www.4c6bcb4a7569.xyz Open in urlscan Pro
104.248.103.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://4c6bcb4a7569.xyz/
Effective URL:
https://www.4c6bcb4a7569.xyz/
Submission: On June 30 via manual (June 30th 2021, 8:06:21 pm UTC) from US

Summary HTTP 56 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 27 domains to perform 56 HTTP transactions. The main IP is 104.248.103.229, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.4c6bcb4a7569.xyz.
TLS certificate: Issued by R3 on June 27th 2021. Valid for: 3 months.

This is the only time www.4c6bcb4a7569.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	104.248.103.229 104.248.103.229	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	109.206.162.83 109.206.162.83	50245 (SERVEREL-AS) (SERVEREL-AS)
11	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2606:4700:303... 2606:4700:3030::6815:284e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:210... 2600:9000:2104:d600:19:d208:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	65.9.77.30 65.9.77.30	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.184.112.76 18.184.112.76	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.185.230 3.122.185.230	16509 (AMAZON-02) (AMAZON-02)
5	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	34.96.106.9 34.96.106.9	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
56	25

5 104.248.103.229 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

4c6bcb4a7569.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.4c6bcb4a7569.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net

trtjigpsscmv9epe10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:284e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.blockaway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2104:d600:19:d208:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.77.30 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.112.76 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-112-76.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.185.230 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-185-230.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.106.96.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	141 KB
6	twitter.com platform.twitter.com syndication.twitter.com	149 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	4c6bcb4a7569.xyz 2 redirects 4c6bcb4a7569.xyz www.4c6bcb4a7569.xyz	229 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	userreport.com cdn.userreport.com	75 KB
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	addthis.com s7.addthis.com	190 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	seedtag.com s.seedtag.com	507 B
1	lentainform.com cm.lentainform.com	531 B
1	idealmedia.io cm.idealmedia.io	448 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	312 B
1	addthisedge.com v1.addthisedge.com	774 B
1	moatads.com z.moatads.com	1 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	google.de www.google.de	522 B
1	google.com www.google.com	522 B
1	googleapis.com fonts.googleapis.com	642 B
1	blockaway.net cdn.blockaway.net	1 KB
1	trtjigpsscmv9epe10.com trtjigpsscmv9epe10.com	72 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	cloudflare.com cdnjs.cloudflare.com	355 KB
0	Failed function sub() { [native code] }. Failed
56	27

	Domain	Requested by
6	cm.mgid.com	jsc.mgid.com www.4c6bcb4a7569.xyz
5	x.bidswitch.net	5 redirects
4	s-img.mgid.com	www.4c6bcb4a7569.xyz
4	platform.twitter.com	www.4c6bcb4a7569.xyz platform.twitter.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com www.4c6bcb4a7569.xyz
3	cdn.userreport.com	www.4c6bcb4a7569.xyz cdn.userreport.com
3	www.4c6bcb4a7569.xyz	www.4c6bcb4a7569.xyz
2	match.adsrvr.org	2 redirects
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.mgid.com	www.4c6bcb4a7569.xyz
2	c.mgid.com	jsc.mgid.com
2	syndication.twitter.com	platform.twitter.com www.4c6bcb4a7569.xyz
2	s7.addthis.com	cdn.blockaway.net s7.addthis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	4c6bcb4a7569.xyz	2 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	s.seedtag.com	www.4c6bcb4a7569.xyz
1	cm.lentainform.com	www.4c6bcb4a7569.xyz
1	cm.idealmedia.io	www.4c6bcb4a7569.xyz
1	sonata-notifications.taptapnetworks.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.de	www.4c6bcb4a7569.xyz
1	www.google.com	www.4c6bcb4a7569.xyz
1	fonts.googleapis.com	www.4c6bcb4a7569.xyz
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.blockaway.net	www.4c6bcb4a7569.xyz
1	jsc.mgid.com	www.4c6bcb4a7569.xyz
1	trtjigpsscmv9epe10.com	www.4c6bcb4a7569.xyz
1	www.googletagmanager.com	www.4c6bcb4a7569.xyz
1	cdnjs.cloudflare.com	www.4c6bcb4a7569.xyz
0	docbehmolikiogjomonmfieaidgfcbpc Failed	www.4c6bcb4a7569.xyz
0	haanbmjmhcofgngkioelkdablmmmbhoo Failed	www.4c6bcb4a7569.xyz
0	ckjnnmdnpicjmpmcheonhjhbhamjclhi Failed	www.4c6bcb4a7569.xyz
0	djpehmepgepfpoiaendmglmnjmmfalio Failed	www.4c6bcb4a7569.xyz
0	lmmpgfjnchldhcieiiegcpdmaidkaanb Failed	www.4c6bcb4a7569.xyz
56	41

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
widgets.mgid.com
www.mgid.com
herbeauty.co
chrome.google.com
github.com
twitter.com

Subject Issuer	Validity	Valid
4c6bcb4a7569.xyz R3	`2021-06-27` - `2021-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
trtjigpsscmv9epe10.com R3	`2021-06-06` - `2021-09-04`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.4c6bcb4a7569.xyz/
Frame ID: D41A59BE4A9581EA82706291C18D7F75
Requests: 46 HTTP requests in this frame

Frame: https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=
Frame ID: 5773E0B5603224A1899612D379F9F608
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.4c6bcb4a7569.xyz
Frame ID: 2872461D1572D39E2A4D6C9728C77494
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: D35383361DE8BF136649D04D93BACAB8
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1625083557789548241034
Frame ID: C4920913D7DBB025F4D54B99C5AF93CD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: F811A907504382B0F0B31D8D5D201AD7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://4c6bcb4a7569.xyz/ HTTP 301
https://4c6bcb4a7569.xyz/ HTTP 301
https://www.4c6bcb4a7569.xyz/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

56
Requests

91 %
HTTPS

37 %
IPv6

27
Domains

41
Subdomains

25
IPs

4
Countries

1300 kB
Transfer

4517 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/croxyproxy?fan_landing=true
Title: Get premium access

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.4c6bcb4a7569.xyz&utm_medium=referral&utm_campaign=widgets&utm_content=371007
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/12-best-and-worst-fashion-trends-of-all-time/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/10-of-the-most-expensive-body-parts-that-have-been-insured-by-celebrities/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/beauty/5-things-everyone-should-know-about-teeth-whitening/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/8-gift-ideas-for-your-new-boyfriend/

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/croxyproxy-free-web-proxy/lmmpgfjnchldhcieiiegcpdmaidkaanb
Title: from Chrome web store

Search URL Search Domain Scan URL

URL: https://github.com/croxy-proxy-official/extension
Title: manually

Search URL Search Domain Scan URL

URL: https://twitter.com/croxy_proxy
Title: @croxy_proxy Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://4c6bcb4a7569.xyz/ HTTP 301
https://4c6bcb4a7569.xyz/ HTTP 301
https://www.4c6bcb4a7569.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 46

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=b52a01a2-abec-4de9-94f3-47b6d4333894&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_2bf32e43-8a78-4cd4-b0a7-b1695cd93b40&bsw_param=b52a01a2-abec-4de9-94f3-47b6d4333894&expires=10 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=b52a01a2-abec-4de9-94f3-47b6d4333894&gdpr=&gdpr_consent=&us_privacy=

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDV1VmJxTVZZbzVk&muidn=l5uVbqMVYo5d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDV1VmJxTVZZbzVk&muidn=l5uVbqMVYo5d&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l5uVbqMVYo5d&google_ula={guid},5&google_gid=CAESEO50q_d2RgBhiQp35ERI4os&google_cver=1

Request Chain 50

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=5QdQm6hcxyos6Zl0myIv&pi=mgid&tc=1

Request Chain 51

https://x.bidswitch.net/sync?dsp_id=303&user_id=l5uVbqMVYo5d HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l5uVbqMVYo5d HTTP 302
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=b52a01a2-abec-4de9-94f3-47b6d4333894

Request Chain 52

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=a43b1364-b815-4c15-b7dc-ac12e932ce08&ttl=1627675558

Request Chain 54

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1625083557939&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625083557939&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&c9=

56 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.4c6bcb4a7569.xyz/
Redirect Chain

http://4c6bcb4a7569.xyz/
https://4c6bcb4a7569.xyz/
https://www.4c6bcb4a7569.xyz/

257 KB
50 KB

199ms
123ms

Document
text/html

104.248.103.229
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.4c6bcb4a7569.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.248.103.229 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

b47d33458bb10c412de84bced9fd90decd077083927e524759457a4305b96f1f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: www.4c6bcb4a7569.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 20:05:56 GMT
Server: Apache
access-control-allow-origin: https://www.4c6bcb4a7569.xyz
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 50562
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 30 Jun 2021 20:05:56 GMT
Server: Apache
Location: https://www.4c6bcb4a7569.xyz/
Content-Length: 346
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK __cpa.mainAsync.js Show response
www.4c6bcb4a7569.xyz/assets/ 988 KB
166 KB 192ms
107ms Script
application/javascript 104.248.103.229
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.4c6bcb4a7569.xyz/assets/__cpa.mainAsync.js
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.103.229 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: ca3c880a1b0e3817c2c5e88043b347a66f7cba68d57fdb06b81418c976a9c4f9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.4c6bcb4a7569.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.4c6bcb4a7569.xyz/
Connection: keep-alive
Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 20:05:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 09:08:10 GMT
Server: Apache
ETag: "f6eae-5be44a34e9c09-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
Accept-Ranges: bytes

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 1 MB
355 KB 50ms
34ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.4c6bcb4a7569.xyz
Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4143381
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 362308
cf-request-id: 0b00204cd80000062d5aa49000000001
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-123bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xJZhd%2B7oNaSBXxLLed%2B3smtegLHlid%2FPn39iZHvuJfzNu2p3dB8uuivOQb59snm1ptZHjK32lQWhJWwHrxRpb5MzdQmPGxNNsU3mMXqwEmQ0TA9%2FgvEjc1eJ%2FqfmhmkepTXng1EvsGqSWNL5bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 667a0327bd41062d-FRA
expires: Mon, 20 Jun 2022 20:05:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 40ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c01e76e668942f6f743f71dbfb127a5b8e5d5f4021e91e9072e9393e8c735c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36430
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Jun 2021 20:05:57 GMT

GET
H/1.1 200
OK logo.png
www.4c6bcb4a7569.xyz/images/ 12 KB
13 KB 105ms
34ms Image
image/png 104.248.103.229
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.4c6bcb4a7569.xyz/images/logo.png
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.103.229 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: b09d436fe2c56cf42bb403f4ed2f6dd14ee897d4194c3b609f20ff604c9c3e59

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.4c6bcb4a7569.xyz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.4c6bcb4a7569.xyz/
Connection: keep-alive
Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 20:05:57 GMT
Last-Modified: Wed, 16 Jun 2021 11:44:12 GMT
Server: Apache
ETag: "31a9-5c4e09c0275ff"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 12713

GET
H2 200 code.js Show response
trtjigpsscmv9epe10.com/i/npage/1798816/ 225 KB
72 KB 133ms
44ms Script
application/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trtjigpsscmv9epe10.com/i/npage/1798816/code.js
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 83.162.serverel.net
Software: nginx /
Resource Hash: 9842d3dd5aa8702cd0ad3d0f0b74367ef613efafda9e02a314230591cb6a278a

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 23 Jun 2021 08:34:32 GMT
server: nginx
etag: W/"60d2f218-3863e"
vary: Accept-Encoding
content-type: application/javascript
timing-allow-origin: *

GET
H2 200 croxyproxy.com.371007.js Show response
jsc.mgid.com/c/r/ 281 KB
70 KB 225ms
179ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed202b5d4bb3ae85ee24d74aa8370fec0b6008f3350eb28a2dca9ac3ee5517e

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 8B6RPYCDW7RHFKNS
cf-polished: origSize=288103
last-modified: Thu, 24 Jun 2021 10:07:36 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: lWcTykM+SqwQn2S7aGhFlOvIwysyzrW2F7Kjamva40fd1fbVFpnvu+1PBg3DTaGUOt+mR0yg3+8=
cf-bgj: minify
server: cloudflare
etag: W/"e5153be56119e045743f91c4e53e0ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0b00204d0c0000411a772ad000000001
cf-ray: 667a03281d3d411a-PRG
expires: Wed, 30 Jun 2021 23:05:57 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 29ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 20:05:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6795)
Age: 996
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c527240491ebcd30d2f3f131422d5a5d10a57da26d0f17b93fdd7ba7a3ec9f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20= Show response
cdn.blockaway.net/buttons/ Frame 5773 2 KB
1 KB 64ms
24ms Document
text/html 2606:4700:3030::6815:284e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:284e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069c81d3601088f444901b1efbed69d35a0594d021c55f7bd456df54a117ff31

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: cdn.blockaway.net
:scheme: https
:path: /buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.blockaway.net
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2875
cf-request-id: 0b00204d1b00004db8e9822000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XDP72oK79x7sD6XQUpEjJjxVpc67Qnm8BEWy4EcvbZM4pvbzN3ixuFFd93bq78%2Be6OjhBHD8F76Gf3T%2FDAZpjHe9XkRIh7WzQPk5sKd461R8XMtQ%2FI5rGTW%2FGP74fukjltsEZXvjUdJ9Vi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 667a03282b4c4db8-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 userreport.js Show response
cdn.userreport.com/ 241 KB
72 KB 63ms
16ms Script
application/x-javascript 2600:9000:2104:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/userreport.js
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 137b0a8f445607f85428477029f87e566f50d4508e96e7c731fbada7bea29daf

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KzcNRmWn4AeFnp1YAw4Ch6MRyQQCr1gm
content-encoding: gzip
last-modified: Tue, 25 May 2021 08:59:32 GMT
server: AmazonS3
age: 1741
etag: "dfc6b9287a2b9eb25c74a7ccf3f60fa6"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Wed, 30 Jun 2021 19:36:57 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 73145
x-amz-cf-id: DsjerhtPYAq1NNAn5fadKTP2f-q_sLbJVJCMRTaUpitRY100eRu0sQ==

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 2872 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.4c6bcb4a7569.xyz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.4c6bcb4a7569.xyz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.4c6bcb4a7569.xyz/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 514335
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Jun 2021 20:05:57 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2052
date: Wed, 30 Jun 2021 19:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 30 Jun 2021 21:31:45 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 5773 353 KB
114 KB 114ms
38ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: cdn.blockaway.net
URL: https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 30 Jun 2021 20:05:57 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 settings.js Show response
cdn.userreport.com/w_711722bf-8d17-4423-979e-bc7e656808cf/ 5 KB
2 KB 152ms
152ms Script
text/javascript 2600:9000:2104:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/w_711722bf-8d17-4423-979e-bc7e656808cf/settings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b8117a56d756ce4021f0773d384069aac7187ab701e9226c5f78e355e304e6e

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6kahkgKu_51dAUeHjDQPWKFfqN0mQxrD
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 15:03:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "a5e8271d062b5a95dc648db5e2547e0d"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=0
date: Wed, 30 Jun 2021 20:05:58 GMT
accept-ranges: bytes
content-length: 1676
x-amz-cf-id: MYDpSXKLHPlPachYA8P95C8AhL34ZXxEIkT9NmD3uFOfukX-7PKxQw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1921485642&t=pageview&_s=1&dl=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&ul=en-us&de=UTF-8&dt=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1627282107&gjid=99806511&cid=967575147.1625083557&tid=UA-111548442-4&_gid=27170624.1625083557&_r=1&gtm=2ou6n0&z=1233022715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.4c6bcb4a7569.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2872 256 B
441 B 209ms
139ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4da46d51e2f7f67cebe35925714aaa0d3a3a705c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.4c6bcb4a7569.xyz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 20:05:57 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 61ec6a95cb475e77104675d17c020e33a65e1a7cdde1bdaf03222623acb819bc
content-length: 176

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-111548442-4&cid=967575147.1625083557&jid=1627282107&gjid=99806511&_gid=27170624.1625083557&_u=YEBAAUAAAAAAAC~&z=2035962936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Jun 2021 20:05:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.4c6bcb4a7569.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 19:14:39 GMT
server: ESF
date: Wed, 30 Jun 2021 20:05:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Jun 2021 20:05:57 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
305 B 124ms
122ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1625083557388963321131&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&lu=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&pageView=1&pvid=17a5e87360caec9544f&site=423402&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a0329cfb3411a-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b00204e190000411aae04f000000001

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 39ms
35ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 743
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 0b00204e260000411aef04e000000001
cf-ray: 667a0329dff2411a-PRG
expires: Thu, 01 Jul 2021 20:05:57 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
887 B 36ms
32ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1057
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 0b00204e250000411a78854000000001
cf-ray: 667a0329dff6411a-PRG
expires: Thu, 01 Jul 2021 20:05:57 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 53ms
32ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-111548442-4&cid=967575147.1625083557&jid=1627282107&_u=YEBAAUAAAAAAAC~&z=1289649760

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 52ms
32ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-111548442-4&cid=967575147.1625083557&jid=1627282107&_u=YEBAAUAAAAAAAC~&z=1289649760

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET test.png
lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/ 0
0

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.4c6bcb4a7569.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options: nosniff
age: 24982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 13:09:35 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame 5773 2 KB
1 KB 144ms
49ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=58147
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c7f678b056ca9f1/ Frame 5773 2 KB
774 B 267ms
266ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c7f678b056ca9f1/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d60a64393c2cddc96ee641c63c946323bec501f57852db8397fb9a43bee430f5

Request headers

Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: gzip
etag: 2124313244--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=2, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 599

GET test.png
djpehmepgepfpoiaendmglmnjmmfalio/shared/images/ 0
0

GET
H2 200 1 Show response
servicer.mgid.com/371007/ 3 KB
2 KB 77ms
76ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/371007/1?pv=5&cbuster=1625083557691317109584&niet=4g&nisd=false&w=750&h=235&cols=4&ref=&cxurl=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&lu=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&pageView=1&pvid=17a5e87360caec9544f&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71778417f4858319200d8bec4a342f4ee46c83d5c9c28435b9dbb0e642b4daaa

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032bab61411a-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b00204f480000411ac8328000000001

GET test.png
ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/ 0
0

GET test.png
haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/ 0
0

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 20:05:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/6795)
Age: 514346
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET test.png
docbehmolikiogjomonmfieaidgfcbpc/shared/images/ 0
0

GET
H2 200 SystemSettings.js Show response
cdn.userreport.com/ 894 B
843 B 52ms
52ms Script
text/javascript 2600:9000:2104:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/SystemSettings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6kJ.oVpG3emizYDtxaJznkN1t118DNMr
content-encoding: gzip
last-modified: Thu, 26 Nov 2020 08:23:54 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "fbcd727c30fa10bc139aca4aec81f8e3"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: max-age=0
date: Wed, 30 Jun 2021 20:05:58 GMT
accept-ranges: bytes
content-length: 442
x-amz-cf-id: 6Fjj21zcb8Pd-B81K_2DsbfD3khXfkIEvPEVBkIOWMr9L1qt8qVXXg==

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame D353 36 KB
14 KB 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.4c6bcb4a7569.xyz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.4c6bcb4a7569.xyz/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 514344
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Jun 2021 20:05:57 GMT
Etag: "2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

GET
DATA 200
OK truncated
/ Frame D353 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
694 B 78ms
77ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1625083557785579965998
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1710e53f8a54729d5b51fb3171faabc362242a4c5017df6a6be604bbbfd78724

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 61907ab4-c885-496d-a820-70e5a8bad439
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032c3c97411a-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b00204fa50000411ae6a9d000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame C492 19 B
189 B 78ms
78ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1625083557789548241034
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4d0c687b-1cfc-49e1-ac5c-17f5c0ba2f67
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032c3c9e411a-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b00204fa70000411a9d341000000001
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 147ms
50ms Script
application/javascript 65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:02:07 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 230
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: EVhBUmrWJH9qUag3y20wpv3iHfLHYpOy3iSftg2_gqFaWCdylM15GQ==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMDgvMTAxOTI0L2RlYTMyMDQ1ZDc5MGYxNWE1ZjZiYzIzOGRmOTNiOTU2LmpwZWc_dD0xNTQ0Mjc4Mzg1Mjk1.webp
s-img.mgid.com/g/8164878/492x328/0x10x1080x720/ 6 KB
6 KB 39ms
37ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164878/492x328/0x10x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMDgvMTAxOTI0L2RlYTMyMDQ1ZDc5MGYxNWE1ZjZiYzIzOGRmOTNiOTU2LmpwZWc_dD0xNTQ0Mjc4Mzg1Mjk1.webp?v=1625083557-Jq1GTa9RXXlwfwb9rR5r1AHcYi058ayyxtGbDIS6UIA
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1326e19fb43e31f4ef84f4fdd01f524013be69b277acb2f2814f5fd9cdd4da56

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: da1d9f43-ceac-4ff5-afb2-35e362138acb
age: 4705237
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6064
cf-request-id: 0b00204fad0000411aea339000000001
last-modified: Mon, 08 Feb 2021 10:20:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 667a032c4ca3411a-PRG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzUxYzcxN2IzNDE1NGRlM2EwMDYwNjkxMzk2NjcwZTg2LmpwZWc.webp
s-img.mgid.com/g/8193508/492x328/18x51x600x400/ 22 KB
22 KB 28ms
26ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193508/492x328/18x51x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzUxYzcxN2IzNDE1NGRlM2EwMDYwNjkxMzk2NjcwZTg2LmpwZWc.webp?v=1625083557-mzzsXkA3nnmdIHawBh9yZYDP1ezrAGeBWdtGDlRjaTI
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e6e60dcb7ac102d2f3c7b4e3c4ace0f72a2e68af74f02564ec454d48d0c70e2

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: da8c23ee-504b-4832-a805-2d75d8435d71
age: 4705194
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22036
cf-request-id: 0b00204faa0000411a9a208000000001
last-modified: Wed, 10 Feb 2021 07:15:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 667a032c4ca7411a-PRG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.mgid.com/g/8164849/492x328/0x131x607x404/ 18 KB
18 KB 32ms
31ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164849/492x328/0x131x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1625083557--f-JzY4ntbQ9ID8RKAtM-3bH50xnnj4JIaRWNcWph7k
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d2eac72467e8931e76a59088381521c469cd08de7884eb65442a9a7744256b

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: fb60b605-6942-43a3-bd1c-38af5dfbcf28
age: 4705244
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18512
cf-request-id: 0b00204faa0000411aababe000000001
last-modified: Mon, 08 Feb 2021 10:20:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 667a032c4ca5411a-PRG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzgxODU0ZjY4ZTk5ZjQ2NjYzNWFhNTcwYjUzOGQyYzQ5LkpQRUc.webp
s-img.mgid.com/g/8164877/492x328/0x0x945x630/ 17 KB
18 KB 35ms
33ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164877/492x328/0x0x945x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzgxODU0ZjY4ZTk5ZjQ2NjYzNWFhNTcwYjUzOGQyYzQ5LkpQRUc.webp?v=1625083557-0pByf_HBMLcTc6QdbnHrzsvliy1I_72IBq_0qTDWaX0
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7889f1e30aa457a62ed0d94daec0113809af2d5fd2a2bdf67ee3906b6a52f9ac

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 34723296-8f4a-42e5-81e5-0d5b9f2dc0b9
age: 5927269
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17642
cf-request-id: 0b00204faa0000411aa4b2d000000001
last-modified: Mon, 08 Feb 2021 10:21:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 667a032c4ca4411a-PRG

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
328 B 143ms
143ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1625083557847%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 30 Jun 2021 20:05:57 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 61ec6a95cb475e77104675d17c020e33a65e1a7cdde1bdaf03222623acb819bc
x-transaction: 00118b707c298a09
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F811
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

116ms
42ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1625083557785579965998
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.4c6bcb4a7569.xyz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.4c6bcb4a7569.xyz/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Jun 2021 20:05:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 30 Jun 2021 20:05:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=b52a01a2-abec-4de9-94f3-47b6d4333894&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_2bf32e43-8a78-4cd4-b0a7-b1695cd93b40&bsw_param=b52a01a2-abec-4de9-94f3-47b6d4333894&expires=10
https://cm.mgid.com/m?cdsp=433145&c=b52a01a2-abec-4de9-94f3-47b6d4333894&gdpr=&gdpr_consent=&us_privacy=

43 B
557 B

75ms
74ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=b52a01a2-abec-4de9-94f3-47b6d4333894&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9235d60a-cc04-4f28-9589-0c1ec8e0523f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032ebf4a4114-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b0020513000004114fdbc9000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=b52a01a2-abec-4de9-94f3-47b6d4333894&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 30 Jun 2021 20:05:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
448 B 125ms
77ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l5uVbqMVYo5d
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 667a032d0ed4f9de-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0b002050270000f9de8bb91000000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
531 B 129ms
82ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l5uVbqMVYo5d
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 667a032d0b492778-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b0020502a00002778333d6000000001

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDV1VmJxTVZZbzVk&muidn=l5uVbqMVYo5d
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDV1VmJxTVZZbzVk&muidn=l5uVbqMVYo5d&google_tc=
https://cm.mgid.com/google?muidn=l5uVbqMVYo5d&google_ula={guid},5&google_gid=CAESEO50q_d2RgBhiQp35ERI4os&google_cver=1

0
403 B

91ms
91ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l5uVbqMVYo5d&google_ula={guid},5&google_gid=CAESEO50q_d2RgBhiQp35ERI4os&google_cver=1
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032e2e524114-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b002050d50000411409a62000000001

Redirect headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l5uVbqMVYo5d&google_ula={guid},5&google_gid=CAESEO50q_d2RgBhiQp35ERI4os&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=5QdQm6hcxyos6Zl0myIv&pi=mgid&tc=1

43 B
575 B

125ms
101ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=5QdQm6hcxyos6Zl0myIv&pi=mgid&tc=1
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 18c0e08f-a73a-427e-ae03-1ab13b976a38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032e0e244114-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b002050c400004114fe044000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=5QdQm6hcxyos6Zl0myIv&pi=mgid&tc=1
pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT, Wed, 30 Jun 2021 20:05:58 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

Bidswitch
s.seedtag.com/cs/cookiesync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l5uVbqMVYo5d
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l5uVbqMVYo5d
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=b52a01a2-abec-4de9-94f3-47b6d4333894

0
507 B

124ms
53ms

Image
text/plain

34.96.106.9
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=b52a01a2-abec-4de9-94f3-47b6d4333894
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.106.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:58 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: clear
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: //s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=b52a01a2-abec-4de9-94f3-47b6d4333894
date: Wed, 30 Jun 2021 20:05:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=a43b1364-b815-4c15-b7dc-ac12e932ce08&ttl=1627675558

43 B
541 B

97ms
97ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=a43b1364-b815-4c15-b7dc-ac12e932ce08&ttl=1627675558
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9a33e962-7e46-41d1-b4d1-068def2c1ed9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a032e7ee64114-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b0020510900004114cebea000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=a43b1364-b815-4c15-b7dc-ac12e932ce08&ttl=1627675558
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame 5773 263 KB
76 KB 39ms
37ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 30 Jun 2021 20:05:57 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1625083557939&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625083557939&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fww...

64 B
329 B

63ms
63ms

Image
image/gif

65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625083557939&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&c9=
Requested by: Host: www.4c6bcb4a7569.xyz
URL: https://www.4c6bcb4a7569.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:05:58 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: BF-8janGSQdERJDgZ6tzQiGss3n6-TSwyxpAV9cMOhajLb5BBrVtzQ==

Redirect headers

date: Wed, 30 Jun 2021 20:05:57 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1625083557939&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.4c6bcb4a7569.xyz%2F&c9=
content-length: 244
x-amz-cf-id: rS8fUuOyG0u2Afw4FfZDl6qvOgDg0tdsZkKAHnOvVz-uPGNVUgXGSw==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F811 31 KB
9 KB 59ms
58ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 20:05:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34522
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Thu, 01 Jul 2021 05:41:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F811 284 B
536 B 260ms
42ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H3-29 200 c
c.mgid.com/ 43 B
469 B 127ms
127ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=180|202|8|ITL98ADMXwwwC7xXvwmMbJhTI9PVR7ROxGTYJ_SGqgHx0YKdbjDDmahkzBkdnK0r&fw=1&extjs=66044&v=180|202|8|ITL98ADMXwwwC7xXvwmMbDIdRfsank2YI8Lh79Nzy85BaAe2o4ax0dKiMAwmWcRH&v=180|202|8|ITL98ADMXwwwC7xXvwmMbI_yKlS7Se5qP8nowNdlwOeQMpCrwG1mHGkaVV0O_6uU&v=180|202|8|ITL98ADMXwwwC7xXvwmMbAqbdI1vFzk6nuK8YD4uKjtfQv9C7sOQe811ysM2q5fj&cid=371007&h2=KSIymweimWT0rmAQHc9gDcylk-iYrecz0wTXwn1IeUI*&rid=9564a151-d9de-11eb-b9ea-d094662f8ab5&tt=Direct&iv=11&pageImp=1&pvid=17a5e87360caec9544f&cbuster=1625083558944672732438&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.4c6bcb4a7569.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 20:05:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 32eb8ffa-34a8-4590-807c-8376cc9342d4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 667a03337f7e4114-PRG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b0020542f0000411428868000000001
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lmmpgfjnchldhcieiiegcpdmaidkaanb
URL: chrome-extension://lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/test.png

Domain: djpehmepgepfpoiaendmglmnjmmfalio
URL: chrome-extension://djpehmepgepfpoiaendmglmnjmmfalio/shared/images/test.png

Domain: ckjnnmdnpicjmpmcheonhjhbhamjclhi
URL: chrome-extension://ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/test.png

Domain: haanbmjmhcofgngkioelkdablmmmbhoo
URL: chrome-extension://haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/test.png

Domain: docbehmolikiogjomonmfieaidgfcbpc
URL: chrome-extension://docbehmolikiogjomonmfieaidgfcbpc/shared/images/test.png

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.4c6bcb4a7569.xyz/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C371007%22%3A%7B%22page%22%3A1%2C%22time%22%3A1625083557775%7D%7D
www.4c6bcb4a7569.xyz/	1970-01-20 04:10:19	Name: _usrp_711722bf-8d17-4423-979e-bc7e656808cf_0 Value: eyJMYXN0VmlzaXRUaW1lIjoxNjI1MDgzNTU3LCJTZXNzaW9uTnVtYmVyIjoxLCJJc1Nlc3Npb25WaXNpdExvZ2dlZCI6ZmFsc2UsIlRyaWVkVG9JbnZpdGUiOmZhbHNlLCJTZXNzaW9uUGFnZVZpZXciOjEsIlRvdGFsUGFnZVZpZXciOjF9
.4c6bcb4a7569.xyz/	1970-01-19 19:24:43	Name: _gat_gtag_UA_111548442_4 Value: 1
.4c6bcb4a7569.xyz/	1970-01-19 19:26:09	Name: _gid Value: GA1.2.27170624.1625083557
.4c6bcb4a7569.xyz/	1970-01-20 12:55:55	Name: _ga Value: GA1.2.967575147.1625083557

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 3) Message: ^^^ Browser extension is not installed ^^^
console-api	debug	URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c6bcb4a7569.xyz
c.mgid.com
cdn.blockaway.net
cdn.mgid.com
cdn.userreport.com
cdnjs.cloudflare.com
ckjnnmdnpicjmpmcheonhjhbhamjclhi
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
djpehmepgepfpoiaendmglmnjmmfalio
docbehmolikiogjomonmfieaidgfcbpc
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
haanbmjmhcofgngkioelkdablmmmbhoo
jsc.mgid.com
lmmpgfjnchldhcieiiegcpdmaidkaanb
match.adsrvr.org
platform.twitter.com
s-img.mgid.com
s.seedtag.com
s7.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
sonata-notifications.taptapnetworks.com
stats.g.doubleclick.net
syndication.twitter.com
token.rubiconproject.com
trtjigpsscmv9epe10.com
v1.addthisedge.com
www.4c6bcb4a7569.xyz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
z.moatads.com
ckjnnmdnpicjmpmcheonhjhbhamjclhi
djpehmepgepfpoiaendmglmnjmmfalio
docbehmolikiogjomonmfieaidgfcbpc
haanbmjmhcofgngkioelkdablmmmbhoo
lmmpgfjnchldhcieiiegcpdmaidkaanb
104.109.78.125
104.16.199.73
104.19.133.78
104.19.136.78
104.19.216.61
104.244.42.72
104.248.103.229
109.206.162.83
13.248.242.197
142.250.74.194
18.184.112.76
184.30.24.121
185.184.8.65
2.18.235.40
2.19.35.65
2600:9000:2104:d600:19:d208:7940:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3030::6815:284e
2606:4700::6810:125e
2a00:1450:4001:800::2004
2a00:1450:4001:802::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
2a00:1450:4001:828::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9d
3.122.185.230
34.96.106.9
65.9.77.30
69.173.144.165
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
069c81d3601088f444901b1efbed69d35a0594d021c55f7bd456df54a117ff31
1326e19fb43e31f4ef84f4fdd01f524013be69b277acb2f2814f5fd9cdd4da56
137b0a8f445607f85428477029f87e566f50d4508e96e7c731fbada7bea29daf
16d2eac72467e8931e76a59088381521c469cd08de7884eb65442a9a7744256b
1710e53f8a54729d5b51fb3171faabc362242a4c5017df6a6be604bbbfd78724
1e6e60dcb7ac102d2f3c7b4e3c4ace0f72a2e68af74f02564ec454d48d0c70e2
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c01e76e668942f6f743f71dbfb127a5b8e5d5f4021e91e9072e9393e8c735c3
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6b8117a56d756ce4021f0773d384069aac7187ab701e9226c5f78e355e304e6e
71778417f4858319200d8bec4a342f4ee46c83d5c9c28435b9dbb0e642b4daaa
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7889f1e30aa457a62ed0d94daec0113809af2d5fd2a2bdf67ee3906b6a52f9ac
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ed202b5d4bb3ae85ee24d74aa8370fec0b6008f3350eb28a2dca9ac3ee5517e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c527240491ebcd30d2f3f131422d5a5d10a57da26d0f17b93fdd7ba7a3ec9f0
9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af
9842d3dd5aa8702cd0ad3d0f0b74367ef613efafda9e02a314230591cb6a278a
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795
b09d436fe2c56cf42bb403f4ed2f6dd14ee897d4194c3b609f20ff604c9c3e59
b47d33458bb10c412de84bced9fd90decd077083927e524759457a4305b96f1f
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ca3c880a1b0e3817c2c5e88043b347a66f7cba68d57fdb06b81418c976a9c4f9
d60a64393c2cddc96ee641c63c946323bec501f57852db8397fb9a43bee430f5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.4c6bcb4a7569.xyz Open in urlscan Pro 104.248.103.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

91 %HTTPS

37 %IPv6

27 Domains

41 Subdomains

25 IPs

4 Countries

1300 kBTransfer

4517 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.4c6bcb4a7569.xyz Open in urlscan Pro
104.248.103.229 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

91 %
HTTPS

37 %
IPv6

27
Domains

41
Subdomains

25
IPs

4
Countries

1300 kB
Transfer

4517 kB
Size

5
Cookies

56 HTTP transactions
3 data transactions