www1.watchmygf.to
Open in
urlscan Pro
108.170.27.42
Public Scan
Effective URL: https://www1.watchmygf.to/video.php
Submission: On March 08 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 18th 2019. Valid for: 3 months.
This is the only time www1.watchmygf.to was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 188.72.208.72 188.72.208.72 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 188.42.160.69 188.42.160.69 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 2606:4700:20:... 2606:4700:20::6819:4066 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 2606:4700:20:... 2606:4700:20::6819:b111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 2 | 18.209.26.215 18.209.26.215 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 4 | 51.15.75.42 51.15.75.42 | 12876 (AS12876) (AS12876) | |
1 2 | 131.153.42.229 131.153.42.229 | 20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC) | |
2 | 108.170.27.42 108.170.27.42 | 20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC) | |
1 | 131.153.42.225 131.153.42.225 | 20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC) | |
11 | 9 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
mediaonly.ru |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
popcash.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-209-26-215.compute-1.amazonaws.com
ps.popcash.net |
ASN12876 (AS12876, FR)
PTR: 42-75-15-51.rev.cloud.scaleway.com
r.advaloo.com | |
p.advaloo.com |
ASN20454 (SSASN2 - SECURED SERVERS LLC, US)
www1.watchmygf.to |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
advaloo.com
1 redirects
r.advaloo.com p.advaloo.com |
2 KB |
3 |
popcash.net
2 redirects
popcash.net ps.popcash.net |
1 KB |
2 |
watchmygf.to
www1.watchmygf.to |
13 KB |
2 |
prpops.com
1 redirects
prpops.com |
9 KB |
2 |
wedeegut.net
1 redirects
wedeegut.net |
7 KB |
1 |
mordi.fun
d.mordi.fun |
4 KB |
1 |
mediaonly.ru
mediaonly.ru |
525 B |
1 |
rtmark.net
my.rtmark.net |
366 B |
11 | 8 |
Domain | Requested by | |
---|---|---|
3 | p.advaloo.com |
1 redirects
r.advaloo.com
p.advaloo.com |
2 | www1.watchmygf.to |
prpops.com
www1.watchmygf.to |
2 | prpops.com |
1 redirects
p.advaloo.com
|
2 | ps.popcash.net |
1 redirects
mediaonly.ru
|
2 | wedeegut.net | 1 redirects |
1 | d.mordi.fun |
www1.watchmygf.to
|
1 | r.advaloo.com |
ps.popcash.net
|
1 | popcash.net | 1 redirects |
1 | mediaonly.ru |
wedeegut.net
|
1 | my.rtmark.net |
wedeegut.net
|
11 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wedeegut.net Let's Encrypt Authority X3 |
2019-01-04 - 2019-04-04 |
3 months | crt.sh |
my.rtmark.net RapidSSL RSA CA 2018 |
2018-04-05 - 2019-05-05 |
a year | crt.sh |
mediaonly.ru CloudFlare Inc ECC CA-2 |
2019-01-07 - 2020-01-07 |
a year | crt.sh |
watchmygf.to Let's Encrypt Authority X3 |
2019-02-18 - 2019-05-19 |
3 months | crt.sh |
mordi.fun Let's Encrypt Authority X3 |
2019-01-22 - 2019-04-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www1.watchmygf.to/video.php
Frame ID: 5683745062115AFEA6B18788C2E06BD0
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://wedeegut.net/1/1407888/?var=2092050 Page URL
-
https://wedeegut.net/?r=%2Fmb%2Fhan&pbk3=5b87d177bfe5deb9c9517d6f99de64c06666166647938669072&empt...
HTTP 302
https://mediaonly.ru/aedijdJAGFdbe.php?zoneid=1407888 Page URL
-
http://popcash.net/world/go/187798/448581
HTTP 301
http://ps.popcash.net/go/187798/448581 Page URL
-
http://ps.popcash.net/ad/ad?p=187798&w=448581&t=530086dc8a1521e1&r=&vw=1600&vh=1200
HTTP 303
http://r.advaloo.com/edcbdf04-570e-4ec3-aa51-876661661045 Page URL
- http://p.advaloo.com/in2.php?kw=rtb&cid=7d6f41a5-c97c-43ae-pc-chrome-de&uid=edcbdf04-570e-4ec3-aa... Page URL
-
http://p.advaloo.com/st.php?uid=edcbdf04-570e-4ec3-aa51-876661661045&cid=7d6f41a5-c97c-43ae-pc-ch...
HTTP 302
http://p.advaloo.com/edcbdf04-570e-4ec3-aa51-876661661045 Page URL
- http://prpops.com/p/ms9o/direct/t:de_chrome_67 Page URL
-
http://prpops.com/p/ms9o/direct/t:de_chrome_67?prc_c=1552087873&prc_r=eyJIVFRQX1JFRkVSRVIiOiJo...
HTTP 302
https://www1.watchmygf.to/video.php Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://wedeegut.net/1/1407888/?var=2092050 Page URL
-
https://wedeegut.net/?r=%2Fmb%2Fhan&pbk3=5b87d177bfe5deb9c9517d6f99de64c06666166647938669072&empty=0&var=2092050&uuid=8cd795ad-6207-4160-b8d0-818568dd20d1&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=2756&adparams=bm9qcz0w&ip=cadacdfb33e978fa3f58d45ccf9d46ab&zoneid=1407888&x=1600&y=1200&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fwedeegut.net%2Fafu.php%3Fzoneid%3D1407888%26var%3D1407888&drf=&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&nw=1&hil=undefined&id=413e585eae8fca9b996bbb95118caf28&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&sf_type=1&timeout=0
HTTP 302
https://mediaonly.ru/aedijdJAGFdbe.php?zoneid=1407888 Page URL
-
http://popcash.net/world/go/187798/448581
HTTP 301
http://ps.popcash.net/go/187798/448581 Page URL
-
http://ps.popcash.net/ad/ad?p=187798&w=448581&t=530086dc8a1521e1&r=&vw=1600&vh=1200
HTTP 303
http://r.advaloo.com/edcbdf04-570e-4ec3-aa51-876661661045 Page URL
- http://p.advaloo.com/in2.php?kw=rtb&cid=7d6f41a5-c97c-43ae-pc-chrome-de&uid=edcbdf04-570e-4ec3-aa51-876661661045&cc=de&b=chrome&bv=67.0 Page URL
-
http://p.advaloo.com/st.php?uid=edcbdf04-570e-4ec3-aa51-876661661045&cid=7d6f41a5-c97c-43ae-pc-chrome-de&iw=1600&ih=1200&ow=1600&oh=1200&sw=1600&sh=1200&aw=1600&ah=1200&np=Linux%20x86_64&nv=Google%20Inc.&cp=0&ph=0&pl=0
HTTP 302
http://p.advaloo.com/edcbdf04-570e-4ec3-aa51-876661661045 Page URL
- http://prpops.com/p/ms9o/direct/t:de_chrome_67 Page URL
-
http://prpops.com/p/ms9o/direct/t:de_chrome_67?prc_c=1552087873&prc_r=eyJIVFRQX1JFRkVSRVIiOiJodHRwOlwvXC9wLmFkdmFsb28uY29tXC9lZGNiZGYwNC01NzBlLTRlYzMtYWE1MS04NzY2NjE2NjEwNDUiLCJIVFRQX1VTRVJfQUdFTlQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNjcuMC4zMzk2Ljg3IFNhZmFyaVwvNTM3LjM2In0=&prc_h=fb35759957f04ee59fe7a61a85b7659f45bc6c1521eeae5550eb95fb6b206dd3&pr_tsid=8ac725eb6ca1cf8ef1c860f10ebad638562fae6b00185ff4b34657b3eb9d0f9c&pr_tsids=1c6916c75623cc1d985b3aabe5b1f4f7039f555beca6c022d4ecc715093eda91&prc_obfjs=c69e98a1dc8d346b52d386e179ac14c795badd82d0f61e9fae4d2df5499ef83e&prc_isIframe1=false&prc_jw=1600&prc_jh=1200&prc_jow=1600&prc_joh=1200&prc_jsw=1600&prc_jsh=1200&prc_jwaw=1600&prc_jwah=1200&prc_jnp=Linux%20x86_64&prc_jnv=Google%20Inc.&prc_jcp=0&prc_jp=0&prc_jpc=0&prc_jfp=0&prc_isPhantomJS=50&prc_PhantomJSDetail=32&prc_isHeadlessChrome=100&prc_HeadlessChromeDetail=66
HTTP 302
https://www1.watchmygf.to/video.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://wedeegut.net/?r=%2Fmb%2Fhan&pbk3=5b87d177bfe5deb9c9517d6f99de64c06666166647938669072&empty=0&var=2092050&uuid=8cd795ad-6207-4160-b8d0-818568dd20d1&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=2756&adparams=bm9qcz0w&ip=cadacdfb33e978fa3f58d45ccf9d46ab&zoneid=1407888&x=1600&y=1200&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fwedeegut.net%2Fafu.php%3Fzoneid%3D1407888%26var%3D1407888&drf=&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&nw=1&hil=undefined&id=413e585eae8fca9b996bbb95118caf28&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&sf_type=1&timeout=0 HTTP 302
- https://mediaonly.ru/aedijdJAGFdbe.php?zoneid=1407888
- http://popcash.net/world/go/187798/448581 HTTP 301
- http://ps.popcash.net/go/187798/448581
- http://ps.popcash.net/ad/ad?p=187798&w=448581&t=530086dc8a1521e1&r=&vw=1600&vh=1200 HTTP 303
- http://r.advaloo.com/edcbdf04-570e-4ec3-aa51-876661661045
- http://p.advaloo.com/st.php?uid=edcbdf04-570e-4ec3-aa51-876661661045&cid=7d6f41a5-c97c-43ae-pc-chrome-de&iw=1600&ih=1200&ow=1600&oh=1200&sw=1600&sh=1200&aw=1600&ah=1200&np=Linux%20x86_64&nv=Google%20Inc.&cp=0&ph=0&pl=0 HTTP 302
- http://p.advaloo.com/edcbdf04-570e-4ec3-aa51-876661661045
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
wedeegut.net/1/1407888/ |
12 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
img.gif
my.rtmark.net/ |
43 B 366 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aedijdJAGFdbe.php
mediaonly.ru/ Redirect Chain
|
394 B 525 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
448581
ps.popcash.net/go/187798/ Redirect Chain
|
426 B 460 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
edcbdf04-570e-4ec3-aa51-876661661045
r.advaloo.com/ Redirect Chain
|
457 B 447 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in2.php
p.advaloo.com/ |
1 KB 675 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
edcbdf04-570e-4ec3-aa51-876661661045
p.advaloo.com/ Redirect Chain
|
323 B 389 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
t:de_chrome_67
prpops.com/p/ms9o/direct/ |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
video.php
www1.watchmygf.to/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utrlmiozifhinc.php
www1.watchmygf.to/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
d.mordi.fun/d/ |
12 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| VCN boolean| camHead boolean| camhead_widget_id boolean| camHead_cookie_name boolean| nativeInjectionPlugs boolean| burst boolean| p_name boolean| p_settings boolean| p_expires boolean| p_widget_id boolean| sn boolean| snId boolean| snCN boolean| tars boolean| camHead_Url boolean| vOw function| vOwf boolean| vOwb boolean| vOwbi boolean| vOwv boolean| vOwvi boolean| updates number| updatesId string| domains_delivery string| conf_delivery_resource_http string| conf_delivery_resource_ws string| nativeInjectionPlugsId string| integrationScriptCreatedTimestamp string| prr string| integrationTypeAdblockSafe function| PRPub2 function| getStyle number| _WiState object| pub number| timeleft number| downloadTimer object| body function| FullScreen boolean| isOldTitle string| oldTitle string| newTitle function| changeTitle boolean| prpubappended string| key0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d.mordi.fun
mediaonly.ru
my.rtmark.net
p.advaloo.com
popcash.net
prpops.com
ps.popcash.net
r.advaloo.com
wedeegut.net
www1.watchmygf.to
108.170.27.42
131.153.42.225
131.153.42.229
18.209.26.215
188.42.160.69
188.72.208.72
2606:4700:20::6819:4066
2606:4700:20::6819:b111
51.15.75.42
095e066201349f8e89bb5803bea9dbda811ca8c81d1752ae13a2e11b3d0f55de
11bdae6d0b14d402b6f9d3e7fb18335026a7dd5d25b6dd8e64a2ba35fa47cd0e
226fec78d633cbd16180916ee3033c9c161dee03b64e30e8ef1a156686d3c7d0
3767ac7302b1c8eb0ea342f53df77f4ca69db7215990b89f246e1ec8a5b6870e
56f3b462cf1aa7ff31f5ee65c5c82dbfa56cd763ef74d09f483759d950367297
707232a07c8d9bb58c5fc8e924df8e9064336e5f250d37c1618da8d930094e40
98f59d69f614ddb040a15e861ac7691dfd5cb00d4510018f89df448be4024def
a62f0488604fc0ab99ce23adc10c24421864209fe6d150f790259e2a1363475e