Submitted URL: http://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-...
Effective URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0...
Submission: On April 29 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3033::6815:229e, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.allbaofu.com.
TLS certificate: Issued by GTS CA 1P5 on March 25th 2024. Valid for: 3 months.
This is the only time lp.allbaofu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31 2606:4700:303... 13335 (CLOUDFLAR...)
3 139.45.197.250 9002 (RETN-AS)
9 139.45.197.251 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
43 4
Apex Domain
Subdomains
Transfer
31 allbaofu.com
lp.allbaofu.com
287 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 29450
3 bujerdaz.com
bujerdaz.com — Cisco Umbrella Rank: 409582
16 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
544 B
43 4
Domain Requested by
31 lp.allbaofu.com 1 redirects lp.allbaofu.com
bujerdaz.com
9 jouteetu.net bujerdaz.com
3 bujerdaz.com lp.allbaofu.com
bujerdaz.com
1 my.rtmark.net bujerdaz.com
43 4

This site contains no links.

Subject Issuer Validity Valid
lp.allbaofu.com
GTS CA 1P5
2024-03-25 -
2024-06-23
3 months crt.sh
bujerdaz.com
R3
2024-04-15 -
2024-07-14
3 months crt.sh
jouteetu.net
R3
2024-03-13 -
2024-06-11
3 months crt.sh
rtmark.net
R3
2024-03-02 -
2024-05-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Frame ID: E6C372708F176862C8113CA74FDA6847
Requests: 43 HTTP requests in this frame

Screenshot

Page Title

Congratilations!

Page URL History Show full URLs

  1. http://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7db... HTTP 307
    https://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7db... HTTP 308
    https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

303 kB
Transfer

411 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e= HTTP 307
    https://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e= HTTP 308
    https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lp.allbaofu.com/sw2/
Redirect Chain
  • http://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
  • https://lp.allbaofu.com/sw2?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
  • https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
18 KB
4 KB
Document
General
Full URL
https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643d86b0bcea891446199c204be57a7aba347ebc71fa285dc48cb9fc54e6d11e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87c2608aebed3674-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 21:27:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbcFv4H2E4kfGw7qhWCq054Yf7skdIw4h%2BEkMewLrcg3jyYFxGn1AnRGY8B0Tl3aiQqIL4%2FXNV%2FHQzzy1VF%2BQsnrSL0rKgvP0wzg0U0fZb9z1M4%2FUcCpVFgRA1KqmKe5xQ1rayHMY%2FzNrmOzHao%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87c2608a8b953674-FRA
content-length
0
date
Mon, 29 Apr 2024 21:27:37 GMT
location
/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PniTbYidi7CZ7u2OHy07Ty7w1cAVdtqV0tGTEm%2BLK9LHRVFVgBMfTNR31qu%2BdTooAu2Nz4HzyoFmGWj4J49QLt5vns3bW%2FAIQaWempunHaLxtLBtNgPM%2Fthtiuj3j1uKYlOg08SWiWxohtunt9w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
lp.allbaofu.com/sw2/files/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://lp.allbaofu.com/sw2/files/css/style.css
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b34b78b60625cb1de1ffad7dd47b1fe06f31c94f1295daf5ccd0b930e5b86af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"10591d21ee2745761c1ed1da043d85dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73wWwMu8cRgDqo4j4x25BGVLKFDn3UYZgrSmNF%2F5M9Zr9Ye2io8nxWqgvof%2FdQeyuQQHUjfNIE6bBW4vZRPerhAu00%2BydaluJ9LyHgWCbHI5wyKK2uu%2B%2BovXZ%2Fh2t7NATyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608b4c713674-FRA
alt-svc
h3=":443"; ma=86400
modal.css
lp.allbaofu.com/sw2/files/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://lp.allbaofu.com/sw2/files/css/modal.css
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d25b80865542723ebd351bbffa180efb9524b1c349a09183af15648d8e634f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"c1713464b6d3902d8ec7972c4a6c88e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XwiSgENNGrTQhJL3FIMWhXmqxFB3PRAqc%2BNdOwqg0Z8Pc2btwjNDOTIenOm4%2BgqHqC0QZ%2BoGvFGr2QV0W1OEmY%2BzX6JruhpNN0lHxzFQpdt4LvgcXf72S2peoW2nzIxMPDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608b4c733674-FRA
alt-svc
h3=":443"; ma=86400
ring.png
lp.allbaofu.com/sw2/files/img/
55 KB
55 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/ring.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3cae32dce702389b8ab4ae64b23ae6c25ebb55576bc2e1d95cf2cfc0f0f89e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
55821
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7d97eac78d28357bcb994fcfa0e635cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CURPtEBhBBKuIa9ABBDuUMrpWTHjD9QGGl%2FCRU838o6J35EcTnjlZP83W8XIhu3ih7zz%2FP8wQdzhGNwwDML4O7PfYTuj%2B4e6adNvIEHroVTUd%2FrzmUNW04cPN3sZYTyB5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608b4c773674-FRA
money.png
lp.allbaofu.com/sw2/files/img/
35 KB
35 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/money.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f5772dc1e27cce0f5314b53070561c2a530c79e2f67cdd05222f2fac27afb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
35440
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"aed590ae7702805e7f31f7e2bc6c4563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sp6Ito9bHZFxJ0IeMJcZR5mzoBrXWbhpNRn8m6i6WiC9OoKZstJsakfwerZihYbKz3iD0udqTSk6puTplhxiq5PDZXxWEncpUdXefwkQFM7FYynvHexlZYy7%2BvArx4zkzHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608b4c783674-FRA
money-2.png
lp.allbaofu.com/sw2/files/img/
42 KB
43 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/money-2.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73a9e9e20503dd820aba7fbbd2256abd02dfa27078b252530682b65542a1eb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
43299
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"aaafa183a0c87317ebbc3915fb2e2a81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmUmP6XKbTLdewq3YxeUjso%2FL4aU8qeRFp3z2XMf%2FV9qlRLSUA7k6qTr0Ft7xijTPS%2BRwlpTW5X1ZuOVRcjcsx0dKUbuDBbR%2FFlJx0saRolcu7qh8pa3Lpk74%2F8ip7oORno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bcce83674-FRA
615ef34722a34.jpg
lp.allbaofu.com/sw2/files/img/
995 B
1 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722a34.jpg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3817ff1d2e1ed6dc399a22e4b49363f75d2a0a79eab5eb287a2d25efda80ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
995
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"dcad447a6ec5604434bbcb0c8a0863e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOzeZ5M4eUymLmtiLGarfPpimzUS1jMIjmIhwRNwT5d5KOGMqyki6jvW8skZJaovY0x6wUZ7I9xBgQTt96NrYEHcM4mzR6UmBs%2FOjMKWwZBniwzzI3zwGS6U94aFynyeC3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd1b3674-FRA
615ef34722a47.jpg
lp.allbaofu.com/sw2/files/img/
882 B
1 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722a47.jpg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cef7673d671be586ddb3eb27a367f1b260e900891d70509ca1cdc3fc04532ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
882
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"fd30cccd7940362ff4342a216eccd10f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmmSByyjKQkCFTWmF%2B4%2B34rLtkJAmPh51RvKI1%2FgcNOJQ2VZeRCBexQfHBCMGI3r4Tk9cntfqqIuNKLIsa%2FwXudScRIUFjqLwxG0Z45iQy5YjD61bTMkbYrl8dbLuHE1XNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd1c3674-FRA
1m.jpeg
lp.allbaofu.com/sw2/files/img/
3 KB
4 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/1m.jpeg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed13269cac07d6ba48ba9eff1a0cd75b1e35f4703b977cf6f34121d445e6f163
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3563
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"f28f8d5bd590ed4a99d6e3f4fada51db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxGvNfq7RGq8tEw1jmyjzmGUk4B%2B4N9M7Ofjnl%2F34EY4cIJhKrBWLXz9KfsTCaI1PjxmLNTUGQdvOlQjmvP5N9sbmMLiJhfFGzxAks5hbW2ScmzxqYbq5cxcgh8HqT7yV6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd0c3674-FRA
2m.jpeg
lp.allbaofu.com/sw2/files/img/
4 KB
4 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/2m.jpeg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5aef11070b758f3ce9ed66b15f019c6260c33238136390f5cd51b3189db02f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3705
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"634d37b4d469bcca1a1e7cb6b6bf956e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBTaEdIvHE%2BvJ2%2F9xum%2F%2BteLFjR1KFqkKDx9rg%2B9dPwTIzu%2F%2F6NCgOOG2lQxY5sz%2BBIU1iPvZIvuF0Upy36EAYCpj6APJlOxtfYedrRNlbiI8zvIghbbV3a%2FugCiwB4RF%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd123674-FRA
3m.jpeg
lp.allbaofu.com/sw2/files/img/
4 KB
4 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/3m.jpeg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30839c19d58f854b7a501b83e63e2fe229d712745881d3acb8a7b6ff27b652ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4041
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"a1a31489998a5432ea1b7c73b72af34a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTozt8e97ftdECPeGcExsYkqfoQQ46NuRoukIg8xycgrObnqRQZPB6dtg8o2h3acOguEOK94nRTGjjkfoXC8bjN3L5zqbCPYvINIyncTS9afyFlcYVCvGPrStJtSSW%2BAoys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd1f3674-FRA
1w.jpg
lp.allbaofu.com/sw2/files/img/
3 KB
4 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/1w.jpg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f74d6c215c9046e58834b4d6c00ee379f978fe7675943bbea3d23daf7668913
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3534
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"25700905afdb3c3a7744279131b20f2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2fKZ5A33p6x0MNQBN2MITfycKmLeZhwAz%2BwdohKEmyjlvd4rPa0qGSQq%2BP4pv9mgWRtslkTNCi9G74QlTbbtSEVRbZVk3aZqihq2QPYTcG%2Byh0605iSwYPFzxIxNzvNrmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd213674-FRA
3w.jpeg
lp.allbaofu.com/sw2/files/img/
4 KB
5 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/3w.jpeg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdde1f50424600802d889800204d4b3119d42e7e9ac989c3ddf23a12e8b759b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4467
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"1bd34b8bfa2aa01aa50dee3ad57f9ee9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BDdPrE3YJP%2BsQU1p3EfGPp2%2FLOG6pJPLEy%2FqoSA%2B6kJenTkNU0DajEQ8S%2BdDs8wgjRrk9ibTXV6XODZwQ6gZ5cjcAXPz1eUQozywlf%2Fionfb5Fmz6z%2BrgD7USo8CTRazHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd233674-FRA
commets-money.jpg
lp.allbaofu.com/sw2/files/img/
54 KB
55 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/commets-money.jpg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d395eaaf48bc216c91f91ffcf65f8f81e73a82020457ef0c851e9f756e2f0be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
55541
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"59e3d0f695efff2a77961aa054558339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BPSHVHrhwCWEBEd9jgRl0WHrK%2Fi%2BAaSZif94iEG06tgPHCi43xWU8mLFKTENpp97lJmFklVJmv9dDp5g6ZUQtxXit%2B3HICsIMLwtZIGAw%2Ffi2kaY3Z5z7hjApQAIHFiboo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd243674-FRA
4m.jpg
lp.allbaofu.com/sw2/files/img/
4 KB
5 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/4m.jpg
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36bc10f0631ae9facd8d1e0fda12c4fb35f300a794d2e049b61c66e5ff215861
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4398
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"4ee483ddbf9fd306c4067c7c61776d16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azHHqIg0fkQIQsLmlfQMg7HaBObe4QKZXkB76ma6q13UCOIbI6lVTOKHzZcQ3YTvInViTynW2hvi3u17oLJtj7cQUs8fmT2s63%2F%2BPa%2F1HgixdisnK1B8DquVQMUWEjOkNBs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd253674-FRA
615ef34722ad6.png
lp.allbaofu.com/sw2/files/img/
2 KB
3 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722ad6.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292ce5b88f14029a90f59f9ac004b7aeeb353b43637870ff4b19ddd0228ab4c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2445
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"93f4e87f56cd72a71ab06aa81e6c3e2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDCm6eJVi%2FE1%2BbLvP61pIbGD9CL1k4JmO49rQu%2Buzx1Y4xteg79lw4N%2FUD2C7JA4go3LikLdtx5H0gO%2BE9XFKpRaqtbOTDvok3vYeWqc7SxtYme32sNnMWAxEMHi9HCRtiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd263674-FRA
615ef34722ae5.png
lp.allbaofu.com/sw2/files/img/
2 KB
2 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722ae5.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6092e790e8edcbe2cf814095a5efd7c1fc0317af4673855e4a9a2b0e0f694e93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2047
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"5e0475e0d2f67280ddbffd337f6b84da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtwn1rtQM7tUlmmVsHRW4%2BXVUoIJCfc2uzwX32Jzi64wEQnJyIiGimX1VZyoIon5%2BAaVEXZGVjsZ5SMLS3YS2brpDvHAdvspHNt%2BqjH%2FZLqmKiuT7ZCNxq3Gz2%2BrLU7Qcs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd273674-FRA
jquery.min.js
lp.allbaofu.com/sw2/files/js/
87 KB
32 KB
Script
General
Full URL
https://lp.allbaofu.com/sw2/files/js/jquery.min.js
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"29c4e63801623c5ad6a13313b0cd8d2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enj0OyrW7pkgj0outQk%2F5D%2BFHtskAPSNDRziW5jHauv22MO782j9rWqzv2PE1LzYa%2B%2FJpWdkJw8azkbYe16XtP8lHTe85LI533XaDxmmJIB7DL9dkgc%2FNqPZJNIu9kufoT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608bdd133674-FRA
alt-svc
h3=":443"; ma=86400
modal.js
lp.allbaofu.com/sw2/files/js/
4 KB
2 KB
Script
General
Full URL
https://lp.allbaofu.com/sw2/files/js/modal.js
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9773b97f1c7aaf90c1ee143d2c3c6fd157431642ee9b6ccefd146aa598ab04ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"a16907663d1f0f8b1fdd9e8dff80a69d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PnKfaW8v6WEWo2cOmY3ciR76PUf1roATpQicWCPEP8jSwECv0s4mf%2BxrrX6FDvSHA9ECyEMTXg8kn16Gt4IqXIBRrVdtsPIlrOY0ttrxGiTzv69c6KUzuvkkWkq3kB7KcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608bdd143674-FRA
alt-svc
h3=":443"; ma=86400
main.js
lp.allbaofu.com/sw2/files/js/
7 KB
3 KB
Script
General
Full URL
https://lp.allbaofu.com/sw2/files/js/main.js
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d767e275053a68961d3e262d9cc53adb87b14d4af7d9eafb3a722c8063207f1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"c6a40307d3e554c55fbfe9cedb598718"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYUJvWADpvsXlOAYaHihPo7IrwSVRmnjD8n5IeZlNipkQjOWVYN4JfbbohPxpj0y%2BPWS74xH3afa1uBN7ZOfz6scI%2BT%2Fj1epeiVHUhW5tkRopOy5xUxqAjAIgeEe3zgzE4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608bdd163674-FRA
alt-svc
h3=":443"; ma=86400
canvas.js
lp.allbaofu.com/sw2/files/js/
3 KB
2 KB
Script
General
Full URL
https://lp.allbaofu.com/sw2/files/js/canvas.js
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fdaf39a74b060bee76b839023ba1f5332b4789ec23457a8e0ab7366cb89a8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"d2d3ea1d0c9a1a50fef5bae7e985b474"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIVa8neyzNg51c9Hd%2BICah95151Iv4vQ5cCTcTdDBpikqbE2jU7sRmYxu1U%2FereJzcSny0TdiuO5rRyYQL02bFc7QcDningD1S09reKTcyymLfxSQFhunq82jYoDWfy%2BCFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608bdd173674-FRA
alt-svc
h3=":443"; ma=86400
lang.js
lp.allbaofu.com/sw2/files/js/
90 B
569 B
Script
General
Full URL
https://lp.allbaofu.com/sw2/files/js/lang.js
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f8ecdcddf1ac914624524e6fc72b0f2f153525f23eb98a2454a720d8d41bfb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"f0cd6d1a44872fb37430df92f764c387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFylpyIh0Lb50Kjhu7my6NO9vEHflf3QndK0oNkeWSeipdvMCB69dy3lKJa8XxZ2noRRuRvq54s8h1eb2UgErGay9EkqcIEpe6I8qhWmauiZUGWFxFSsOUQGYhWCw%2FY3z4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608bdd193674-FRA
alt-svc
h3=":443"; ma=86400
micro.tag.min.js
bujerdaz.com/pfe/current/
36 KB
15 KB
Script
General
Full URL
https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 10:48:51 GMT
server
nginx
etag
W/"662a3513-9116"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
615ef34722c41.png
lp.allbaofu.com/sw2/files/img/
156 B
663 B
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722c41.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/files/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d19d22c105a43bfcd4dfc2271980939375ef21e09489c489bcfc9b94eb15bef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lp.allbaofu.com/sw2/files/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
156
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"157798059015aea89b6a0115b752eb8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeSMyTTmaapmSSxlcT%2Ft9Cm8RXq2lrOeC%2B%2Bp5%2FOOSECgZCgLGEAwe2ZjJ%2FtI%2Bh8dUIdmkE7h0ki4P%2FZHSSafl4fZOUb6Ga5Smad%2Byh8fMEtxGP5tbTY%2BqeAifxwr6PQYf3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd283674-FRA
615ef34722c2d.png
lp.allbaofu.com/sw2/files/img/
279 B
784 B
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722c2d.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/files/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6314ac94872c76d8fba23bba062b0084de4902a7465c27e24c69f22329abf6dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lp.allbaofu.com/sw2/files/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
279
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"892e2a7dab4f5cad5d28efb055988cd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYlTCZ%2F7itgDmJQzNhfVhg1%2BqYnw5kYPMx3I38iYu5QGM9DfszYyhXfYlLyZS5dvS%2Be1Iufp8Dh%2FB6cIznqnZsFpgk7DdgSdguC2TNAeQ%2BPlb9T1hLy7OUU1A3z3%2BPdIm0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd293674-FRA
615ef34722c4e.png
lp.allbaofu.com/sw2/files/img/
3 KB
3 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722c4e.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/files/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35cc5a6a01986aaa5c716b507657218d84e871a2934964a9da0ef7cad8ce65b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lp.allbaofu.com/sw2/files/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2902
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"4250732206b4f583588d3a2737799b77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJ0S1walcLR5egsH8N4uZ8v4vFIG88bhNNKxTTvUjFHzmQqn2hoVPv1a7YutenLuukkz6CgLxXkcaj%2BbkCRlQ9SjHn3TFwBHmPf%2BSo7DOyVVWs3ikzjaOWxeZsdufdiM9kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd2a3674-FRA
615ef34722c5a.png
lp.allbaofu.com/sw2/files/img/
2 KB
2 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722c5a.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/files/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37eb737c2d454b3ad7637228a7c8bebf3b327796f1cb74605e148b2165671ffa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lp.allbaofu.com/sw2/files/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1688
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7b62cfb8058d7bae2da9359768f677e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3AxT%2BQW7zh9XGA64N7XFhqAoYFAnrdMr%2B6fILVvH6bXsv4ePO4FLu3AMslHC0X15RDxefHFhun7WbRSgWyvYuB%2F3hQttyK%2BoAXCn4CP6x%2B5PJKGULAhsSpNiVyZHog1m81c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd2c3674-FRA
615ef34722c67.png
lp.allbaofu.com/sw2/files/img/
13 B
508 B
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/615ef34722c67.png
Requested by
Host: lp.allbaofu.com
URL: https://lp.allbaofu.com/sw2/files/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lp.allbaofu.com/sw2/files/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"0918e406781105b5b30347f5104b596b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fl2IsSowaaJ41arM9A7g9uCCqvg2sfNuFXmuyA%2BMafccDdNp2yblKEY7UDXptTqdw4a30tLSSim5uSnIBxF5vZWWTmPIbC9C5tNcF0fpfqMiudDrHiHAMeAXGxAXXvYl4ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608bdd2f3674-FRA
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sw-check-permissions-f2a23.js
lp.allbaofu.com/
0
766 B
Other
General
Full URL
https://lp.allbaofu.com/sw-check-permissions-f2a23.js?zoneId=7296730
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"e2ab77f39a5d9eb490b773fadfb60a3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWX3mlshJHTDff4%2BYrsn9ztO0GsO%2Bas8rRd3tp9pOvcXshl0YjC%2F3G9tzAxLGzhwSSl3u3exGTGgpR4HP6cOyg5iqueTOVtperXixJpAKwAdRHsF4Z9SNCnk938I4tefxSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87c2608c7dc73674-FRA
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
bujerdaz.com/
0
368 B
Ping
General
Full URL
https://bujerdaz.com/zone?&pub=0&zone_id=7296730&is_mobile=false&domain=lp.allbaofu.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=6e97578e-3f6e-405d-bdad-f6a983e8d5e3&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3Ljc4In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI0LjAuNjM2Ny43OCJ9LHsiYnJhbmQiOiJOb3QtQS5CcmFuZCIsInZlcnNpb24iOiI5OS4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwid293NjQiOmZhbHNlfQ==
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
8ad0637fe2d5512d492a68e9bbfbb03e
date
Mon, 29 Apr 2024 21:27:37 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin
https://lp.allbaofu.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

gid.js
my.rtmark.net/
65 B
544 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7296730&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
781858f28df32749134a4c843fb1dc6342443d4c621ce29672879d36ce94338d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lp.allbaofu.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

check_icon.png
lp.allbaofu.com/sw2/files/img/
4 KB
4 KB
Image
General
Full URL
https://lp.allbaofu.com/sw2/files/img/check_icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002a009a5ddbf1c53a9412ffa40c23738ee8bb538e601f9fe2ea4e13495ae644
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4038
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"390f04b7cef078416f749af262540e44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0KO808%2FU8eW2P2VA4ycaWnSNdDpHCgtud%2FHIlpsHx81rapL8CfoJMrOx1mSBOFpV48Pw782LQKEzSat07IUyU0qyE9p3nB2PkCZ3TwFDrgPSjfVqTe5H7GG3a87VbDq3usM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
87c2608cce253674-FRA
favicon.ico
lp.allbaofu.com/
13 KB
4 KB
Other
General
Full URL
https://lp.allbaofu.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:229e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f1ce85a504f4c720217e3f8524d6fc6916734e3c79456ac85f22efceb64072
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 21:27:37 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
EXPIRED
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zJA%2FQn1PKpA%2BMyimjLEeurFN4se%2FC67bVWwoMztNgdHhlbzrrL3kWgkdIhQLuyfpW%2FYgOeZ4FfnRzSqXcfjq15JBJxr0TsOcId1aJkMjPJHwq0pXCfhZRMPeMh36LO%2FHNObFAbg4KKeG38L3Qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
87c2608cce2e3674-FRA
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
bujerdaz.com/
802 B
1 KB
Fetch
General
Full URL
https://bujerdaz.com/zone?&pub=0&zone_id=7296730&is_mobile=false&domain=lp.allbaofu.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=6e97578e-3f6e-405d-bdad-f6a983e8d5e3&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3Ljc4In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI0LjAuNjM2Ny43OCJ9LHsiYnJhbmQiOiJOb3QtQS5CcmFuZCIsInZlcnNpb24iOiI5OS4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwid293NjQiOmZhbHNlfQ==
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
411309285c064490e690711942677f342d05923c45fcfbf61c3bfacde8cc9ab4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
8315f8863522341fea0f97067a2a0c4a
date
Mon, 29 Apr 2024 21:27:37 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lp.allbaofu.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
802
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: bujerdaz.com
URL: https://bujerdaz.com/pfe/current/micro.tag.min.js?z=7296730&sw=/sw-check-permissions-f2a23.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getURLParameter string| offer_url string| split_url function| go string| bbURL object| s function| $ function| jQuery function| $modal function| dateOffset object| days object| months object| myDate string| fullDate function| speak string| page string| brand number| conMid object| mydate number| year number| month number| day number| weekday number| count object| headline object| topDate object| today object| con object| whCon object| dWheel object| button object| device object| first object| second function| setButtonHeight function| spin function| autospin2 function| autospin1 function| countdown object| zfgformats function| ConfettiGenerator object| confettiSettings object| confetti

1 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 01804d5938b34360f12eef08d952affd

2 Console Messages

Source Level URL
Text
other warning URL: https://lp.allbaofu.com/sw2/?city=&mc_attr=c=810443a5-ea7d-448e-b699-864a9828e204..m=lvjthn5qggmeo7dbhtxaaexkvt..d=0-0-0-0-1..l=17143260878..r=t.lucky4you.xyz..e=#
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://lp.allbaofu.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bujerdaz.com
jouteetu.net
lp.allbaofu.com
my.rtmark.net
139.45.195.8
139.45.197.250
139.45.197.251
2606:4700:3033::6815:229e
002a009a5ddbf1c53a9412ffa40c23738ee8bb538e601f9fe2ea4e13495ae644
0cef7673d671be586ddb3eb27a367f1b260e900891d70509ca1cdc3fc04532ba
0e3817ff1d2e1ed6dc399a22e4b49363f75d2a0a79eab5eb287a2d25efda80ae
292ce5b88f14029a90f59f9ac004b7aeeb353b43637870ff4b19ddd0228ab4c4
2d19d22c105a43bfcd4dfc2271980939375ef21e09489c489bcfc9b94eb15bef
2e3cae32dce702389b8ab4ae64b23ae6c25ebb55576bc2e1d95cf2cfc0f0f89e
30839c19d58f854b7a501b83e63e2fe229d712745881d3acb8a7b6ff27b652ca
35cc5a6a01986aaa5c716b507657218d84e871a2934964a9da0ef7cad8ce65b7
36bc10f0631ae9facd8d1e0fda12c4fb35f300a794d2e049b61c66e5ff215861
37eb737c2d454b3ad7637228a7c8bebf3b327796f1cb74605e148b2165671ffa
411309285c064490e690711942677f342d05923c45fcfbf61c3bfacde8cc9ab4
47f1ce85a504f4c720217e3f8524d6fc6916734e3c79456ac85f22efceb64072
4b34b78b60625cb1de1ffad7dd47b1fe06f31c94f1295daf5ccd0b930e5b86af
53f8ecdcddf1ac914624524e6fc72b0f2f153525f23eb98a2454a720d8d41bfb
6092e790e8edcbe2cf814095a5efd7c1fc0317af4673855e4a9a2b0e0f694e93
6314ac94872c76d8fba23bba062b0084de4902a7465c27e24c69f22329abf6dc
643d86b0bcea891446199c204be57a7aba347ebc71fa285dc48cb9fc54e6d11e
6d395eaaf48bc216c91f91ffcf65f8f81e73a82020457ef0c851e9f756e2f0be
6f74d6c215c9046e58834b4d6c00ee379f978fe7675943bbea3d23daf7668913
781858f28df32749134a4c843fb1dc6342443d4c621ce29672879d36ce94338d
9773b97f1c7aaf90c1ee143d2c3c6fd157431642ee9b6ccefd146aa598ab04ab
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
c5aef11070b758f3ce9ed66b15f019c6260c33238136390f5cd51b3189db02f1
c73a9e9e20503dd820aba7fbbd2256abd02dfa27078b252530682b65542a1eb0
d767e275053a68961d3e262d9cc53adb87b14d4af7d9eafb3a722c8063207f1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fdaf39a74b060bee76b839023ba1f5332b4789ec23457a8e0ab7366cb89a8d
ed13269cac07d6ba48ba9eff1a0cd75b1e35f4703b977cf6f34121d445e6f163
f3d25b80865542723ebd351bbffa180efb9524b1c349a09183af15648d8e634f
f7f5772dc1e27cce0f5314b53070561c2a530c79e2f67cdd05222f2fac27afb3
fdde1f50424600802d889800204d4b3119d42e7e9ac989c3ddf23a12e8b759b8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e