed-10
main-t-old 1 - 0.05440616607666
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
speed-07
is AutoTeaser->link = https://surfe.be/2159008?utm_source=surfe.pro&utm_medium=auto_teaser&utm_campaign=business_machine&utm_content=404715&utm_term=171149 - 0.051254034042358
date
Mon, 11 Nov 2024 09:43:40 GMT
speed-08
b-found at 31 - 0.053889036178589
remote-addr
194.74.212.125
content-type
text/html; charset=UTF-8
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
speed-03
site-inited-view - 0.013703107833862
speed-04
tpl-wcnt 1 - 0.013736009597778
speed-09
PH-all 377 checked - 0.054391145706177
speed-06
is bm banner link = https://surfe.be/2159008?utm_source=surfe.pro&utm_medium=auto_teaser&utm_campaign=business_machine&utm_content=404715 - 0.049798011779785
access-control-allow-credentials
true
speed-02
preload - 0.0061349868774414
speed-05
main-tid 12 - 0.013745069503784
access-control-allow-origin
https://krolex.biz
x-powered-by
PHP/7.3.29
server
nginx
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAw/d=0/rs=AN8SPfoV6mMC6tlFnBTPsgfPv12vhvDMnA/
22 KB
4 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAw/d=0/rs=AN8SPfoV6mMC6tlFnBTPsgfPv12vhvDMnA/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.cE9tuUGammM.O/am=GAw/d=1/rs=AN8SPfpEq18-or1zz8S77I-_8xH6gPKd0w/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
gzip
age
487265
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 18:22:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 18:22:35 GMT
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4144
x-xss-protection
0
server
sffe
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.cE9tuUGammM.O/am=AEA/d=1/exm=el_conf/ed=1/rs=AN8SPfomN7y7GLusnMOI1mHuh0EpCsbWiw/
214 KB
74 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.cE9tuUGammM.O/am=AEA/d=1/exm=el_conf/ed=1/rs=AN8SPfomN7y7GLusnMOI1mHuh0EpCsbWiw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.cE9tuUGammM.O/am=GAw/d=1/rs=AN8SPfpEq18-or1zz8S77I-_8xH6gPKd0w/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57a876e76fbea07f14f2a4c82911731da26fb692f127fd4416be49c0ac9aef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
gzip
age
313688
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 18:35:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 18:35:33 GMT
last-modified
Wed, 06 Nov 2024 02:10:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
75216
x-xss-protection
0
server
sffe
tag.js
mc.yandex.ru/metrika/
220 KB
76 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"672b9036-129f3"
expires
Mon, 11 Nov 2024 10:43:41 GMT
access-control-allow-origin
*
content-length
76275
date
Mon, 11 Nov 2024 09:43:41 GMT
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
content-type
application/javascript
2b2d49ba4a4f2dd9210f56f40cbdd2b7.png
static.surfe.be/upload/62348/
351 KB
304 KB
Image
General
Full URL
https://static.surfe.be/upload/62348/2b2d49ba4a4f2dd9210f56f40cbdd2b7.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:c036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
468644ad036e4de1644383f9fae142d0eb431c24def5f979d90f0ad25ea0ed3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67302724-57d87"
age
31955
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrWRH6w4DvokfNRXz0d51hS9PRxz9YHPKpu8ZcSsz24N%2FqqJQZVzAr6dr949GbPuYHM83y9ZYNRR5KmNkXXNYsEyJhwYRVi2PytE76eOtHrIZ%2F1dE1UL5Eku0vDlZ5wa2O1aElMXDqau2UN7FgY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0d56e28f516400-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25765&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4325&delivery_rate=113971&cwnd=12000&unsent_bytes=0&cid=6c429893dd49a0d1&ts=88&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 09:43:41 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 03:23:16 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ Frame 4739
0
0
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/
6 KB
3 KB
Image
General
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

content-encoding
gzip
age
409628
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:56:33 GMT
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
3340
x-xss-protection
0
server
sffe
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
934 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

age
91186
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 08:23:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 08:23:55 GMT
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
910
x-xss-protection
0
server
sffe
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAw/d=0/rs=AN8SPfoV6mMC6tlFnBTPsgfPv12vhvDMnA/m=el_main_css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=GAw/d=0/rs=AN8SPfoV6mMC6tlFnBTPsgfPv12vhvDMnA/m=el_main_css

Response headers

age
5706
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 08:08:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 08:08:35 GMT
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1842
x-xss-protection
0
server
sffe
gate.php
linkslot.ru/
2 B
667 B
XHR
General
Full URL
https://linkslot.ru/gate.php?d1=ceddd4d6d7df97dccaec8b9a9e97a099a095989faa9195999998938ed2d9ecd0d5e6c2a19d95988393dd9ba3a289e6cae0dddf88dba39bc9a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969da29599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94d19bd1d6dfdbacd1ebdf9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9b949e96a2a4999aad93a9
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=364546
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lzo97cdMz%2BSRdeGii2j9iZm0EeDkjAm6N%2BBvyZnYiZ%2FIuR2IxNG%2F0a2%2Bes4C4WoRsVv87%2Fl87mqwJ1XgLUoREqzNdkD%2FJZfrvgya4%2B8pTcJHy0ZtVIve2wTfzRUA0jGIRZuhTvPjKI1XTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0d56e3fde9718d-LHR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29382&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2260&recv_bytes=4383&delivery_rate=559&cwnd=12000&unsent_bytes=0&cid=54ae96d7bb708154&ts=675&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 09:43:42 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
468x60.jpg
linkslot.ru/promo/dummy/
12 KB
12 KB
Image
General
Full URL
https://linkslot.ru/promo/dummy/468x60.jpg
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cf-cache-status
HIT
etag
"66fe9de1-2e1a"
age
6592
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQQvW3KETWDzIe2A%2Fa7yKHjWGA1bRzSeCsi6vf5jsUqwh13x3I9lSfRns1ui%2FmENQ7esJOBb6x5lQqL9%2BmSuEl%2BqZANuvU8Xl1gDKawoM4vex4unrsm%2FBr7X08RS5gPKo1Q2%2BhEOXJI%2BXg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29152&sent=16&recv=12&lost=0&retrans=0&sent_bytes=8182&recv_bytes=3502&delivery_rate=140238&cwnd=12000&unsent_bytes=0&cid=1b1f9f7e3eeb0f87&ts=784&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 09:43:41 GMT
content-type
image/jpeg
last-modified
Thu, 03 Oct 2024 13:36:33 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0d56e38a4394ab-LHR
accept-ranges
bytes
content-length
11802
server
cloudflare
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10550.Uu47_u6dDgk9VpCeAiekDzU5pXHhEgh9We87ZInjqUjDFVxXT1vfmI9kDv7RcWUI.uon9KSHvixrVwHcc2wH9pFULSdc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10550.l6sK76-AMwb-8KhoqrBjgmuEn3ZEfIruLEUUMV6w2btwlBLjCrzEK-NuDTBUO__VVxFDE5_nP6D-qaIuPNg9Jd5wAiPd313rAUKHWvMjStTCV2qdA-xV005uadg27TDMRhgGF9F9s3...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.5lARtxASqEf5TQmHoPiNnTcQ_awYtjaeKFk6wwb4sSKDgdz9EOxHuxGO83-hIaL1pWCpZ56Ln8lkk234lJF1kECg2hyrO7UCcbFkTYxfrKXRa...
43 B
597 B
Image
General
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.5lARtxASqEf5TQmHoPiNnTcQ_awYtjaeKFk6wwb4sSKDgdz9EOxHuxGO83-hIaL1pWCpZ56Ln8lkk234lJF1kECg2hyrO7UCcbFkTYxfrKXRaZ919Q1DoGQpwfrUunbu3H13EaNNYt5ZO2nbVWl3MWPjpr7g8FUECiJD66D6-mP0FyCCGuUs6tdICojyoRTEFe55hXwozz_8GZ6seFmd-A%2C%2C.cFqzvY_lieVy32AD26Xun-vQlOY%2C
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Mon, 11 Nov 2024 09:43:41 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.5lARtxASqEf5TQmHoPiNnTcQ_awYtjaeKFk6wwb4sSKDgdz9EOxHuxGO83-hIaL1pWCpZ56Ln8lkk234lJF1kECg2hyrO7UCcbFkTYxfrKXRaZ919Q1DoGQpwfrUunbu3H13EaNNYt5ZO2nbVWl3MWPjpr7g8FUECiJD66D6-mP0FyCCGuUs6tdICojyoRTEFe55hXwozz_8GZ6seFmd-A%2C%2C.cFqzvY_lieVy32AD26Xun-vQlOY%2C
x-xss-protection
1; mode=block
date
Mon, 11 Nov 2024 09:43:41 GMT
advert.gif
mc.yandex.com/metrika/
43 B
1009 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"672b9036-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Mon, 11 Nov 2024 10:43:41 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 11 Nov 2024 09:43:41 GMT
content-type
image/gif
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame F388
0
0
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://krolex.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1446
content-type
text/html
date
Mon, 11 Nov 2024 09:43:42 GMT
etag
"672b9036-5a6"
expires
Mon, 11 Nov 2024 10:43:42 GMT
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/98874621/
Redirect Chain
  • https://mc.yandex.com/watch/98874621?wmode=7&page-url=https%3A%2F%2Fkrolex.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/98874621/1?wmode=7&page-url=https%3A%2F%2Fkrolex.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
603 B
781 B
Fetch
General
Full URL
https://mc.yandex.com/watch/98874621/1?wmode=7&page-url=https%3A%2F%2Fkrolex.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1640384077357%3Ahid%3A802865940%3Az%3A0%3Ai%3A20241111094341%3Aet%3A1731318221%3Ac%3A1%3Arn%3A661442408%3Arqn%3A1%3Au%3A1731318221593127276%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A854%3Awv%3A2%3Ads%3A36%2C133%2C47%2C2%2C1%2C0%2C%2C674%2C0%2C%2C%2C%2C893%3Aco%3A0%3Acpf%3A1%3Ans%3A1731318219870%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731318222%3At%3AKROLEX%20%3A%20%D0%97%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
Requested by
Host: krolex.biz
URL: https://krolex.biz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
820bfe141c625e8d97c4162daa31ee9c61383a2bc0375eda0c601e6a5c92c348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Mon, 11-Nov-2024 09:43:41 GMT
access-control-allow-origin
https://krolex.biz
content-length
603
date
Mon, 11 Nov 2024 09:43:41 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 11-Nov-2024 09:43:41 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/98874621/1?wmode=7&page-url=https%3A%2F%2Fkrolex.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A1640384077357%3Ahid%3A802865940%3Az%3A0%3Ai%3A20241111094341%3Aet%3A1731318221%3Ac%3A1%3Arn%3A661442408%3Arqn%3A1%3Au%3A1731318221593127276%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A854%3Awv%3A2%3Ads%3A36%2C133%2C47%2C2%2C1%2C0%2C%2C674%2C0%2C%2C%2C%2C893%3Aco%3A0%3Acpf%3A1%3Ans%3A1731318219870%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731318222%3At%3AKROLEX%20%3A%20%D0%97%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Mon, 11-Nov-2024 09:43:41 GMT
access-control-allow-origin
https://krolex.biz
date
Mon, 11 Nov 2024 09:43:41 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 11-Nov-2024 09:43:41 GMT
favicon-32x32.png
krolex.biz/img/fav/
625 KB
626 KB
Other
General
Full URL
https://krolex.biz/img/fav/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
5331d3015f64856cda1cb59ba6614680e1b68882c454b3351f75a0892f9d12c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:42 GMT
accept-ranges
bytes
content-length
640383
date
Mon, 11 Nov 2024 09:43:42 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:56 GMT
server
LiteSpeed
favicon-16x16.png
krolex.biz/img/fav/
625 KB
626 KB
Other
General
Full URL
https://krolex.biz/img/fav/favicon-16x16.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.174.173.11 Amsterdam, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS
smtp1.cp10nl.hyperhost.ua
Software
LiteSpeed /
Resource Hash
5331d3015f64856cda1cb59ba6614680e1b68882c454b3351f75a0892f9d12c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

cache-control
public, max-age=604800
expires
Mon, 18 Nov 2024 09:43:43 GMT
accept-ranges
bytes
content-length
640383
date
Mon, 11 Nov 2024 09:43:43 GMT
content-type
image/png
last-modified
Sun, 10 Nov 2024 11:14:55 GMT
server
LiteSpeed
98874621
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/98874621?wv-part=1&wv-type=7&wmode=0&wv-hit=802865940&page-url=https%3A%2F%2Fkrolex.biz%2F&rn=700990302&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1731318224%3Aw%3A1600x1200%3Av%3A1502%3Az%3A0%3Ai%3A20241111094344%3Au%3A1731318221593127276%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Ast%3A1731318224&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 11-Nov-2024 09:43:44 GMT
access-control-allow-origin
https://krolex.biz
content-length
43
date
Mon, 11 Nov 2024 09:43:44 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Mon, 11-Nov-2024 09:43:44 GMT
98874621
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/98874621?wv-part=1&wv-type=7&wmode=0&wv-hit=802865940&page-url=https%3A%2F%2Fkrolex.biz%2F&rn=430555926&browser-info=we%3A1%3Aet%3A1731318225%3Aw%3A1600x1200%3Av%3A1502%3Az%3A0%3Ai%3A20241111094344%3Au%3A1731318221593127276%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Ast%3A1731318225&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://krolex.biz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 11-Nov-2024 09:43:44 GMT
access-control-allow-origin
https://krolex.biz
content-length
43
x-xss-protection
1; mode=block
date
Mon, 11 Nov 2024 09:43:44 GMT
content-type
image/gif
last-modified
Mon, 11-Nov-2024 09:43:44 GMT
gate.php
linkslot.ru/
2 B
626 B
XHR
General
Full URL
https://linkslot.ru/gate.php?d2=ceddd4d6d7df97dccaec8b9a9e97a099a095978caa84a28b989f969c989baa999bab94a49f
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=364546
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://krolex.biz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxe5%2FXBy6GBx43sqq8e8LEdfYKCoGZkZZphxQsibrorV1Jy4ndo9ZJ9hwngEUvk4BoPedYT4P4J0KG1mH1Vn6ag9chqqraE7wLJ3jesPy3%2BK3fd6O0iRcLQ6OX31WkjPkNzfAfTYHPGK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0d5702a82b718d-LHR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31937&sent=12&recv=11&lost=0&retrans=0&sent_bytes=2974&recv_bytes=4781&delivery_rate=13849&cwnd=12000&unsent_bytes=0&cid=54ae96d7bb708154&ts=5161&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 09:43:46 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| adsurfebe function| googleTranslateElementInit2 function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| GTranslateFireEvent function| doGTranslate function| ym number| uidEvent object| bootstrap function| CmenuOpen object| closure_lm_823555 object| ls_code function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| lsGT string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 string| hash string| lsNA function| lsSF function| lsMF function| Rq function| Pv function| Qv object| Rv function| Sv function| Tv object| Ya object| yaCounter98874621

22 Cookies

Domain/Path Name / Value
krolex.biz/ Name: PHPSESSID
Value: d3e2989a068d31469662ca6b7ff52e8b
.yandex.ru/ Name: yashr
Value: 4391235051731318221
.krolex.biz/ Name: _ym_uid
Value: 1731318221593127276
.krolex.biz/ Name: _ym_d
Value: 1731318221
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2441151429fake
.yandex.com/ Name: i
Value: CDkFkm8vvamtC+yo0vKyFX82kIoSUZF4N9C/+9Duh7wX9J44k9x2RDq0xxJzv67WWgeC1BzznQevQFGMrO5cCw0BwRk=
.yandex.com/ Name: yandexuid
Value: 4453074021731318221
.yandex.com/ Name: yashr
Value: 7105790851731318221
.krolex.biz/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 761179356fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 4453074021731318221
.yandex.ru/ Name: yuidss
Value: 4453074021731318221
.yandex.ru/ Name: i
Value: CDkFkm8vvamtC+yo0vKyFX82kIoSUZF4N9C/+9Duh7wX9J44k9x2RDq0xxJzv67WWgeC1BzznQevQFGMrO5cCw0BwRk=
.yandex.ru/ Name: yp
Value: 1731404621.yu.782895591731318221
.yandex.ru/ Name: ymex
Value: 1733910221.oyu.782895591731318221
mc.yandex.com/ Name: yabs-sid
Value: 1647629991731318221
.yandex.com/ Name: yuidss
Value: 4453074021731318221
.yandex.com/ Name: ymex
Value: 1762854221.yrts.1731318221
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDNo8e5Bg==
.krolex.biz/ Name: _ym_visorc
Value: w

2 Console Messages

Source Level URL
Text
intervention info URL: https://krolex.biz/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://krolex.biz/assets/fonts/Bloggersansbold.woff2
intervention info URL: https://krolex.biz/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://krolex.biz/assets/fonts/Bloggersans.woff2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
cdn.freekassa.ru
cdnjs.cloudflare.com
fonts.gstatic.com
img.freepik.com
informer.yandex.ru
krolex.biz
linkslot.ru
mc.yandex.com
mc.yandex.ru
rt58.surfe.pro
static.surfe.be
static.surfe.pro
translate.google.com
translate.googleapis.com
www.gstatic.com
144.76.28.254
176.9.82.58
185.174.173.11
2606:4700:20::681a:cb6
2606:4700:3032::ac43:ddae
2606:4700:3033::ac43:c036
2606:4700::6811:180e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200e
2a02:26f0:480:33::212:40d4
2a02:6b8::1:119
2a06:98c1:3121::3
006ba17d24c70cecc1009bff8c6157f7c9531e7d5e3a6e678c0f0be3fc913c5a
070c0ddef81682f318b649b125f9fdbfca57ba7f895325b40677058801a313b6
08e25c77dccdd34c77dd324f0c09c8111b06e8f19bcdc8fc7c6eddcb0a50600c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
11551b680f8e3f8d34212c9ea9e88fff7bfb6697976b50856a70ce09b52d7c30
125cad470660541e6e2258dfa448d0adc212b615889a69d85c810f46d6b901eb
13b3832c2a3dd6c8f0731685c1e9375394c5827d5d117c59138e99f7acc29057
1c040c91320f82fefe519b70a8e426c1b7597e78c42cc06994dfee01a9992afa
215acf8f9bb7af078d13f3973ced347e70ab881f5a7a4c03802f016dd516fe77
25a9cb7a4abbfbeed294806bac547e7d42da9e1b1678be3c77ac7ca2b9c6fb78
2674ed530727482017f61db09cfde3fc2a492e6c44a03c80ab5e0265be0ed52e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27a83b164f60c0ab729ab76c9c7f829cdc52b2b13991b010b7eb1365a2a422d4
3e4282478fdff0ffedab245b0a98bb80429f6920de0cf07c7dabb7c6091425c7
4529f689ec8407bccc3fd8112e3b3b410198421859cd2a597f8b2dbea553dcfe
468644ad036e4de1644383f9fae142d0eb431c24def5f979d90f0ad25ea0ed3e
4acf7a0b245df640c3bbea86532f8396b09724e9ca944b9fcc8ec37acbb72348
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dd3561bac1f21c70270e2f4d93e30b9eaa7538b5fb12b6f6d5d9a74033e5750
4fda01a0c41952149dbda1c214ce6a8b0c1164be72d0ddc8d90fff9c3cc763fa
5331d3015f64856cda1cb59ba6614680e1b68882c454b3351f75a0892f9d12c4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55609e5e725e38747e15a59506fb1485cfd27842f35be78837638e13635c2b98
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
67941210ad55cc146ecc321d23d20dbc005b1d2b4d0ed307d462612e74dcff00
6c8058b6460b621b5c3d50d192d33d936895f7050dc7bbf6bf143196f5538575
706bc14b67238733efc0c5d7f61b45166aedc2b87be29aa6c317ffb98b34a30a
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
78fa04887c439d6902b0cb689d472ad2e273129012de48d1a9706c881efee5cb
820bfe141c625e8d97c4162daa31ee9c61383a2bc0375eda0c601e6a5c92c348
87aedffa5b5737f457cbddfad654a0d4c57caca3ff0c727934bc74dd7821f383
8dc4409c2b0e9804f665a9f9be5e5dcd5936cb808961e8412a7f2c6f1c95c694
90f73d07d757515cd14eb80218d6e2efcc84ddc8c7756a62bf7f7738e3ea6b66
9b86b6299d962d699cb1f3927528f4e6d7a2ad93abef1167a9c356566e33e2f6
a6bf9fe32d62b113205032271cd7345a836237e7b5f4fe45a8650a8bdc2d1ec2
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
af364a32e9ec2f63ab32efdd30b164ce4c7ad53e5bc8fbab9fac0c01eff4220a
c47877a0056c47c4dc1d37c9032cc904f588f3f270ef1d409a49d10b38533045
c57a876e76fbea07f14f2a4c82911731da26fb692f127fd4416be49c0ac9aef4
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
d4440e72c2c1e11a92577da7f30ae8587d51135d063dc39bbff5ff1bd05a45a8
e1c6a99d99018e5063086246352cf80adce3ae48b8ae3d30e421773b761b26ed
e6bc58f58b1d0f420a81e8e5751f14ceb95e4c389bd51d01abe6e523ae024d63
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ede207c18efa910548dac27b61044f77ac587239fd6a69e3545b0abbf107970c
ee2cfc67c361d681a970aaa6e8683ad402ff311da3c034eae4fc7aafdbed509a
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7d5cfc4662be9127df3302f0f957b9c7a5f768ade734a3cc06846a6eb5da54a
f831bff65d6afd973ecfd12aadf19fefeffb9d03f32e812b13b52a40d704b83c