Submitted URL: http://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=...
Effective URL: https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT}
Submission: On August 22 via api from US — Scanned from IT

Summary

This website contacted 5 IPs in 5 countries across 4 domains to perform 19 HTTP transactions. The main IP is 3.72.25.190, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is clk.tradedoubler.com. The Cisco Umbrella rank of the primary domain is 125043.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 7th 2024. Valid for: a year.
This is the only time clk.tradedoubler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 104.21.32.119 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
2 3.72.25.190 16509 (AMAZON-02)
1 52.85.65.53 16509 (AMAZON-02)
19 5
Apex Domain
Subdomains
Transfer
15 foohoatoow.com
foohoatoow.com — Cisco Umbrella Rank: 515053
84 KB
3 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 125043
vht.tradedoubler.com — Cisco Umbrella Rank: 165065
14 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 5822
492 B
0 ho-mobile.it Failed
www.ho-mobile.it Failed
19 4
Domain Requested by
15 foohoatoow.com 1 redirects foohoatoow.com
2 clk.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 my.rtmark.net foohoatoow.com
0 www.ho-mobile.it Failed
19 5

This site contains no links.

Subject Issuer Validity Valid
foohoatoow.com
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
rtmark.net
R11
2024-07-05 -
2024-10-03
3 months crt.sh
*.tradedoubler.com
Amazon RSA 2048 M02
2024-08-07 -
2025-09-06
a year crt.sh

This page contains 1 frames:

Frame: https://www.ho-mobile.it/?ecmp=002_AFF_TXT_CONV_TDB_699GB150_2024_RES
Frame ID: 6E39EF4058765754E61FBF331A5E1C27
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=8469... HTTP 307
    https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=8469... Page URL
  2. https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&c... Page URL
  3. https://foohoatoow.com/rhd?z=7084943&syncedCookie=true&rhd=true HTTP 302
    https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommissio... Page URL

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

98 kB
Transfer

255 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943 HTTP 307
    https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943 Page URL
  2. https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943 Page URL
  3. https://foohoatoow.com/rhd?z=7084943&syncedCookie=true&rhd=true HTTP 302
    https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943 HTTP 307
  • https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Request Chain 16
  • https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT} HTTP 302
  • https://track.adform.net/C/?bn=73423408 HTTP 302
  • https://track.adform.net/C/?CC=1&bn=73423408 HTTP 302
  • https://www.ho-mobile.it/?ecmp=002_AFF_TXT_CONV_TDB_699GB150_2024_RES

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
back
foohoatoow.com/
Redirect Chain
  • http://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=afric...
  • https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=afri...
5 KB
3 KB
Document
General
Full URL
https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df412df242a6c0f59d24fa1557002069c5abbe992f085db7e1fcedb1a56948f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b72ac627fa7703a-MXP
content-encoding
zstd
content-type
text/html
date
Thu, 22 Aug 2024 11:55:21 GMT
last-modified
Thu, 22 Aug 2024 11:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcF99KL5DYIPDvXNVUQiFJx8p2ZBoB65Wya9MFGBRPRpjhUtNGtxREVxs9QL8sgc1siclAgGdRIXEt3sZS5KsEcdnmc0pVxDpZggorMt3OQA5baOShAuziAg7O%2FvPfhk1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Location
https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Non-Authoritative-Reason
HttpsUpgrades
0bc0cde260d08b97.css
foohoatoow.com/_next/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://foohoatoow.com/_next/static/css/0bc0cde260d08b97.css
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1450
cf-polished
origSize=1843
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:07:47 GMT
server
cloudflare
etag
W/"66c71c03-733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOeBLnMNj492KP8iTB0vHcd7Or3mfIQYnL67tNDptaz%2BiUIzKLIeP0YTyezkrnM6w%2BuBupS%2FZJ5JGgYWrPC4RChWtulcHlEDXfxqLItaL3SP%2Bo3Grg7C9RLZo2HNqT3caQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
8b72ac6378ca703a-MXP
webpack-d833938f1b702eec.js
foohoatoow.com/_next/static/chunks/
7 KB
4 KB
Script
General
Full URL
https://foohoatoow.com/_next/static/chunks/webpack-d833938f1b702eec.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a089eb4a17b30aad6fadda4fe0d2a5dfde2f2cf11de12364192a441ff1de1c62
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2680
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:07:47 GMT
server
cloudflare
etag
W/"66c71c03-1b77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HcH5qVZSWOxdcgvEHdudZXZSwwB5UNM9u8yGfc5ydAokvlVGPM5Z6FYDqlgPUfbAVFIipP1pUEUpCzjZWK4G05hhunz9%2BfyFBvGvXi%2BqZ49DkG3JO8%2B6eYKkM%2FG720a%2F6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac6378d2703a-MXP
framework-518a3b5806b886b4.js
foohoatoow.com/_next/static/chunks/
26 KB
10 KB
Script
General
Full URL
https://foohoatoow.com/_next/static/chunks/framework-518a3b5806b886b4.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465f1ae269ce391b18d04b3992f4090873330e4b08f487e71b01a83befca6864
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Thu, 22 Aug 2024 11:30:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
zstd
etag
W/"66c7216b-6802"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HV14Ejk55%2BDYWgaMi2%2FN6AGcW1TfA2K4uaR1LeKga3npo6Pzr9u86FZLeigZObnaa4r8JV%2FnNt%2B2gPhu2Pz7UmbpHzQs%2FMltjmkCIUlb0O4xQARzTN6NHaXZFVbQQygzAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac63f963703a-MXP
alt-svc
h3=":443"; ma=86400
main-6f11fc3ca57d8ed0.js
foohoatoow.com/_next/static/chunks/
107 KB
33 KB
Script
General
Full URL
https://foohoatoow.com/_next/static/chunks/main-6f11fc3ca57d8ed0.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Thu, 22 Aug 2024 11:30:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
zstd
etag
W/"66c7216b-1ab56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NN2cbSi4IKydbzZEUb8cWToicyuySc6%2FWGp7MYtjj70lyX%2FoOqMd0NtFI%2FwP%2BkwWJUpNqzsvgJQ1ZrrDvZcoya%2FAWbjldgurxWrsajvLw2LjP4NkWHO48e1fbPz3Ujl%2Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac63f971703a-MXP
alt-svc
h3=":443"; ma=86400
_app-2b81938bcd286258.js
foohoatoow.com/_next/static/chunks/pages/
48 KB
15 KB
Script
General
Full URL
https://foohoatoow.com/_next/static/chunks/pages/_app-2b81938bcd286258.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
336169f4be73b8724ad6d77ef3724d98af3f636b4480e09aa63a061573ff2314
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2680
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:07:47 GMT
server
cloudflare
etag
W/"66c71c03-c181"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMrNkAFAVaxW65OSqL7niuq2HZ1%2B8a7RrdFfodE6E7nHlxTDliatRa58qncTrQDDfP3J14DnJ4%2FIRWkVz69e7yztn%2Fn3n%2FcpzAABxd0cpZ%2BW5r4rXg60qZ25TsjJKB%2BR3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac63f972703a-MXP
back-9b4f19f35fd8594c.js
foohoatoow.com/_next/static/chunks/pages/
1001 B
920 B
Script
General
Full URL
https://foohoatoow.com/_next/static/chunks/pages/back-9b4f19f35fd8594c.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69b96f5998815dba07229714eb32139aa2ca3ef954b4c10f7f3ddbb17ccb1a8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5797
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 10:04:37 GMT
server
cloudflare
etag
W/"66c70d35-3e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49pv6F%2BDbyedZZ9Me8Y3EuQaQyBd%2Bk3SLQcZbSjxRKMioP1Gl6ONTC4aIhLGHPBK8lcO4jONw6HzUcwMfZelZ16vK2JhWEQDWo%2BiSufCFT5zpS5WRxi1DOzbDrrTsJf6gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac63f973703a-MXP
_buildManifest.js
foohoatoow.com/_next/static/hFhsrdlZ_wuR5dhGE40Ov/
1 KB
913 B
Script
General
Full URL
https://foohoatoow.com/_next/static/hFhsrdlZ_wuR5dhGE40Ov/_buildManifest.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034ce046d1e74a3f3b06077fd6080408210796756ab2493257d095ac31a9eca8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1110
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:30:51 GMT
server
cloudflare
etag
W/"66c7216b-524"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPPRWs6fDvi3Wy5IT%2FRVvlj%2FHIx5n8xfU5ZgWNagsY%2FDNeVVSbpJGgKoymRKaUrLXY1cbqffQyyJlMlKcFgid8PG24HTwgu7u5mr1D%2FcO7WlLN%2Fyt6LXc9N2TZkCiR6iNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac63f974703a-MXP
_ssgManifest.js
foohoatoow.com/_next/static/hFhsrdlZ_wuR5dhGE40Ov/
134 B
397 B
Script
General
Full URL
https://foohoatoow.com/_next/static/hFhsrdlZ_wuR5dhGE40Ov/_ssgManifest.js
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/back?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c6c8a145065314f0fcf7e1a9624f4f73f49136ffdb9441199ec7166c6bfe33
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1110
content-encoding
zstd
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:30:51 GMT
server
cloudflare
etag
W/"66c7216b-86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNlx5YzhDOnjYzpOfdqwaK4uEt%2BVanQzJG9NMT1QYmKfAJWCzurkyBsLCKnWvJwKDpM%2FC4%2FR3AVjSSynFwYWbhuefVnZVvm3C%2BT7krCvrrd72GDuPaJOog5SBxcExMW2vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8b72ac63f975703a-MXP
7084943
foohoatoow.com/wen25tvh/
30 KB
13 KB
Document
General
Full URL
https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/_next/static/chunks/pages/_app-2b81938bcd286258.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24844e1799a9cc258b583bf2a0f69d6100d9b827ddb9015db616c3b0f8390a28
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8b72ac654aed703a-MXP
content-encoding
br
content-type
text/html; charset=utf8
date
Thu, 22 Aug 2024 11:55:21 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIZ%2BXOsVa4p6%2BkMmU7bj%2F3nkVrWNA6AnEfMEPKMtxBgDVkBYxeckW8%2FO%2FPte382GxFufB4cJb6ncj3g0L46HFXZWTfmILlpDoR0oQjL%2BlK5Ljq5Pw2ntJptILxbzkxQtBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
b97d97cbaaf74bb94443d3d5819b892e
img.gif
my.rtmark.net/
43 B
492 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=3i6fy49vbbl4jaea6aowqn9n10mrlyr&z=7084943&p_rid=ea6cbf58-e3d9-4ebb-ab67-c230b41c3b7d&p_src=sf
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://foohoatoow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
sftouch
foohoatoow.com/
2 B
341 B
Image
General
Full URL
https://foohoatoow.com/sftouch?userId=3i6fy49vbbl4jaea6aowqn9n10mrlyr&z=7084943&p_rid=ea6cbf58-e3d9-4ebb-ab67-c230b41c3b7d&p_src=sf&branchId=0&rb=5VqvsqSI8KRjCE3JuiguFgV1kgBVo1XD9YWcYlQYcZULtHR-HV-1ELFOZJXgqNRM0b4lCrWnpUUanxV7xcfLDtu4T7Nun_ToeGxB1WTc48f6diLu-SZNDLPL2euhwvHQoft08zyJlwbAJSbowKw8dMRm85ncTZ56sECHXaE-HFz-jTYlAv8yT2FJDhFSaQCwsapZh_gqejjfGat-aLLmuTt8ptwUkqb7PhaujUHCGoftXBfruvRjnxrK2MRhK6b8LVePr5SLQm7fleD0nuwrhK0IPzMNMjLy6EG-R7UkijhM7Jp9AuK2Uxg_qGPt3JRU0P8dxHyg6ys=
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-trace-id
93f0d9461ca7a2d90919fd4e4f465b1e
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pBjSLUzgfLOu60b0HUERjWnXRl1Y6H%2ByWqLHoriB3bONftcEQBtEpS5c0Ge30%2Flt2MC40DWBH%2Bv85Zf%2BWp3PS4QSjRlcNEtAXpV51lE086F8vUf4J0W%2B9qAEVT2tuR2pg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray
8b72ac667c5a703a-MXP
expires
Tue, 11 Jan 1994 10:00:00 GMT
add
foohoatoow.com/log/
12 B
444 B
XHR
General
Full URL
https://foohoatoow.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea6cbf58-e3d9-4ebb-ab67-c230b41c3b7d
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Aug 2024 11:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://foohoatoow.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHLdfAo9pjtAj2aNhtxsFu04yeVZ1NfbiBUtD2w%2BCPcueCdbn4XlGCK4WNL4h3Rd%2FDK%2B9pUl4yj59A4KKuKemxmMMQwHt4zZwSeoGsUgPf5fQz7EVOZQCA5qBt6IdPfs5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8b72ac688f85703a-MXP
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
alt-svc
h3=":443"; ma=86400
add
foohoatoow.com/async_log/
0
376 B
XHR
General
Full URL
https://foohoatoow.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ea6cbf58-e3d9-4ebb-ab67-c230b41c3b7d
Requested by
Host: foohoatoow.com
URL: https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://foohoatoow.com/wen25tvh/7084943?var=7812905&ymid=fswjejlxom&b=21462804&campaignid=8380131&click_id=846985721171419136&ab2r=&rhd=1&var_3=8380131&oaid=3i6fy49vbbl4jaea6aowqn9n10mrlyr&os_version=&btz=africa/accra&bto=0&z=7084943
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Aug 2024 11:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2Xg3%2B%2FOoHCfrQ%2FX7G9ZJY%2FIPjpnmvmjmnkvaBDIVa%2FHy1YlrOxF0cg1FtjTH1VwpEZ%2BRC5queYjC6zDE9aBZmEmhy0iNp5p6p8L7lFmeDDYnu5cIjvxTewYcqWL09cz8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://foohoatoow.com
access-control-allow-credentials
true
cf-ray
8b72ac688f8b703a-MXP
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
0
alt-svc
h3=":443"; ma=86400
Primary Request click
clk.tradedoubler.com/
Redirect Chain
  • https://foohoatoow.com/rhd?z=7084943&syncedCookie=true&rhd=true
  • https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT}
4 KB
5 KB
Document
General
Full URL
https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.25.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-25-190.eu-central-1.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
1d2d61f2f45bc75bf89552698c1c246fe3bb3a760598dbdc776571b44081c493

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://foohoatoow.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Form-Factor, Sec-CH-UA-Model, Sec-CH-UA-WoW64
access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
4464
content-type
text/html; charset=ISO-8859-1
date
Thu, 22 Aug 2024 11:55:24 GMT
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
vary
Origin

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://foohoatoow.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8b72ac6aba90703a-MXP
content-length
0
date
Thu, 22 Aug 2024 11:55:22 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://clk.tradedoubler.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2F8XVFD9SjEH01SRddy2XixJG4lvGqag41ZVPnS9xzhvwo5qKpChqM%2Bf3nA1PArK5QFWa8zYKplbwEI1jcnyfpxoIzS7QRY8nxZE6b5zerd2e0fGF0azUGrpQc5LoUWx%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
3a9dc6ca2e121775fee05b5c50bb048e
favicon.ico
foohoatoow.com/
0
290 B
Other
General
Full URL
https://foohoatoow.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://foohoatoow.com/afu.php?zoneid=7084943&var=7812905&rid=b8wSCkL2N69HktHjGYpK-g%3D%3D&rhd=true&ab2r=0&sf=1&ymid=fswjejlxom&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5052
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tr85U09S%2BQw7TS10CV%2FI9giSOKfx%2FAPExJ0K9OEQuKMWfgHQGWE6Z%2Bi7inLPGQtFcCSL5C3pfOHUx4k%2F3EXeKtWbuX5Pwud5uvX%2BqaPqMaYI9bLZZTWbpYHFS7%2B8JZQqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1800
cf-ray
8b72ac6b9b58703a-MXP
alt-svc
h3=":443"; ma=86400
fpjs.js
vht.tradedoubler.com/fp/
23 KB
9 KB
Script
General
Full URL
https://vht.tradedoubler.com/fp/fpjs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-53.muc50.r.cloudfront.net
Software
Apache /
Resource Hash
5b036ab5052dc73813aa4a472e3046a0fe217f5787d0c322d755a42201050d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Via
1.1 025655d33ea4a9c8f0ee3e05af37046e.cloudfront.net (CloudFront)
Date
Sun, 18 Aug 2024 02:08:50 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
MUC50-P6
Age
380801
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8745
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 12 Mar 2024 11:04:52 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
mMehgmU4wvcc5Eh2wetithg60AhRP7vnOLJfgAvdueRjpuX0hCWXFQ==
/
www.ho-mobile.it/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=295759&a=3179246&epi=CPA2&epi2=850454711328051552&publisherCommission=${PAYOUT}
  • https://track.adform.net/C/?bn=73423408
  • https://track.adform.net/C/?CC=1&bn=73423408
  • https://www.ho-mobile.it/?ecmp=002_AFF_TXT_CONV_TDB_699GB150_2024_RES
0
0

favicon.ico
clk.tradedoubler.com/
193 B
274 B
Other
General
Full URL
https://clk.tradedoubler.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.25.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-25-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 11:55:25 GMT
content-length
193
content-type
text/html; charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.ho-mobile.it
URL
https://www.ho-mobile.it/?ecmp=002_AFF_TXT_CONV_TDB_699GB150_2024_RES

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getTDCustomVales function| isAppleMobileDevice function| removeCanvas

9 Cookies

Domain/Path Name / Value
foohoatoow.com/ Name: OAID
Value: 3i6fy49vbbl4jaea6aowqn9n10mrlyr
foohoatoow.com/ Name: oaidts
Value: 1724327721
foohoatoow.com/ Name: syncedCookie
Value: true
my.rtmark.net/ Name: ID
Value: 3i6fy49vbbl4jaea6aowqn9n10mrlyr
.tradedoubler.com/ Name: GUID
Value: 1z11zz18gzckIkz72d7ecc8de18311539800f245027123c
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z18gz2KiTijz1M9Jyb0nwhkiyF.%7aK9K81BLlpQaQF4WgTevfC%79iETYU5UXPwlOG6Uu%79JDIvdfhAsTQRsMd4iVhrfBqILpUELaJs06ITJkesZWSBA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1027962348685353141
.adform.net/ Name: CT1031788
Value: 1387074

1 Console Messages

Source Level URL
Text
network error URL: https://clk.tradedoubler.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff