freevideoguard.com Open in urlscan Pro
2606:4700:e0::ac40:611f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://authsmtp.mx.maseru.com/
Effective URL:
https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3...
Submission: On February 19 via automatic, source certstream-suspicious (February 19th 2021, 8:21:31 pm UTC)

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 34 HTTP transactions. The main IP is 2606:4700:e0::ac40:611f, located in United States and belongs to CLOUDFLARENET, US. The main domain is freevideoguard.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2020. Valid for: a year.

This is the only time freevideoguard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	91.195.241.137 91.195.241.137	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	173.239.53.32 173.239.53.32	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2	54.84.27.165 54.84.27.165	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:e0:... 2606:4700:e0::ac40:611f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	154.47.36.82 154.47.36.82	174 (COGENT-174) (COGENT-174)
34	10

4 91.195.241.137 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

authsmtp.mx.maseru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (United States) 1 redirects

ASN36057 (WEBAIR-INTERNET-MTL, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.27.165 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-27-165.compute-1.amazonaws.com

gaut-hil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.174.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

bional-dested.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:e0::ac40:611f (United States)

ASN13335 (CLOUDFLARENET, US)

freevideoguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.47.36.82 (United States)

ASN174 (COGENT-174, US)

ymetrica1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	freevideoguard.com freevideoguard.com	139 KB
4	yandex.ru 1 redirects mc.yandex.ru	68 KB
4	maseru.com 2 redirects authsmtp.mx.maseru.com	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gaut-hil.com gaut-hil.com	4 KB
1	ymetrica1.com ymetrica1.com	373 B
1	googletagmanager.com www.googletagmanager.com	31 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	bional-dested.icu 1 redirects bional-dested.icu	2 KB
1	sedodna.com 1 redirects xml.sedodna.com	332 B
1	sedoparking.com img.sedoparking.com	4 KB
34	12

	Domain	Requested by
18	freevideoguard.com	gaut-hil.com freevideoguard.com
4	mc.yandex.ru	1 redirects authsmtp.mx.maseru.com
4	authsmtp.mx.maseru.com	2 redirects authsmtp.mx.maseru.com
3	fonts.googleapis.com	freevideoguard.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	gaut-hil.com	authsmtp.mx.maseru.com gaut-hil.com
1	ymetrica1.com	mc.yandex.ru
1	www.googletagmanager.com	freevideoguard.com
1	fonts.gstatic.com	fonts.googleapis.com
1	bional-dested.icu	1 redirects
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com	authsmtp.mx.maseru.com
34	12

This site contains no links.

Subject Issuer	Validity	Valid
authsmtp.mx.maseru.com Encryption Everywhere DV TLS CA - G1	`2021-02-19` - `2022-02-19`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
gaut-hil.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-19` - `2021-10-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
ymetrica.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
Frame ID: FB0CA9064360A8E2D873A54B3AA0E449
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://authsmtp.mx.maseru.com/ Page URL
https://authsmtp.mx.maseru.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92... HTTP 302
https://authsmtp.mx.maseru.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92... HTTP 302
https://xml.sedodna.com/click?i=YFlm9CQs92k_0 HTTP 302
https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0... Page URL
http://gaut-hil.com/zcredirect?visitid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&type=js&browserWidth... Page URL
https://bional-dested.icu/zp-redirect?target=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns... HTTP 302
https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

34
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

12
Subdomains

10
IPs

3
Countries

279 kB
Transfer

681 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://authsmtp.mx.maseru.com/ Page URL
https://authsmtp.mx.maseru.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92k_0&v=OWQxZDNlNWMwZDgxYjg0NzE2MmRjMWY3ZTY2MWY3N2YJMQlhdXRoc210cC5teC5tYXNlcnUuY29tNjAzMDFkYmJkOWY2ODkuNDY1NjE5NjUJYXV0aHNtdHAubXgubWFzZXJ1LmNvbTYwMzAxZGJiZDlmY2Q2LjI5MDYwMTYzCTE2MTM3NjYwNzYJYWRfNjNfMA==&l=OAk1YmM3ZmZhYTdjOWZmOTQ2YzBmYjEyZGVhZDFmYWY1MgkwCTM5CTAJNGQ0ZGUyNTJmYTY1YzAwZGEzMDJkNmM4YTRlMGEyMjkJOTA1MjE0MjYJbWFzZXJ1CTAJNjMJMjUJMzAJMTYxMzc2NjA3NgkwLjAwMjM4MwlOCTAJMQkwCTEyMzUJMzY5NjM2NTQJMzcuMTIwLjIxNy4yMjAJMQ%3D%3D HTTP 302
https://authsmtp.mx.maseru.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92k_0&v=OWQxZDNlNWMwZDgxYjg0NzE2MmRjMWY3ZTY2MWY3N2YJMQlhdXRoc210cC5teC5tYXNlcnUuY29tNjAzMDFkYmJkOWY2ODkuNDY1NjE5NjUJYXV0aHNtdHAubXgubWFzZXJ1LmNvbTYwMzAxZGJiZDlmY2Q2LjI5MDYwMTYzCTE2MTM3NjYwNzYJYWRfNjNfMA==&l=OAk1YmM3ZmZhYTdjOWZmOTQ2YzBmYjEyZGVhZDFmYWY1MgkwCTM5CTAJNGQ0ZGUyNTJmYTY1YzAwZGEzMDJkNmM4YTRlMGEyMjkJOTA1MjE0MjYJbWFzZXJ1CTAJNjMJMjUJMzAJMTYxMzc2NjA3NgkwLjAwMjM4MwlOCTAJMQkwCTEyMzUJMzY5NjM2NTQJMzcuMTIwLjIxNy4yMjAJMQ%3D%3D HTTP 302
https://xml.sedodna.com/click?i=YFlm9CQs92k_0 HTTP 302
https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed Page URL
http://gaut-hil.com/zcredirect?visitid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://bional-dested.icu/zp-redirect?target=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k%26lptoken%3D16b91327765b781a789c&caid=5f557194-5b81-42c9-95ab-19896266ef3c&zpid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&cid=&rt=R HTTP 302
https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://authsmtp.mx.maseru.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92k_0&v=OWQxZDNlNWMwZDgxYjg0NzE2MmRjMWY3ZTY2MWY3N2YJMQlhdXRoc210cC5teC5tYXNlcnUuY29tNjAzMDFkYmJkOWY2ODkuNDY1NjE5NjUJYXV0aHNtdHAubXgubWFzZXJ1LmNvbTYwMzAxZGJiZDlmY2Q2LjI5MDYwMTYzCTE2MTM3NjYwNzYJYWRfNjNfMA==&l=OAk1YmM3ZmZhYTdjOWZmOTQ2YzBmYjEyZGVhZDFmYWY1MgkwCTM5CTAJNGQ0ZGUyNTJmYTY1YzAwZGEzMDJkNmM4YTRlMGEyMjkJOTA1MjE0MjYJbWFzZXJ1CTAJNjMJMjUJMzAJMTYxMzc2NjA3NgkwLjAwMjM4MwlOCTAJMQkwCTEyMzUJMzY5NjM2NTQJMzcuMTIwLjIxNy4yMjAJMQ%3D%3D HTTP 302
https://authsmtp.mx.maseru.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92k_0&v=OWQxZDNlNWMwZDgxYjg0NzE2MmRjMWY3ZTY2MWY3N2YJMQlhdXRoc210cC5teC5tYXNlcnUuY29tNjAzMDFkYmJkOWY2ODkuNDY1NjE5NjUJYXV0aHNtdHAubXgubWFzZXJ1LmNvbTYwMzAxZGJiZDlmY2Q2LjI5MDYwMTYzCTE2MTM3NjYwNzYJYWRfNjNfMA==&l=OAk1YmM3ZmZhYTdjOWZmOTQ2YzBmYjEyZGVhZDFmYWY1MgkwCTM5CTAJNGQ0ZGUyNTJmYTY1YzAwZGEzMDJkNmM4YTRlMGEyMjkJOTA1MjE0MjYJbWFzZXJ1CTAJNjMJMjUJMzAJMTYxMzc2NjA3NgkwLjAwMjM4MwlOCTAJMQkwCTEyMzUJMzY5NjM2NTQJMzcuMTIwLjIxNy4yMjAJMQ%3D%3D HTTP 302
https://xml.sedodna.com/click?i=YFlm9CQs92k_0 HTTP 302
https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed

Request Chain 30

https://mc.yandex.ru/watch/66586093?wmode=7&page-url=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k%26lptoken%3D16b91327765b781a789c&page-ref=http%3A%2F%2Fgaut-hil.com%2Fzcredirect%3Fvisitid%3D04a4aa7d-72f0-11eb-82b4-0aa2bed8a097%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1420565357152%3Ahid%3A892575124%3Az%3A60%3Ai%3A20210219212118%3Aet%3A1613766079%3Ac%3A1%3Arn%3A787784647%3Au%3A1613766079929759449%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613766078248%3Awv%3A2%3Ads%3A1%2C15%2C24%2C2%2C25%2C0%2C%2C59%2C1%2C171%2C171%2C0%2C128%3Adsn%3A0%2C16%2C23%2C3%2C26%2C0%2C%2C60%2C1%2C172%2C172%2C0%2C129%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613766079%3At%3AYouTube%E2%84%A2%20Video%20AdBlocker HTTP 302
https://mc.yandex.ru/watch/66586093/1?wmode=7&page-url=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k%26lptoken%3D16b91327765b781a789c&page-ref=http%3A%2F%2Fgaut-hil.com%2Fzcredirect%3Fvisitid%3D04a4aa7d-72f0-11eb-82b4-0aa2bed8a097%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1420565357152%3Ahid%3A892575124%3Az%3A60%3Ai%3A20210219212118%3Aet%3A1613766079%3Ac%3A1%3Arn%3A787784647%3Au%3A1613766079929759449%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613766078248%3Awv%3A2%3Ads%3A1%2C15%2C24%2C2%2C25%2C0%2C%2C59%2C1%2C171%2C171%2C0%2C128%3Adsn%3A0%2C16%2C23%2C3%2C26%2C0%2C%2C60%2C1%2C172%2C172%2C0%2C129%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613766079%3At%3AYouTube%E2%84%A2%20Video%20AdBlocker

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
authsmtp.mx.maseru.com/ 2 KB
2 KB 1063ms
1003ms Document
text/html 91.195.241.137
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://authsmtp.mx.maseru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.241.137 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash: 789864007a0a3f7be60dd1c9a84d9f704b40982b0d914184c68959f6cecddf6b

Request headers

:method: GET
:authority: authsmtp.mx.maseru.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Feb 2021 20:21:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 19 Feb 2021 20:21:15 GMT
pragma: no-cache
server: NginX
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_IbJ3px/L9cnRV13JQrV4DmDktAAIKdsDyk7XGpYiamFzcrohQUBUuVma24qdejGrZXVZr7WNe/HW/7ijgEvpHw==
x-cache-miss-from: parking-9c484869b-xv8vf
content-length: 1169

GET
H2 200 js_preloader.gif
img.sedoparking.com/images/ 4 KB
4 KB 29ms
8ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sedoparking.com/images/js_preloader.gif
Requested by: Host: authsmtp.mx.maseru.com
URL: https://authsmtp.mx.maseru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

Request headers

Referer: https://authsmtp.mx.maseru.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:16 GMT
x-cf3: M
cf4ttl: 31536000.000
x-cfhash: "90c93102a88c2ab94bff1575b7a6e86e"
x-cf1: 11696:fA.fra2:cf:cacheN.fra2-01:H
content-length: 4254
x-cf-tsc: 1611787549
x-cf2: H
last-modified: Fri, 15 Mar 2019 12:24:07 GMT
server: CFS 0215
x-cff: B
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
cf4age: 0
accept-ranges: bytes
expires: Fri, 26 Feb 2021 20:21:16 GMT

GET
H2 200 tsc.php
authsmtp.mx.maseru.com/search/ 0
37 B 31ms
30ms XHR
text/html 91.195.241.137
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://authsmtp.mx.maseru.com/search/tsc.php?200=OTA1MjE0MjY=&21=MzcuMTIwLjIxNy4yMjA=&681=MTYxMzc2NjA3Njc3NTRmODJkMTA3MWQwZGRhMDYxNTdjNDEyYjBhYTAy&crc=683704ef6cd5c172e4dcb5670c4b1109c507acdb&cv=1
Requested by: Host: authsmtp.mx.maseru.com
URL: https://authsmtp.mx.maseru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.241.137 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash

Request headers

Referer: https://authsmtp.mx.maseru.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:16 GMT
x-cache-miss-from: parking-9c484869b-wzv4q
server: NginX
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

9232f590-d991-493f-b95d-d38c0c6cdd28 Show response
gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/
Redirect Chain

https://authsmtp.mx.maseru.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92k_0&v=OWQxZDNlNWMwZDgxYjg0NzE2MmRjMWY3ZTY2MWY3N2YJMQlhdXRoc210cC5teC5tYXNlcnUuY29tNjAz...
https://authsmtp.mx.maseru.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DYFlm9CQs92k_0&v=OWQxZDNlNWMwZDgxYjg0NzE2MmRjMWY3ZTY2MWY3N2YJMQlhdXRoc210cC5teC5tYXNlcnUuY29tNjAz...
https://xml.sedodna.com/click?i=YFlm9CQs92k_0
https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed

994 B
1 KB

315ms
110ms

Document
text/html

54.84.27.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed

Requested by

Host: authsmtp.mx.maseru.com
URL: https://authsmtp.mx.maseru.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.27.165 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-27-165.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

82c60294f8bf5cd9a8479f3d6bf2d37c9a4a17351344a627916895ff213a1d96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

:method: GET
:authority: gaut-hil.com
:scheme: https
:path: /zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://authsmtp.mx.maseru.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://authsmtp.mx.maseru.com/

Response headers

date: Fri, 19 Feb 2021 20:21:17 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: ZeroPark-Traffic

Redirect headers

Server: nginx
Date: Fri, 19 Feb 2021 20:21:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed
Pragma: no-cache
Age: 0

GET
H/1.1 200
OK zcredirect Show response
gaut-hil.com/ 2 KB
3 KB 199ms
193ms Document
text/html 54.84.27.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://gaut-hil.com/zcredirect?visitid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: gaut-hil.com
URL: https://gaut-hil.com/zcvisitor/04a4aa7d-72f0-11eb-82b4-0aa2bed8a097/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=720deed0-d0c2-11ea-ae64-12e5dcaa70ed

Protocol

HTTP/1.1

Server

54.84.27.165 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-27-165.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

fcfdccdb103ca60d72c94e80bfcc7b21abd3cdb68d2137603b50f93af478f4d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: gaut-hil.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 20:21:18 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2

200

Primary Request / Show response
freevideoguard.com/
Redirect Chain

https://bional-dested.icu/zp-redirect?target=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz...
https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gB...

69 KB
19 KB

40ms
24ms

Document
text/html

2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c

Requested by

Host: gaut-hil.com
URL: http://gaut-hil.com/zcredirect?visitid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e283f3cf5779c8bad235aca3fbf581a30790ffc86ebe98f7eb385a623401953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: freevideoguard.com
:scheme: https
:path: /?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://gaut-hil.com/zcredirect?visitid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://gaut-hil.com/zcredirect?visitid=04a4aa7d-72f0-11eb-82b4-0aa2bed8a097&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-type: text/html
set-cookie: __cfduid=d4a8ca77eb03b5e7944200d50727c36a91613766078; expires=Sun, 21-Mar-21 20:21:18 GMT; path=/; domain=.freevideoguard.com; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-request-id: 085d8d4754000006250237e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FQCu7Z79SJyu96Fh25pap2fCni7d1QWw9wiphrpjWlmwZI7Z6zeC4Qct0J3jJCkWvOGNZkzJD2%2FNeaHcByF9UTqK6%2F7otprCR4UxGGyGE6ijHQDZAvZBTOyNwovBVm8%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6242b1855f590625-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Fri, 19 Feb 2021 20:21:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
Pragma: no-cache
Set-Cookie: 5f557194-5b81-42c9-95ab-19896266ef3c-v4=5f557194-5b81-42c9-95ab-19896266ef3c; Max-Age=86400; Expires=Sat, 20-Feb-2021 20:21:18 GMT; Domain=bional-dested.icu; Path=/; Secure; HttpOnly;SameSite=None cep-v4=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k; Max-Age=86400; Expires=Sat, 20-Feb-2021 20:21:18 GMT; Domain=bional-dested.icu; Path=/; Secure; HttpOnly;SameSite=None

GET
H2 200 css
fonts.googleapis.com/ 4 KB
632 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600,900

Requested by

Host: freevideoguard.com
URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

135c37d743d94074bd036ffc8528cc2cf6bc37c6a2f44b039df4d8d56b87601f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 20:20:47 GMT
server: ESF
date: Fri, 19 Feb 2021 20:21:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 20:21:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 19:07:51 GMT
server: ESF
date: Fri, 19 Feb 2021 20:21:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 20:21:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
698 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d353335dec3acf06af00e0bd7ee76a2d72bec691478884a1fe827e418e8a7f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 19:11:10 GMT
server: ESF
date: Fri, 19 Feb 2021 20:21:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 20:21:18 GMT

GET
H2 200 icon-big.png
freevideoguard.com/img/common/ 3 KB
3 KB 20ms
20ms Image
image/png 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/icon-big.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e181af6eeebb72a2714f3c69d0feba0d8b5efdc35b9ae8c9735f243dbf33d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 108697
vary: Accept-Encoding
content-length: 3074
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/icon-big.76ccea3d31.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wa%2BXEmQjhXL1JVu2ELH%2FXCl8Wpkadmax7JEMT9X7dR2UGlD%2FkChdUH5lckIJPQkjh4yNvT7LULnHoOs%2FUa%2FNrxPyV%2F2Vobw9IlvBlh6%2FcbegwGnW1Ju3VDuR6%2FFGp5I%3D"}]}
content-type: image/png
cache-control: max-age=2592000
cf-request-id: 085d8d478700000625c787b000000001
accept-ranges: bytes
cf-ray: 6242b185afe00625-FRA

GET
H2 200 chrome-web-store.jpg
freevideoguard.com/img/common/ 3 KB
4 KB 19ms
18ms Image
image/jpeg 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/chrome-web-store.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7d8c48b227f232feb573ddb09f20f7be0d7f572743eade751c50b70ad898b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130620
vary: Accept-Encoding
content-length: 3464
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/chrome-web-store.f396a5f3de.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8faXa3OLU0P9Cq8NZz5k8u3t3ovpaV5QO%2BDoMUtM%2Bpt5XYsDWne0df1ZGVbcs2%2BM2NJ%2FUUnwz8HHLhdb%2BWlpe8LJrQ9aVM%2Fkly1V40rwHVaqkkXM4Xf%2Fu6OPvWfLbLI%3D"}]}
content-type: image/jpeg
cache-control: max-age=2592000
cf-request-id: 085d8d478700000625e030e000000001
accept-ranges: bytes
cf-ray: 6242b185afe30625-FRA

GET
H2 200 edge-web-store.png
freevideoguard.com/img/common/ 3 KB
4 KB 33ms
29ms Image
image/png 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/edge-web-store.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27a74a20407bc0137790cf15301fd5b97cb0c083e908e4985de99a54a2f4d0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116649
vary: Accept-Encoding
content-length: 3383
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/edge-web-store.4c68ae2203.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CD8GWC390mySZYeX%2BxGITkyLzwYGRcp3BzCXvCm5GVeqszh5%2BqVpE4dKH9rYKW2n%2B9jAAWnDvFjgf6rI4JCAWfdKBfvbcxo8qzFTn%2Fm1ubVbcilAMk9xd2ZIpqnQbFU%3D"}]}
content-type: image/png
cache-control: max-age=2592000
cf-request-id: 085d8d478f00000625eab89000000001
accept-ranges: bytes
cf-ray: 6242b185bff80625-FRA

GET
H2 200 firefox.png
freevideoguard.com/img/common/ 3 KB
4 KB 30ms
26ms Image
image/png 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/firefox.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724de4a4644df7bc3f97423189e0a3a26ec2439aaaac692ca6d35dcf19b9022f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130620
vary: Accept-Encoding
content-length: 3500
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/firefox.7f85c93f84.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EjGWxzBtqQF8TupJjefFLhUD1FMuWc4ggc0NtYHy%2FAWRqm0sLH9FVLI32zBkJhXTdslvvurnSxerCqpN%2BwQee3P77q4CNxQIcMAbKk%2BFSSJ8bh9z9TYorGObPaTKhCE%3D"}]}
content-type: image/png
cache-control: max-age=2592000
cf-request-id: 085d8d478f00000625c332b000000001
accept-ranges: bytes
cf-ray: 6242b185bffb0625-FRA

GET
H2 200 webstore-icon.png.svg
freevideoguard.com/img/lander3/ 4 KB
3 KB 33ms
29ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/lander3/webstore-icon.png.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ec4f762f031108594693c018e2918b048312400224d4586ec902a190c3e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13973
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ffaQ9ITEt33%2BiyECLTOd0G%2BcERraZZg7kC0Gbm0Qdkhhv7m7Q5ytOd3ZJVuWuFZTvyGFawZrE2u0WD7Inn1foQO3OrnBRFD2Ct9yiiFtpfLgz0o8HRBmlOaX2QlSk9w%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d479000000625fb074000000001
cf-ray: 6242b185bffc0625-FRA

GET
H2 200 firefox-3.svg
freevideoguard.com/img/lander3/ 27 KB
9 KB 30ms
27ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/lander3/firefox-3.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958dd099a66b61d25d2664c13f32610f496b96d4cab7c1c89f124833873b4313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116714
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HvoyVYhXlQcujY64SNrvL3V%2BUq6SzREQvX6uiqaAdhSQrDvLFPb8DfBIpzr%2BYdUJmMNkv7Yd%2Buu3DpniSqJI8Oc7P659W54TRyklJ7hquX53lt6ocG60QTBkx%2FCBpeo%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d479000000625d7902000000001
cf-ray: 6242b185bffd0625-FRA

GET
H2 200 microsoft-icon.svg
freevideoguard.com/img/common/ 1 KB
775 B 31ms
28ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/microsoft-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66bd79beff6cf7c95f47dcd1cc47dfe458082c9fd39a4ede61eff04d78823c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116714
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B08NfPTPM3aDf%2BjNnKAFidrQAZTdCNsKJbl6Cj%2BGsB%2F76ugGQomRW7xvPgwLFY%2BtxAWqqMyOp4ORGmQoLfvZJXahF33fZXtFClAKvcgB8aJ7cdhh3%2F7IhUHXWZIEJ%2FE%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d47900000062510139000000001
cf-ray: 6242b185b8000625-FRA

GET
H2 200 opera.svg
freevideoguard.com/img/lander2/ 1 KB
1 KB 30ms
27ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/lander2/opera.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d66d713636bbbb8b410563d94c94d61eddb6925bdb9964ae2f59a8ac6db9767e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 14189
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yHqgr2jC9piHId4OisdWr0AZhm%2FPD63StuUGdj1pLlsc%2FXjEjrUDJGRWhFAwwyE4WqqekzOxGbaF8StCn32Er%2BJ5mBKslCVPmoTNhWhnMLeECUGQmtTyOWfGF8o6aa8%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d479000000625d996d000000001
cf-ray: 6242b185b8020625-FRA

GET
H2 200 star-rating.svg
freevideoguard.com/img/lander3/ 1 KB
1 KB 31ms
28ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/lander3/star-rating.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0717e255d8f2cfd36a5e995c0a2cdf08090425695daa8602ed0a1f8ea0b62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130620
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pmyJVuX4%2FEDuP8KTcP18EXFMK3xxs4zWolOFbF6fJNsUsQrhWoEUMu6c7P4xQ%2FiHs6ULYWuRZrthptTokpCKF6Jzn7Nfnjs0GKuTSUA9MKzETAIVL3ZYQkdWBAT%2BjmA%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d4790000006251ea0e000000001
cf-ray: 6242b185b8030625-FRA

GET
H2 200 arrow.svg
freevideoguard.com/img/lander3/ 410 B
629 B 30ms
28ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/lander3/arrow.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89971daab5b9e42c37c7902a72da75791e1bb74b191e9b1d3227b8783f135146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130620
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pmpGBN4CiucjsxcinhrJMSEuZhJnIaqRTuTdVONdV216Ov2WwaX7CC4%2Bsg0qw5%2B3lC7gm92Ew0hOl%2FbSBe1y8QE2egt4jSFEcz7dMaqojV6nrbfj8jg1o8hgu1fyGk8%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d4790000006251fb7d000000001
cf-ray: 6242b185b8040625-FRA

GET
H2 200 cert1.jpg
freevideoguard.com/img/common/ 16 KB
16 KB 39ms
36ms Image
image/jpeg 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/cert1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

368634baac7ea8b5b7efe112474d1fa8a670b008cdd438ea3f575a32a4d03be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116584
vary: Accept-Encoding
content-length: 16490
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/cert1.d896f642d2.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nkRHIUuiViTO89dX28WMBbnOVhfXI05tUINrtVHLRw%2B0ojDyHqzwI%2B7HJDN1SWfh1rZZ0XZZWnrarZ9HGjPGGromxJtVFS4Z3vgS5luvZBwXMXxbaUV8hlntNoYS0U%3D"}]}
content-type: image/jpeg
cache-control: max-age=2592000
cf-request-id: 085d8d47910000062502384000000001
accept-ranges: bytes
cf-ray: 6242b185b8050625-FRA

GET
H2 200 cert3.jpg
freevideoguard.com/img/common/ 14 KB
15 KB 40ms
38ms Image
image/jpeg 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/cert3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff237ef3d6f3235925a857cd8d4d67c01e97840f289079196ed1197851e06619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116584
vary: Accept-Encoding
content-length: 14824
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/cert3.c23c88b1ec.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BK0Mi3w2Z8AmZBGsT3VLMIHSDHz02qwdy%2FxTfwvctx3zhkxa9Ihtm27HjZtAs8UHGzZ4TCkG6wB2nVrPoW8%2BA0Ic31QmLshK67jwTO%2F68kdHodB6ScyImp82HQ5pCrI%3D"}]}
content-type: image/jpeg
cache-control: max-age=2592000
cf-request-id: 085d8d479100000625b8818000000001
accept-ranges: bytes
cf-ray: 6242b185b8080625-FRA

GET
H2 200 cert2.jpg
freevideoguard.com/img/common/ 13 KB
13 KB 29ms
27ms Image
image/jpeg 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/common/cert2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a17c55a9064777fe8a55e0a517d92fd7c710ace39bf11f24e4a68475949414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5203
vary: Accept-Encoding
content-length: 13011
x-xss-protection: 1; mode=block
server: cloudflare
etag: img/common/cert2.8b1473f669.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KjoNYihQF3v%2FuS4x9jnKLBb6sKIU8mu7fmVANA1B01gC8AVnLTVraVaLZ4wjFh0C4VJQFQbceTiUOMKVySD8MHlpPUC6z5SYDOoGOFmMwJifJWVCX4kGeqdvaSpU10M%3D"}]}
content-type: image/jpeg
cache-control: max-age=2592000
cf-request-id: 085d8d47910000062504bce000000001
accept-ranges: bytes
cf-ray: 6242b185b8090625-FRA

GET
H2 200 info_outline.svg
freevideoguard.com/img/iframe/ 399 B
547 B 45ms
43ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/iframe/info_outline.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3790d6e556194fd7d17b273234befd2de44daa4c57d5055bdd0de714c57152a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130620
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k4wiYJvU4JcpA17DiCKo%2FAkey%2F2SUOyfmsj64pyr065tvoQl6wR3zH9hhBKm3Fg7G6%2FOFN8x%2BTWtOFUoQr0zFct3E8f3qpneunU35tAY6SKICKiK9yx6XaocQeGvDSg%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d479100000625c787c000000001
cf-ray: 6242b185b80a0625-FRA

GET
H2 200 close.svg
freevideoguard.com/img/iframe/ 259 B
551 B 39ms
37ms Image
image/svg+xml 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freevideoguard.com/img/iframe/close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a4f18324efc41ecf5d7d8824468be5672e08772a342287f4e70bd621e2d7afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 84934
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=02nOxBNK0jnApGHNhHr%2F4tlHDRuNugtI3%2Fo97s6hXMtBhnDmI1XcemJYEp9vdRFHrZ2SfRQ0UQBs9ise3VnJjS%2BegjsJ1xwWJL4qnqZoavbXK30%2BeNION6cb2HfZC2w%3D"}]}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-request-id: 085d8d47910000062507049000000001
cf-ray: 6242b185b80b0625-FRA

GET
H2 200 app-f748a8262f.js Show response
freevideoguard.com/build/js/ 139 KB
42 KB 40ms
39ms Script
application/javascript 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freevideoguard.com/build/js/app-f748a8262f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09d822a5d1672f5feae7644120a2ba257c375ea02c14298c230f5fd6014996b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 15473
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FivNKG7uGvQSrdU5D%2FPItFLjb7%2BlvMG2G3UXHJpryWUO7m5%2Bu2Fz%2FuVU8roiCmiI8uU5T66WMTrCpTyuJ2LFF0zixR9ma%2B6AZ1D692FveNhfTo5NhRYIxLYeZ2Ie82E%3D"}]}
content-type: application/javascript
cache-control: max-age=2592000
cf-request-id: 085d8d479200000625bb3bc000000001
cf-ray: 6242b185b80d0625-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://freevideoguard.com
Referer: https://fonts.googleapis.com/css?family=Roboto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 57339
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
31 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRZN2LN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fdb0a05e125088b04e9b61378644f1dcb1f341a2051ad108d4468403c8f46aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31904
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 20:21:18 GMT

GET
H2 200 landers-6b96f5d132.common.css
freevideoguard.com/build/css/ 8 KB
2 KB 17ms
16ms Stylesheet
text/css 2606:4700:e0::ac40:611f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freevideoguard.com/build/css/landers-6b96f5d132.common.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:611f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ceec01a7e8573206155f915c766ac64a30da69c24bbced8a578d831524d488f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130606
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfBjo42xXwmCmNfuypNmHE6mJqkqWSIZJy5aaMqb8NdOqyoSxelGKQji4mcwStVO7y7fSz4z445LZ0UB%2FS2rZHW5UMnEqGYKbdxN%2BOT5XAuXCP%2FmyByAJEud1Lw8jJs%3D"}]}
content-type: text/css; charset=utf8
cache-control: max-age=2592000
cf-request-id: 085d8d47bf00000625d31ee000000001
cf-ray: 6242b185f88c0625-FRA

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRZN2LN

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2041
date: Fri, 19 Feb 2021 19:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 21:47:17 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
66 KB 151ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: authsmtp.mx.maseru.com
URL: https://authsmtp.mx.maseru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6cc431ef68ca8ba830abbd7e9cc021644a3904d0ac181f3e8389b4fc40e219b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
content-encoding: br
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-105e2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67042
expires: Fri, 19 Feb 2021 21:21:18 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2056667898&t=pageview&_s=1&dl=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k%26lptoken%3D16b91327765b781a789c&dr=http%3A%2F%2Fgaut-hil.com%2Fzcredirect%3Fvisitid%3D04a4aa7d-72f0-11eb-82b4-0aa2bed8a097%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=YouTube%E2%84%A2%20Video%20AdBlocker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=677160830&gjid=55073187&cid=1612263032.1613766078&tid=UA-171739637-1&_gid=1741856583.1613766078&_r=1&gtm=2wg2a1NRZN2LN&z=1315608276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freevideoguard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/66586093/
Redirect Chain

https://mc.yandex.ru/watch/66586093?wmode=7&page-url=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3P...
https://mc.yandex.ru/watch/66586093/1?wmode=7&page-url=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v...

167 B
249 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66586093/1?wmode=7&page-url=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k%26lptoken%3D16b91327765b781a789c&page-ref=http%3A%2F%2Fgaut-hil.com%2Fzcredirect%3Fvisitid%3D04a4aa7d-72f0-11eb-82b4-0aa2bed8a097%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1420565357152%3Ahid%3A892575124%3Az%3A60%3Ai%3A20210219212118%3Aet%3A1613766079%3Ac%3A1%3Arn%3A787784647%3Au%3A1613766079929759449%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613766078248%3Awv%3A2%3Ads%3A1%2C15%2C24%2C2%2C25%2C0%2C%2C59%2C1%2C171%2C171%2C0%2C128%3Adsn%3A0%2C16%2C23%2C3%2C26%2C0%2C%2C60%2C1%2C172%2C172%2C0%2C129%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613766079%3At%3AYouTube%E2%84%A2%20Video%20AdBlocker

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f10d36b15fa6fca025b9f60894174c5ca36684cf0163e2c558fd6e8374bbfdc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 20:21:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 19-Feb-2021 20:21:18 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://freevideoguard.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Fri, 19-Feb-2021 20:21:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Feb 2021 20:21:18 GMT
last-modified: Fri, 19-Feb-2021 20:21:18 GMT
location: /watch/66586093/1?wmode=7&page-url=https%3A%2F%2Ffreevideoguard.com%2F%3Fscenario%3Dpromo5ns2%26trackingdomain%3Dbional-dested.icu%26cep%3DmgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k%26lptoken%3D16b91327765b781a789c&page-ref=http%3A%2F%2Fgaut-hil.com%2Fzcredirect%3Fvisitid%3D04a4aa7d-72f0-11eb-82b4-0aa2bed8a097%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A128%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A1420565357152%3Ahid%3A892575124%3Az%3A60%3Ai%3A20210219212118%3Aet%3A1613766079%3Ac%3A1%3Arn%3A787784647%3Au%3A1613766079929759449%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613766078248%3Awv%3A2%3Ads%3A1%2C15%2C24%2C2%2C25%2C0%2C%2C59%2C1%2C171%2C171%2C0%2C128%3Adsn%3A0%2C16%2C23%2C3%2C26%2C0%2C%2C60%2C1%2C172%2C172%2C0%2C129%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613766079%3At%3AYouTube%E2%84%A2%20Video%20AdBlocker
strict-transport-security: max-age=31536000
access-control-allow-origin: https://freevideoguard.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 19-Feb-2021 20:21:18 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 20:21:18 GMT
last-modified: Wed, 17 Feb 2021 20:30:36 GMT
etag: "602bfd68-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 19 Feb 2021 21:21:18 GMT

GET
H2 200 1 Show response
ymetrica1.com/watch/3/ 43 B
373 B 181ms
64ms XHR
image/gif 154.47.36.82
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://ymetrica1.com/watch/3/1?

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.47.36.82 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 20:21:18 GMT
last-modified: Fri, 19-Feb-2021 20:21:18 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://freevideoguard.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 19-Feb-2021 20:21:18 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freevideoguard.com/	1970-01-19 16:16:13	Name: scenario Value: promo5ns2
freevideoguard.com/	1970-01-19 16:16:13	Name: trackingdomain Value: bional-dested.icu
.freevideoguard.com/	1970-01-19 16:59:18	Name: __cfduid Value: d4a8ca77eb03b5e7944200d50727c36a91613766078

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 740) Message: Scenario: promo5ns2
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 741) Message: window.location: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 742) Message: window.location.search: ?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 756) Message: Force install: null
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 786) Message: here
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 790) Message: data-install
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 790) Message: data-install
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 790) Message: data-install
console-api	log	URL: https://freevideoguard.com/?scenario=promo5ns2&trackingdomain=bional-dested.icu&cep=mgnEE8sKqlULLECMXVz3HBbvdoVRjuEM6M635v3PHXU2POLz0Ee0yNRcIsd7dZ_Lllv751c8rlJ0A3dz0tnquXO-6wuWd0Qn-5mjDdqjWDZYHx6gBy0xXfMuAA_TSVylqyj91hfhUFjfj1AHd1Gjvb5iICGSILksPp9JX6S8Sq0mvDvrE3j7nFiHuGEinCEX20l-1f6sNHvdQE9YHwDar4N-UTuGs4m3k2hlVuRRt6EOIg1iw6Uv4cTyeisobGg3sCvTuybuNqqrl3zMKnl7uP6xGkPGB7S3fAB-ujjpCKeS09VMeKzSgqoyHxEH0CihCrO9mnxjeWn1B2zh-JSy92cxk899Bg6CHOwA3hczJCPUTqS9qlF3Kbi5gDMDGwhI6YA-jLvc_dA-9vOQ0n-hwoKirb6mRRSX1m-uc5UkerdlHefpX_h7AHvZItQbbE8Q-qt-_wLtwq8vMX_R5yQyFptqqLmoTB9j19w9WSX1Q13Tdi6tHKRjEgvm2q_nUB9tXFo8g8MTxK1ZIxSNxvKCS8qp9tjMDEInmbgON8qaI25JetY4HhrkKNjoGUodiw7k&lptoken=16b91327765b781a789c(Line 790) Message: data-install

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authsmtp.mx.maseru.com
bional-dested.icu
fonts.googleapis.com
fonts.gstatic.com
freevideoguard.com
gaut-hil.com
img.sedoparking.com
mc.yandex.ru
www.google-analytics.com
www.googletagmanager.com
xml.sedodna.com
ymetrica1.com
154.47.36.82
173.239.53.32
18.195.174.160
205.234.175.175
2606:4700:e0::ac40:611f
2a00:1450:4001:810::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a02:6b8::1:119
54.84.27.165
91.195.241.137
09d822a5d1672f5feae7644120a2ba257c375ea02c14298c230f5fd6014996b6
0c7d8c48b227f232feb573ddb09f20f7be0d7f572743eade751c50b70ad898b1
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
135c37d743d94074bd036ffc8528cc2cf6bc37c6a2f44b039df4d8d56b87601f
27a74a20407bc0137790cf15301fd5b97cb0c083e908e4985de99a54a2f4d0f9
368634baac7ea8b5b7efe112474d1fa8a670b008cdd438ea3f575a32a4d03be2
3790d6e556194fd7d17b273234befd2de44daa4c57d5055bdd0de714c57152a1
49e181af6eeebb72a2714f3c69d0feba0d8b5efdc35b9ae8c9735f243dbf33d2
4ceec01a7e8573206155f915c766ac64a30da69c24bbced8a578d831524d488f
53a17c55a9064777fe8a55e0a517d92fd7c710ace39bf11f24e4a68475949414
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
5fdb0a05e125088b04e9b61378644f1dcb1f341a2051ad108d4468403c8f46aa
66bd79beff6cf7c95f47dcd1cc47dfe458082c9fd39a4ede61eff04d78823c5b
6a4f18324efc41ecf5d7d8824468be5672e08772a342287f4e70bd621e2d7afb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc431ef68ca8ba830abbd7e9cc021644a3904d0ac181f3e8389b4fc40e219b1
724de4a4644df7bc3f97423189e0a3a26ec2439aaaac692ca6d35dcf19b9022f
75ec4f762f031108594693c018e2918b048312400224d4586ec902a190c3e93c
789864007a0a3f7be60dd1c9a84d9f704b40982b0d914184c68959f6cecddf6b
82c60294f8bf5cd9a8479f3d6bf2d37c9a4a17351344a627916895ff213a1d96
89971daab5b9e42c37c7902a72da75791e1bb74b191e9b1d3227b8783f135146
958dd099a66b61d25d2664c13f32610f496b96d4cab7c1c89f124833873b4313
9e283f3cf5779c8bad235aca3fbf581a30790ffc86ebe98f7eb385a623401953
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
d353335dec3acf06af00e0bd7ee76a2d72bec691478884a1fe827e418e8a7f28
d66d713636bbbb8b410563d94c94d61eddb6925bdb9964ae2f59a8ac6db9767e
dd0717e255d8f2cfd36a5e995c0a2cdf08090425695daa8602ed0a1f8ea0b62e
f10d36b15fa6fca025b9f60894174c5ca36684cf0163e2c558fd6e8374bbfdc5
fcfdccdb103ca60d72c94e80bfcc7b21abd3cdb68d2137603b50f93af478f4d7
ff237ef3d6f3235925a857cd8d4d67c01e97840f289079196ed1197851e06619

freevideoguard.com Open in urlscan Pro 2606:4700:e0::ac40:611f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

50 %IPv6

12 Domains

12 Subdomains

10 IPs

3 Countries

279 kBTransfer

681 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freevideoguard.com Open in urlscan Pro
2606:4700:e0::ac40:611f Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

12
Subdomains

10
IPs

3
Countries

279 kB
Transfer

681 kB
Size

3
Cookies

34 HTTP transactions
0 data transactions