cas.frontedmedia.biz Open in urlscan Pro
172.67.215.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cas.frontedmedia.biz/aw/lp2/index.html
Effective URL:
https://cas.frontedmedia.biz/aw/lp2/index.html
Submission: On March 29 via api (March 29th 2024, 9:01:44 pm UTC) from US — Scanned from US

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 172.67.215.178, located in United States and belongs to CLOUDFLARENET, US. The main domain is cas.frontedmedia.biz.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.

This is the only time cas.frontedmedia.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	172.67.215.178 172.67.215.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
29	4

15 172.67.215.178 (United States)

ASN13335 (CLOUDFLARENET, US)

cas.frontedmedia.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

redrotou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	frontedmedia.biz cas.frontedmedia.biz	452 KB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 33147
3	redrotou.net redrotou.net — Cisco Umbrella Rank: 475744	16 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 13511	547 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 744	30 KB
29	5

	Domain	Requested by
15	cas.frontedmedia.biz	cas.frontedmedia.biz redrotou.net
9	jouteetu.net	redrotou.net
3	redrotou.net	cas.frontedmedia.biz redrotou.net
1	my.rtmark.net	redrotou.net
1	code.jquery.com	cas.frontedmedia.biz
29	5

This site contains no links.

Subject Issuer	Validity	Valid
frontedmedia.biz GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
redrotou.net R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cas.frontedmedia.biz/aw/lp2/index.html
Frame ID: 762BA389FE57D6DA4D27D5077A150EB6
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lottery

Page URL History Show full URLs

http://cas.frontedmedia.biz/aw/lp2/index.html HTTP 307
https://cas.frontedmedia.biz/aw/lp2/index.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

499 kB
Transfer

738 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cas.frontedmedia.biz/aw/lp2/index.html HTTP 307
https://cas.frontedmedia.biz/aw/lp2/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request index.html Show response
cas.frontedmedia.biz/aw/lp2/
Redirect Chain

http://cas.frontedmedia.biz/aw/lp2/index.html
https://cas.frontedmedia.biz/aw/lp2/index.html

11 KB
3 KB

607ms
164ms

Document
text/html

172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f17b38ad93c7fd7c57fc57b89d4f48ba9ae30fc521bba3a9d34ca0d67f0ffd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86c2cbc63c058db2-MIA
content-encoding: br
content-type: text/html
date: Fri, 29 Mar 2024 21:01:35 GMT
last-modified: Wed, 20 Mar 2024 10:50:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oib9uBqOdfI5r%2FSxU%2F2VkRMeaKEhwAL66H3woHXldWzkZXScRlEV9EGHJbxIEHNrsB1mB03v3tq06YM%2FvpZGJNN2xSb6LoNrck1AYOw9%2BFo0hec%2BlLtpynLAE6Dntlkb0b9avNWTCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://cas.frontedmedia.biz/aw/lp2/index.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.css
cas.frontedmedia.biz/aw/lp2/ 185 KB
28 KB 258ms
257ms Stylesheet
text/css 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/lp2/style.css
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be8e33a27fdc61ae273a4ef3d3b31d675c8787671927bb1c322d2f6d3d3202e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 26 Nov 2023 15:09:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2e25b-60b0f93e5f480-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6i1D6dZHPRAO8yzcTn5Vrc47isdrt2Eg9a4v%2Bul2Ld%2Fk5oX%2Bs237CHXCvNDRuVa2uP5lDc%2FyrfpoCivWs2fvkl0uYjtcMtO9ZkePKfcUheSCD3xSGPFq3I4tkicFffA1HjXZrEfuuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86c2cbc74e6a8db2-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 5e0fdba73fb38_v.png
cas.frontedmedia.biz/aw/lp2/ 60 KB
60 KB 157ms
155ms Image
image/png 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba73fb38_v.png
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e86d1541b8c50dc8d8872b4fc11183c39fa4390432c75de15d1a9106b6d099d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:35 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ee3f-59b44aca30700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kiq7nBOIGnNs4cPUTFbaDM3eu6LV7P0mbo1OAGEKzJk7HpqPgOcqXqz%2FBWlF5MrOK0xV2eoLUuPsswq5%2BQ5BqW6esMf%2BiGA76hAomcliW7oMhFan8FJ%2FNgXehHYm1N29K1Ei3d6sdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc74e6e8db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 60991

GET
H3 200 5e0fdba726867_v.png
cas.frontedmedia.biz/aw/lp2/ 86 KB
86 KB 228ms
226ms Image
image/png 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba726867_v.png
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e108995332f85dbfb2cc3f22ff63c400c9da21291f344a4e974b477561e563b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:35 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1574f-59b44aca30700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FuutCi2sLyjsv45lXuNUc3MB%2F%2FdjJvqAV8mRsE1cWbSNkbQ8rSk0xba0ONPL8QDiLZX%2FEdsxrnxCrjVaB77u8940Pu%2BqTTii636Q1viQv7SviKsrYZQCrDqI6LNKYemKcTXTC3zfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc74e708db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 87887

GET
H3 200 5e0fdba7a022c_v.png
cas.frontedmedia.biz/aw/lp2/ 93 KB
93 KB 435ms
432ms Image
image/png 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba7a022c_v.png
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ad93db364db9ed4d0eb9cc838dd002d126f4c8b9dfaafee846096896d3be3a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:35 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:28:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1734a-59b44ac848280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jh5QvYIQdjR1klA2Ksnr7R0h092pgaZTs%2BywyHJcE%2BnQCtW5s6hbvbZJzSUJ08ZtGIMyAJ7ytCFplXEbyfDlwPrSCeO3zJKd9to6tAABVT5SueVqqCSVIVx6v8adXwjENufF8sahnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc8c9488db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 95050

GET
H3 200 5e0fdba7b80f3_v.png
cas.frontedmedia.biz/aw/lp2/ 78 KB
79 KB 2399ms
2397ms Image
image/png 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba7b80f3_v.png
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9623c928f9bb2c2afa96a1483a72cd3991da02c0a700f155ed7a8fcd1b5117f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:28:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1389f-59b44ac848280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TxZjbV2vJhBH%2Bq%2BQCIDjVxJ99OfAqwLcL%2B69g38slOJMWNBUpMbjh%2BJmerUg%2F1U6VDHonU1tXLx5Wtt6apSi8yaYYgXR72kxA4NMQPAyvkgbmPsYOc%2BLTk3WAPFhusLa8GaNA6gqZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc8f9b08db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 80031

GET
H3 200 5e0fdba788906_v.png
cas.frontedmedia.biz/aw/lp2/ 70 KB
71 KB 1395ms
1394ms Image
image/png 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba788906_v.png
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26103a48fb29e1d629d70aa6e3dd839d250045c829ffc0adca7c5ab9cfc6dd96

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:36 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "11927-59b44aca30700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dlx7lmL1J9Wq%2Bq656fBlUIMAYo2UTCMdFs7gd812v9IG6JmCB1Y%2BbWGZwzEWI0dTI%2BZWyt2iqFUIqjM79QjRFP7BvnUBZgyz77vsuB8nt6dbtRimS20vCCAtYKTNqQvcTY5NHVV7bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc8f9ba8db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 71975

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 192ms
32ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/
Origin: https://cas.frontedmedia.biz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 16547421
x-cache: HIT, HIT
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-mia-kmia1760056-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1711746096.677939,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 32, 24086

GET
H3 200 script.js Show response
cas.frontedmedia.biz/aw/lp2/ 670 B
801 B 1401ms
1400ms Script
application/javascript 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/lp2/script.js
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475f432f7acd656836f9aab7370a0a7903ed9d81cb90a74210ed7ab26397315d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 26 Nov 2023 12:28:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"29e-60b0d51049880-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lp2TK8tCPIwO%2B1qcp5cJOzlK7%2BAU96vMLL7mT9efy3gP6%2B5R9W7Zorhmq9%2BTkJ8qwUsaLjAe91%2B%2BKWNMHGdC%2BCz%2F6NYrGrb5%2Fw7pdvbUKLQnMUXXr72Zg6dFtPPyWnubRc5i6VbEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86c2cbc8f9b18db2-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 push.js Show response
cas.frontedmedia.biz/aw/emform/ 390 B
709 B 61ms
60ms Script
application/javascript 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/emform/push.js
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e55ff1777bc78b75a8513da1473bff3b76fa2800e1620a93073a2bfdc4192d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4900
cf-polished: origSize=432
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Mar 2024 10:44:53 GMT
server: cloudflare
etag: W/"1b0-6141547e02e65-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FqVwMA%2BTJv7rhoqneGGBwEqbhXK4Q%2FyIUx06wCCXu8knOu1sr%2B4bomwWVIZ17e6nc7Lhhrfpy5Q5GKvUvDCBU%2FCpkdBSdO4UpoihSKfLYjfNV9CfFVM1ct8J%2FydSnfHphcR%2FZhZ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86c2cbc8f9b58db2-MIA

GET
H3 200 5e0fdba683d96_v.jpg
cas.frontedmedia.biz/aw/lp2/ 19 KB
19 KB 2395ms
2395ms Image
image/jpeg 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba683d96_v.jpg
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231acb8962d803ca34eeeec3f605db78c1475008a9c19d4770805e733437cc2d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/style.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4a79-59b44aca30700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdiTBcHK2S6pJHfCMU%2FMewjP3dR%2FXhhE0IPOI%2F6y5NPq3oQJnErMatwjBKmJBZLthJMqaudv%2BibcSnSPyQTmQaqv5nP5pq6j%2FJ3VlvoJIRI40cFzcn0u6cPiqwhkUk4ybaQayf%2Ftog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc909c28db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 19065

GET
H3 200 5e0fdba7107c6_v.png
cas.frontedmedia.biz/aw/lp2/ 6 KB
6 KB 2396ms
2395ms Image
image/png 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cas.frontedmedia.biz/aw/lp2/5e0fdba7107c6_v.png
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3255497f183b46a636b2a39a063cddb1045c51aaafca45802e5b76ff6bc3e183

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/style.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 Jan 2020 23:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "166b-59b44aca30700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9%2BK3IZllChUVHe3qBlTXVe29sakzCpenMvm%2Ft6D2RGnMbYrRVz1j0nwCbvmCNV81d%2Fps3T24Svb7Am67QHp97oZ%2Fbv2vM6M2wEGiZ4S9heQLg5GodD8sBaXv%2BBL%2BaXWokuW7QxKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86c2cbc909c38db2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 5739

GET
H3 200 emform.html Show response
cas.frontedmedia.biz/aw/emform/ 6 KB
2 KB 102ms
100ms Fetch
text/html 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/emform/emform.html
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 571671d8552863dfc780b794a8e22e00fb475ed51ad5df0767aeab605c30b502

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 23 Mar 2024 14:44:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1w1u7AYwuBtVFyxj3o7ouSrB4edUUSsIJtxcLqVdGtMA7CzINLhJ1uDLOjJnYSVLjALJJDoFS6aN70ZDTdIhgnRrFrLoFaigh%2FK8YeSiBe31V0nmvFrO9%2FgTGw1j0lzMeHMWgANA%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 86c2cbd1d8a18db2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 micro.tag.min.js Show response
redrotou.net/pfe/current/ 35 KB
14 KB 570ms
176ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/emform/push.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 21:01:37 GMT
content-encoding: gzip
last-modified: Fri, 29 Mar 2024 12:16:51 GMT
server: nginx
etag: W/"6606b133-8def"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 valid.js Show response
cas.frontedmedia.biz/aw/emform/ 3 KB
2 KB 45ms
44ms Script
application/javascript 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/emform/valid.js
Requested by: Host: cas.frontedmedia.biz
URL: https://cas.frontedmedia.biz/aw/lp2/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8719532436c4bda7e29b550984f0088aef585ef09900d7dce6e8db133da7f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4895
cf-polished: origSize=4931
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 23 Mar 2024 15:38:38 GMT
server: cloudflare
etag: W/"1343-61455bbee5b80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsEZMX6wsix4Nn2EsOmpV98FlL8xZPOFG%2F0EBE6g6LXcn7MhfPOxaI19HwDzJNPDZbvrccHsQyDE%2FxjGgXlZpepi4wIjHP0q4iMo8cnkr60t7ssgJwWCp3YLdEhH7pIM%2FLPwzlOPDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86c2cbd38ae38db2-MIA

POST
H2 200 custom
jouteetu.net/ 0
0 583ms
261ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions-a505f.js
cas.frontedmedia.biz/aw/emform/ 0
748 B 43ms
43ms Other
application/javascript 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/aw/emform/sw-check-permissions-a505f.js?zoneId=7245048
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4892
cf-polished: origSize=566
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Mar 2024 09:54:44 GMT
server: cloudflare
etag: W/"236-6141494866100-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOpL88JQi%2BFJ1pjm%2BRm%2FEmBrop1Xmi44EXCEpG6T2fwrIBTwKQr15Zu8b5ufwM8RnKT41Q71dHG1oroIx%2B%2BUbqIS1qOUo6YlgBbp7EQ%2By5amxPFpN8vn%2Bj%2FnjO3QV8u1%2BJsE0hF0ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86c2cbd58df28db2-MIA

POST
H2 200 custom
jouteetu.net/ 0
0 461ms
145ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
redrotou.net/ 0
370 B 143ms
142ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://redrotou.net/zone?&pub=0&zone_id=7245048&is_mobile=false&domain=cas.frontedmedia.biz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=525a094c-fd53-4ad5-a692-d514cc8b7070&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuODYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOC4wLjAuMCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMuMC42MzEyLjg2In1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: f518fbe09fd8afa1da5043eeeacfc00d
date: Fri, 29 Mar 2024 21:01:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://cas.frontedmedia.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 579ms
264ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 573ms
260ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
547 B 459ms
146ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7245048&checkDuplicate=true&ymid=&var=

Requested by

Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0d38122b9883ab5ba16ea9da9b5669e8c1c8ffc67f143d7229202da81b5db61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cas.frontedmedia.biz
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 456ms
144ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 529ms
261ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
redrotou.net/ 802 B
1 KB 415ms
140ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://redrotou.net/zone?&pub=0&zone_id=7245048&is_mobile=false&domain=cas.frontedmedia.biz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=525a094c-fd53-4ad5-a692-d514cc8b7070&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuODYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOC4wLjAuMCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMuMC42MzEyLjg2In1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

02feb3f1ea8e816e5621f0640f3b0c8963e65d7d5d698834f2bcb65dc21aea8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: cfc129c17a67a197dcea4a9f8dbb5621
date: Fri, 29 Mar 2024 21:01:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cas.frontedmedia.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 802

GET
H3 404 favicon.ico
cas.frontedmedia.biz/ 282 B
653 B 164ms
161ms Other
text/html 172.67.215.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.frontedmedia.biz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.215.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263b537be3b77a416381921b26603ceb02e95bd17c8bcb662ad89da244731b7d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cas.frontedmedia.biz/aw/lp2/index.html
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 21:01:38 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dkz%2BRdfVetMKtOCxN6tPUAU%2BPnd%2F0EU5z6zFX5daAmdbCU7piLa8gqoWwV3aRuyDg%2FEDznaOOF3wp5BW7OsWAVLx1NMaZdjZtJ34k1c%2FW65%2FoqO94WJVdtDqGnynBNvOw6VyBB5WNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 86c2cbd87a218db2-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 133ms
132ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 133ms
132ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 133ms
132ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: redrotou.net
URL: https://redrotou.net/pfe/current/micro.tag.min.js?z=7245048&sw=../emform/sw-check-permissions-a505f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cas.frontedmedia.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-21 04:14:42	Name: ID Value: 290de0d4a6814764ba4f9c44b4a02221

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cas.frontedmedia.biz/aw/lp2/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cas.frontedmedia.biz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.frontedmedia.biz
code.jquery.com
jouteetu.net
my.rtmark.net
redrotou.net
139.45.195.8
139.45.197.251
172.67.215.178
2a04:4e42:200::649
02feb3f1ea8e816e5621f0640f3b0c8963e65d7d5d698834f2bcb65dc21aea8a
0d38122b9883ab5ba16ea9da9b5669e8c1c8ffc67f143d7229202da81b5db61e
1e108995332f85dbfb2cc3f22ff63c400c9da21291f344a4e974b477561e563b
1e86d1541b8c50dc8d8872b4fc11183c39fa4390432c75de15d1a9106b6d099d
20f17b38ad93c7fd7c57fc57b89d4f48ba9ae30fc521bba3a9d34ca0d67f0ffd
231acb8962d803ca34eeeec3f605db78c1475008a9c19d4770805e733437cc2d
26103a48fb29e1d629d70aa6e3dd839d250045c829ffc0adca7c5ab9cfc6dd96
263b537be3b77a416381921b26603ceb02e95bd17c8bcb662ad89da244731b7d
3255497f183b46a636b2a39a063cddb1045c51aaafca45802e5b76ff6bc3e183
475f432f7acd656836f9aab7370a0a7903ed9d81cb90a74210ed7ab26397315d
571671d8552863dfc780b794a8e22e00fb475ed51ad5df0767aeab605c30b502
6b8719532436c4bda7e29b550984f0088aef585ef09900d7dce6e8db133da7f1
87ad93db364db9ed4d0eb9cc838dd002d126f4c8b9dfaafee846096896d3be3a
8e55ff1777bc78b75a8513da1473bff3b76fa2800e1620a93073a2bfdc4192d4
955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c
9623c928f9bb2c2afa96a1483a72cd3991da02c0a700f155ed7a8fcd1b5117f1
9be8e33a27fdc61ae273a4ef3d3b31d675c8787671927bb1c322d2f6d3d3202e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

cas.frontedmedia.biz Open in urlscan Pro 172.67.215.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

499 kBTransfer

738 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cas.frontedmedia.biz Open in urlscan Pro
172.67.215.178 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

499 kB
Transfer

738 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions