videov-click.com Open in urlscan Pro
2606:4700:3033::ac43:db72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL:
https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Submission: On March 15 via api (March 15th 2024, 9:56:26 pm UTC) from US — Scanned from US

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 17 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3033::ac43:db72, located in United States and belongs to CLOUDFLARENET, US. The main domain is videov-click.com.
TLS certificate: Issued by GTS CA 1P5 on March 13th 2024. Valid for: 3 months.

This is the only time videov-click.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 10	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
5 5	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
4 4	2a02:b4a:1:8:... 2a02:b4a:1:8::9419:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	45.133.44.32 45.133.44.32	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 3	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
1 1	95.216.26.241 95.216.26.241	24940 (HETZNER-AS) (HETZNER-AS)
11	2606:4700:303... 2606:4700:3033::ac43:db72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.250 139.45.197.250	() ()
9	139.45.197.251 139.45.197.251	() ()
1	139.45.195.8 139.45.195.8	() ()
38	10

10 173.214.240.15 (United States) 8 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

vitaminshopsale3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fre-book3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.182.164.180 (United States) 5 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.ppctraffic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.cpcmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.pushking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:b4a:1:8::9419:1 (Netherlands) 4 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

xtssbu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.32 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:1::6813:824c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.26.241 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.241.26.216.95.clients.your-server.de

click2up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3033::ac43:db72 (United States)

ASN13335 (CLOUDFLARENET, US)

videov-click.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (None, )

ASN- ()

laugoust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (None, )

ASN- ()

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (None, )

ASN- ()

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	videov-click.com videov-click.com	18 KB
9	jouteetu.net jouteetu.net
6	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 20595	75 KB
4	xtssbu.xyz 4 redirects xtssbu.xyz	695 B
4	fre-book3.xyz 2 redirects fre-book3.xyz	3 KB
4	freetrckr.com 4 redirects freetrckr.com — Cisco Umbrella Rank: 736582	1 KB
3	laugoust.com laugoust.com	15 KB
3	mgid.com 1 redirects c.mgid.com — Cisco Umbrella Rank: 6979 s-img.mgid.com — Cisco Umbrella Rank: 9238	27 KB
3	ppctraffic.co 3 redirects xml.ppctraffic.co	382 B
2	gstatic.com fonts.gstatic.com	31 KB
2	vitaminshopsale3.xyz 2 redirects vitaminshopsale3.xyz	607 B
1	rtmark.net my.rtmark.net	545 B
1	click2up.com 1 redirects click2up.com — Cisco Umbrella Rank: 419143	346 B
1	pushking.net 1 redirects xml.pushking.net — Cisco Umbrella Rank: 77987	652 B
1	cpcmart.com 1 redirects xml.cpcmart.com — Cisco Umbrella Rank: 954444	122 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	1 KB
0	videot-click.com Failed videot-click.com Failed
38	17

	Domain	Requested by
11	videov-click.com	fre-book3.xyz videov-click.com laugoust.com
9	jouteetu.net	laugoust.com
6	i.wmgtr.com	fre-book3.xyz
4	xtssbu.xyz	4 redirects
4	fre-book3.xyz	2 redirects fre-book3.xyz
4	freetrckr.com	4 redirects
3	laugoust.com	videov-click.com laugoust.com
3	xml.ppctraffic.co	3 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	s-img.mgid.com	fre-book3.xyz
2	vitaminshopsale3.xyz	2 redirects
1	my.rtmark.net	laugoust.com
1	click2up.com	1 redirects
1	c.mgid.com	1 redirects
1	xml.pushking.net	1 redirects
1	xml.cpcmart.com	1 redirects
1	fonts.googleapis.com	fre-book3.xyz
0	videot-click.com Failed	videov-click.com
38	18

This site contains no links.

Subject Issuer	Validity	Valid
fre-boom3.xyz R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
i.wmgtr.com R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
mgid.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
videov-click.com GTS CA 1P5	`2024-03-13` - `2024-06-11`	3 months	crt.sh
laugoust.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh

This page contains 1 frames:

Frame: https://videot-click.com/?source=my1
Frame ID: 2F03224A1E1200B42BC84B853ED2ABEA
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

http://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymi... HTTP 301
https://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJT... Page URL
https://xml.ppctraffic.co/click?s=1&tid=338&sid=e8ec294e90c3a9aa8219860faeb9cd61&rnd=691087089 HTTP 302
https://xtssbu.xyz/dsp/ph/clcm?aid=9339450216460665245&mid=0&t=1710539780&s=1054234&sid=212 HTTP 302
https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s4_9339450216460665245_212_6_0&cpa_c... HTTP 307
https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&cre... Page URL

Page Statistics

38
Requests

87 %
HTTPS

42 %
IPv6

17
Domains

18
Subdomains

10
IPs

3
Countries

171 kB
Transfer

201 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwzhzdk5ytjimwiyyzi1ytczmjkwztmwnzk1ztcxyjyyltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710365561273&rnd=28706243&js=...~311~...hbgxfzgvfzgvzayuymiu3ra==&if=1 HTTP 301
https://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwzhzdk5ytjimwiyyzi1ytczmjkwztmwnzk1ztcxyjyyltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710365561273&rnd=28706243&js=...~311~...hbgxfzgvfzgvzayuymiu3ra==&if=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.ppctraffic.co/click?s=1&tid=338&sid=e8ec294e90c3a9aa8219860faeb9cd61&rnd=691087089 HTTP 302
https://xtssbu.xyz/dsp/ph/clcm?aid=9339450216460665245&mid=0&t=1710539780&s=1054234&sid=212 HTTP 302
https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s4_9339450216460665245_212_6_0&cpa_cost=0.0002&SOURCE_ID=s212_e9e40bcf0ed14a28fbd870757199f66f&CAMPAIGN_ID=1054234&COUNTRY=US&BROWSER=Chrome&CREATIVE_ID=1419599&FORMAT=push&OS=Windows&LANG=en&ZONE_ID=s212 HTTP 307
https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwzhzdk5ytjimwiyyzi1ytczmjkwztmwnzk1ztcxyjyyltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710365561273&rnd=28706243&js=...~311~...hbgxfzgvfzgvzayuymiu3ra==&if=1 HTTP 301
https://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwzhzdk5ytjimwiyyzi1ytczmjkwztmwnzk1ztcxyjyyltmyodutmc4wmdaynjglmjilnuqln0q%3d&t=1710365561273&rnd=28706243&js=...~311~...hbgxfzgvfzgvzayuymiu3ra==&if=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://fre-book3.xyz/event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_2596_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0RlOGVjMjk0ZTkwYzNhOWFhODIxOTg2MGZhZWI5Y2Q2MSUyNnJuZCUzRDIyNjYwNzc4&t=1710539780718&rnd=123133160&i=1 HTTP 302
https://xml.ppctraffic.co/icon?sid=e8ec294e90c3a9aa8219860faeb9cd61&rnd=22660778 HTTP 302
https://xtssbu.xyz/dsp/ph/icm?aid=9339450216460665245&mid=0&sid=212&t=1710539780&subid=e9e40bcf0ed14a28fbd870757199f66f HTTP 302
https://i.wmgtr.com/cic/ro-l3vLkHUZBrNFQep11PEhFdWCDcDG8.png

Request Chain 3

https://fre-book3.xyz/event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_2595_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0QwZTg0NGFhMzYzODIzZTY5Zjg4MTNhZjUxYjIxMTI0YiUyNnJuZCUzRDIyNjYwNzc4&t=1710539780718&rnd=974977482&i=1 HTTP 302
https://xml.ppctraffic.co/icon?sid=0e844aa363823e69f8813af51b21124b&rnd=22660778 HTTP 302
https://xtssbu.xyz/dsp/ph/icm?aid=9581691992307024481&mid=0&sid=744&t=1710539780&subid=200218 HTTP 302
https://i.wmgtr.com/cic/ATioWGhHnydesQAlo27vESgciR3EYu35.png

Request Chain 6

https://xml.cpcmart.com/icon?sid=c82be0c1ee6acc024974d74fc8f9874e&rnd=954481892 HTTP 302
https://xtssbu.xyz/dsp/ph/icm?aid=8830058353388965322&mid=0&sid=212&t=1710539780&subid=491056 HTTP 302
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

Request Chain 8

https://xml.pushking.net/icon?sid=cb42a0686b7ddc2440b0b07f2645c31c&rnd=263063283 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|53n0jGp1n69beJAFhv31IJZuC4ZTsT_bIWmExtte-kDmMMNmFroZarZNjIQCa3E-wszagcwkgkLmI8Rled3HIWkZO_v7P4ZXfdcUKfD4_Go*&cid=1423484&f=1&h2=uhtLXf3QoU3zh6VX8sSo-X2g-7owh5jbwy_W6cM7XFUCir94e4kt4bd1Ct5fB6bh&rid=db2b80de-e316-11ee-be0f-c84bd6826564&psid=876234&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE0LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpJdE1Ea3ZOelF5TVRZMUx6ZzFaVFl4Tm1Wa01ERTVZelEzWmpFek56SmxNelJqWW1Jek1XUTBNVGszTG1wd1p3LndlYnA_dj0xNzEwNTM5NzgwLVlHaExNNF8xWlVBN1BZMHdwSlZJNHRJdmVQT1p3dlB2ZTd5MVBUYWVYaW8= HTTP 301
https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxNmVkMDE5YzQ3ZjEzNzJlMzRjYmIzMWQ0MTk3LmpwZw.webp?v=1710539780-YGhLM4_1ZUA7PY0wpJVI4tIvePOZwvPve7y1PTaeXio

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js Show response
fre-book3.xyz/
Redirect Chain

http://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwzhzdk5ytjimwiyyzi1ytczmjkwztm...
https://vitaminshopsale3.xyz/event_844068c2-5270-6851-e24f-37f91d1091d5_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lwzhzdk5ytjimwiyyzi1ytczmjkwzt...
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
3 KB

292ms
92ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d509f9dbeec4e3f79666bbcdb018f9b1b6a9379b116a7700b52d0146fdedf91f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 15 Mar 2024 21:56:20 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Fri, 15 Mar 2024 21:56:20 GMT
location: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 178ms
70ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Mar 2024 21:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:14:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Mar 2024 21:56:20 GMT

GET
H2

200

ro-l3vLkHUZBrNFQep11PEhFdWCDcDG8.png
i.wmgtr.com/cic/
Redirect Chain

https://fre-book3.xyz/event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_2596_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0RlOGVjMjk0ZTkwYzNhOWFhODIxOTg2MGZhZWI5Y2Q2MSUyNnJu...
https://xml.ppctraffic.co/icon?sid=e8ec294e90c3a9aa8219860faeb9cd61&rnd=22660778
https://xtssbu.xyz/dsp/ph/icm?aid=9339450216460665245&mid=0&sid=212&t=1710539780&subid=e9e40bcf0ed14a28fbd870757199f66f
https://i.wmgtr.com/cic/ro-l3vLkHUZBrNFQep11PEhFdWCDcDG8.png

19 KB
19 KB

64ms
64ms

Image
image/png

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/ro-l3vLkHUZBrNFQep11PEhFdWCDcDG8.png

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

088fdc0e75285ef42652c5d6fe08dab857e12ced28a4f06a7e1d132abb69e5ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:56:21 GMT
date: Fri, 15 Mar 2024 21:56:21 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/ro-l3vLkHUZBrNFQep11PEhFdWCDcDG8.png
date: Fri, 15 Mar 2024 21:56:21 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2

200

ATioWGhHnydesQAlo27vESgciR3EYu35.png
i.wmgtr.com/cic/
Redirect Chain

https://fre-book3.xyz/event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_2595_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0QwZTg0NGFhMzYzODIzZTY5Zjg4MTNhZjUxYjIxMTI0YiUyNnJu...
https://xml.ppctraffic.co/icon?sid=0e844aa363823e69f8813af51b21124b&rnd=22660778
https://xtssbu.xyz/dsp/ph/icm?aid=9581691992307024481&mid=0&sid=744&t=1710539780&subid=200218
https://i.wmgtr.com/cic/ATioWGhHnydesQAlo27vESgciR3EYu35.png

4 KB
5 KB

72ms
71ms

Image
image/png

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/ATioWGhHnydesQAlo27vESgciR3EYu35.png

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

c9079401c26dcf99e64e06ae0d5def352b7dfead672e679a8eae6032972ebc9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:56:21 GMT
date: Fri, 15 Mar 2024 21:56:21 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/ATioWGhHnydesQAlo27vESgciR3EYu35.png
date: Fri, 15 Mar 2024 21:56:21 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 EvEw7U-ynNK_ZNpuj-kq5Oh_oU0qz210.png
i.wmgtr.com/cim/ 7 KB
7 KB 220ms
107ms Image
image/png 45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/EvEw7U-ynNK_ZNpuj-kq5Oh_oU0qz210.png

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

09b6eef900c7a8e24be9cc14b88713900d71a2d45687f788ef2075536703d0ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:56:21 GMT
date: Fri, 15 Mar 2024 21:56:21 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 iL80WeA5u47ErxtyhjNEH6WKU07FMWNn.png
i.wmgtr.com/cim/ 16 KB
17 KB 209ms
96ms Image
image/jpeg 45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/iL80WeA5u47ErxtyhjNEH6WKU07FMWNn.png

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

6731a880f640ab663a732fa217e684b45cc927958eff65645eaaf637d0ef8c04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:56:21 GMT
date: Fri, 15 Mar 2024 21:56:21 GMT
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2

200

o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
i.wmgtr.com/cic/
Redirect Chain

https://xml.cpcmart.com/icon?sid=c82be0c1ee6acc024974d74fc8f9874e&rnd=954481892
https://xtssbu.xyz/dsp/ph/icm?aid=8830058353388965322&mid=0&sid=212&t=1710539780&subid=491056
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

21 KB
21 KB

87ms
86ms

Image
image/png

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:56:21 GMT
date: Fri, 15 Mar 2024 21:56:21 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
date: Fri, 15 Mar 2024 21:56:21 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
i.wmgtr.com/cim/ 7 KB
7 KB 229ms
117ms Image
image/png 45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

6bd9cd7785446537c145de6313a125d7c728bfd9add3f1628e547ad167cdb558

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:56:21 GMT
date: Fri, 15 Mar 2024 21:56:21 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxN...
s-img.mgid.com/g/18013314/328x328/-/
Redirect Chain

https://xml.pushking.net/icon?sid=cb42a0686b7ddc2440b0b07f2645c31c&rnd=263063283
https://c.mgid.com/c?pv=2&v=0|0|0|53n0jGp1n69beJAFhv31IJZuC4ZTsT_bIWmExtte-kDmMMNmFroZarZNjIQCa3E-wszagcwkgkLmI8Rled3HIWkZO_v7P4ZXfdcUKfD4_Go*&cid=1423484&f=1&h2=uhtLXf3QoU3zh6VX8sSo-X2g-7owh5jbwy_...
https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

14 KB
14 KB

43ms
42ms

Image
image/webp

2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxNmVkMDE5YzQ3ZjEzNzJlMzRjYmIzMWQ0MTk3LmpwZw.webp?v=1710539780-YGhLM4_1ZUA7PY0wpJVI4tIvePOZwvPve7y1PTaeXio

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4523c31982d872ec21a6a4575a24a1bc374397d36e12ef59dbe23e8b9a045e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 51178de5-2e0e-4f78-8352-21c6a7806b8f
age: 1478614
alt-svc: h3=":443"; ma=86400
content-length: 14492
last-modified: Fri, 08 Dec 2023 00:33:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fc0c15df112a3-MIA

Redirect headers

date: Fri, 15 Mar 2024 21:56:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 545dc5aa-3b47-492a-a244-35682ea4781f
server: cloudflare
location: https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxNmVkMDE5YzQ3ZjEzNzJlMzRjYmIzMWQ0MTk3LmpwZw.webp?v=1710539780-YGhLM4_1ZUA7PY0wpJVI4tIvePOZwvPve7y1PTaeXio
cf-ray: 864fc0c0ed5e12a3-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5Lzc0MjE2NS84NWU2M...
s-img.mgid.com/g/18013314/453x227/-/ 12 KB
13 KB 110ms
40ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013314/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5Lzc0MjE2NS84NWU2MTZlZDAxOWM0N2YxMzcyZTM0Y2JiMzFkNDE5Ny5qcGc.webp?v=1710539780-vpL5xynss7BZL_zBs7fqaIZcTJoMrOGU_qKmHw7g0Sw

Requested by

Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0e144c4ea8c5744210c578b16a9963a82478474c4d9254f2a7eb5b5e6fa3101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fre-book3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: ddf6982a-f838-49ce-a2a3-b4f89b168421
age: 3401184
alt-svc: h3=":443"; ma=86400
content-length: 12524
last-modified: Fri, 08 Dec 2023 00:33:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fc0bf7bb312a3-MIA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 175ms
65ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fre-book3.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 22:23:06 GMT
x-content-type-options: nosniff
age: 171195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 22:23:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 162ms
52ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fre-book3.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 22:22:43 GMT
x-content-type-options: nosniff
age: 171218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 22:22:43 GMT

GET
H2 200 event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_0_2000 Show response
fre-book3.xyz/ 118 B
207 B 93ms
93ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fre-book3.xyz/event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wcGN0cmFmZmljLmNvJTIyJTJDJTIydSUyMiUzQSU1QiUyMjMzOC1lOGVjMjk0ZTkwYzNhOWFhODIxOTg2MGZhZWI5Y2Q2MS0yNTk2LTAuMDAwMDgyJTIyJTJDJTIyMzM4LTBlODQ0YWEzNjM4MjNlNjlmODgxM2FmNTFiMjExMjRiLTI1OTUtMC4wMDIzMjUlMjIlNUQlN0Q%3D&t=1710539780718&rnd=57205928&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: fre-book3.xyz
URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 3fb0f0514266fd53a74e447b34a567a5293c9d0b0ddcf44fac481368b0d63b02

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:23 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

Primary Request / Show response
videov-click.com/
Redirect Chain

https://xml.ppctraffic.co/click?s=1&tid=338&sid=e8ec294e90c3a9aa8219860faeb9cd61&rnd=691087089
https://xtssbu.xyz/dsp/ph/clcm?aid=9339450216460665245&mid=0&t=1710539780&s=1054234&sid=212
https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s4_9339450216460665245_212_6_0&cpa_cost=0.0002&SOURCE_ID=s212_e9e40bcf0ed14a28fbd870757199f66f&CAMPAIGN_ID=1054234&COUNTRY=US&BROWSER=Ch...
https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599

7 KB
2 KB

510ms
379ms

Document
text/html

2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Requested by: Host: fre-book3.xyz
URL: https://fre-book3.xyz/event_a0c75fc9-fc44-4807-8f41-4ed1064bd740_6_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wcGN0cmFmZmljLmNvJTIyJTJDJTIydSUyMiUzQSU1QiUyMjMzOC1lOGVjMjk0ZTkwYzNhOWFhODIxOTg2MGZhZWI5Y2Q2MS0yNTk2LTAuMDAwMDgyJTIyJTJDJTIyMzM4LTBlODQ0YWEzNjM4MjNlNjlmODgxM2FmNTFiMjExMjRiLTI1OTUtMC4wMDIzMjUlMjIlNUQlN0Q%3D&t=1710539780718&rnd=57205928&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 1db93a4a037a47f16f186378cb74d77ab5fe6824b5961fe82ff8e43dca1ce7ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 864fc0d5afe0741a-MIA
content-encoding: br
content-type: text/html
date: Fri, 15 Mar 2024 21:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYjWjY0UlYWyuXP5uMxBK0UWifAZxU13478sQUKk5inZ8rwpHfMYK%2F9vDmcBeRj1NfiOwiH8dzIekSk5ntMvHX1ZGYzfSel7H0mms2ETxFm5wY%2B2NVtEPhKl%2B1iSk6i3u6TwWGxEBdHiEbvHSOq4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

content-length: 0
date: Fri, 15 Mar 2024 21:56:37 GMT
location: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
server: Caddy
x-request-id: e16af58d-64ae-4a1b-b5b8-408f3655ffee

GET
H2 200 revopush.js Show response
videov-click.com/ 897 B
643 B 41ms
38ms Script
application/x-javascript 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videov-click.com/revopush.js
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92331bb984ac6079c4523721f5d418b4106668ca89a8a920736a8ea8ff5edc8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 25 Mar 2023 00:13:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 273718
etag: W/"641e3ca5-381"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZ%2FQ0vBqZWW%2Bwgq0iMidWTjbowV%2BHbMHQa7aP7qTDI22w1zZxwRpadGbucBVqnSVujIyRLLmId1E42NEDDrH0iq6pphVNQxWrDGDrIj2s4OypheSErv6Xdz5EbA2N9LCBlrbX%2F8ELDQMPsshLoNw"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 864fc0d81c1d741a-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 17:54:26 GMT

GET
H2 200 trls2.js Show response
videov-click.com/ 6 KB
3 KB 39ms
37ms Script
application/x-javascript 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videov-click.com/trls2.js
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1485cbdcab7b6610dd8770633d1d9c597f1a4a20115dc9aaef7a514f2a73091

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 25 Mar 2023 00:13:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 268677
etag: W/"641e3ca5-1874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTlOA0iw%2FYdFj4WGMTpcAfK6FQ3HDZ44MOSSj0UdMrZhl%2FFVrTjjv5VMDwMW64pJD7xc%2F06KI9goNQivl10ObPGMnraXxYp9e3tUCIRw%2F6dgDIfBwLQT%2BXKCZ0cryZrvliT%2B848%2Fb9Gj%2B2J1s3bZ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 864fc0d81c1e741a-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 19:18:27 GMT

GET
H2 200 icon1.png
videov-click.com/img/ 1 KB
2 KB 41ms
40ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon1.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c25aeb8ae447414c2452cfd407b66c5b7f548c671fbd16905f76d7ce50d9e33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1487904
alt-svc: h3=":443"; ma=86400
content-length: 1353
last-modified: Sat, 25 Mar 2023 00:13:26 GMT
server: cloudflare
etag: "641e3ca6-549"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WjCrwQFAa0MLnkTpyXXsFOylzVPC7USnfi6SXq%2FhokGYW3DcTjNIPdf2NWmC%2B%2BYjvN1l%2FfxyJl1DsUPhgTZTghYzy1Ejd7gUEHlXHHbvPnGqEUkXcJUCO75%2FRBiLk%2FvsDGq57uECSaTSQnhFOTAo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d81c1f741a-MIA
expires: Thu, 28 Mar 2024 16:38:00 GMT

GET
H2 200 icon2.png
videov-click.com/img/ 698 B
1 KB 37ms
36ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon2.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da853be46a4cc5426bfd333bd80b3d71f84be19cdfd51e075e9357bf61c3134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1483631
alt-svc: h3=":443"; ma=86400
content-length: 698
last-modified: Sat, 25 Mar 2023 00:13:26 GMT
server: cloudflare
etag: "641e3ca6-2ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WE2YeL6F%2Fshbxz6gIpproOOrSkbQYdlYSGmSCwzUy%2FqNcGQybBiWuHqv3O3JRs8hpAHkJDf9BXPC5Om3omvtrAjWiBeFpKvTdPLa7Z4bozogokNyWUqFTzlXLOtqQrpht43ZCXDI0J4bQmdRBzCy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d81c21741a-MIA
expires: Thu, 28 Mar 2024 17:49:12 GMT

GET
H2 200 icon3.png
videov-click.com/img/ 1 KB
2 KB 38ms
36ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon3.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2845e848fdb06dddaa4f6f7b88a652464b553e1aa303df61bf964af4f15900ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70154
alt-svc: h3=":443"; ma=86400
content-length: 1395
last-modified: Sat, 25 Mar 2023 00:13:26 GMT
server: cloudflare
etag: "641e3ca6-573"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YA7ER2ovG7svpDgrmoMxEw7d1W7%2BHRtsqnMT18Sk9FPp%2Fl9dauPogVpJ7jfagFIKPtGC7Ol%2Brpj9x0Tma%2BQU6t0Tqy17gkfbbRiqmpB6hLrtPljFeS7dcfhCNQszRYVDgXG90hWGJkrFH0tJkNEb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d85c80741a-MIA
expires: Sun, 14 Apr 2024 02:27:11 GMT

GET
H2 200 icon4.png
videov-click.com/img/ 1 KB
2 KB 37ms
37ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon4.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8549bddab61faba0f2287b4760376ad1405d109eadf8d96bcc80c323733b1af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1472669
alt-svc: h3=":443"; ma=86400
content-length: 1291
last-modified: Sat, 25 Mar 2023 00:13:26 GMT
server: cloudflare
etag: "641e3ca6-50b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuXLLjPNaW7YEmYmcrL%2B25tztLpn4ciFJMDp5RJ%2FJ7SIXfQWd4jIFfyS8AqijXns3qjfE1UL%2F7%2F4wdtjt0up14C2LucJtBfYrmPTIA9DwlIFTmEP17AvYdFE2CsicmPmtMsd4KYxRei2tLL2xVBY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d85c8f741a-MIA
expires: Thu, 28 Mar 2024 20:51:56 GMT

GET
H2 200 icon5.png
videov-click.com/img/ 1 KB
1 KB 42ms
41ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon5.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a55e66b4fcc7af48c9a81c6b1c79d5b03c7dc666b844ba3e5c7df0c8a06b0b18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1472669
alt-svc: h3=":443"; ma=86400
content-length: 1077
last-modified: Sat, 25 Mar 2023 00:13:27 GMT
server: cloudflare
etag: "641e3ca7-435"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWTh9caz3Ahun8ZZgmo5tT7l0Sza7ZC%2FmTHltl3LDks27nBlgLaNNQ%2Fs%2BsRUuX4gawIWVXQ%2BHhXXO6Kvsz6NcTmJ7Pdb21yglYBhR%2BX0qUzVzK%2FV%2FqLxwOtQB8ly8YztCljoGXC6f61J16ZpjLrB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d85c97741a-MIA
expires: Thu, 28 Mar 2024 20:51:56 GMT

GET
H2 200 icon7.png
videov-click.com/img/ 1 KB
1 KB 39ms
38ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon7.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914b840c0c3949faceb0ad636c3ab24f9c2e6f0f66b3af746b698ea440cda7ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1348601
alt-svc: h3=":443"; ma=86400
content-length: 1041
last-modified: Sat, 25 Mar 2023 00:13:26 GMT
server: cloudflare
etag: "641e3ca6-411"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnPxCjqhofukapVIjqtkzp6gPsf9JH5L%2BQrhMUdFwDagyTkK%2F08kF9eQ0BQFg%2FvGnktc167KXMGZ1E6rZh8FtP9swnHtBfVdvcwmbm7UMU4j4I%2BVNmJwibbK3aNJv3pqN495KFJ27pglFE2mW%2Fy1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d85c99741a-MIA
expires: Sat, 30 Mar 2024 07:19:43 GMT

GET
H2 200 icon8.png
videov-click.com/img/ 2 KB
2 KB 37ms
37ms Image
image/png 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videov-click.com/img/icon8.png
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd57be30805b7b54d5951739299b0f8d655fd9493cbff79a5823500a309ee9fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1487904
alt-svc: h3=":443"; ma=86400
content-length: 1834
last-modified: Sat, 25 Mar 2023 00:13:27 GMT
server: cloudflare
etag: "641e3ca7-72a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLT1eG%2F2ulhc6fD3RaWjhMAvysgZieVjwkyGFd1mFSDh2lzgxHP%2BFuwAPOlldyBnGjlNXNnASUN7QECVUoKpp1ien3m6hkAWttYU3jNJkTnjarPDUwaNf%2FtUEDHqoucqqLQ0W03115lpZ1yPp9qd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 864fc0d85c9a741a-MIA
expires: Thu, 28 Mar 2024 16:38:01 GMT

GET
H2 200 micro.tag.min.js Show response
laugoust.com/pfe/current/ 35 KB
14 KB 452ms
169ms Script
application/javascript 139.45.197.250

General

Check archive.org

Show headers Download Go to

Full URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Requested by: Host: videov-click.com
URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Mar 2024 21:56:25 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2024 08:40:28 GMT
server: nginx
etag: W/"65f014fc-8a1a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 200 custom
jouteetu.net/ 0
0 467ms
170ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions-5a6e7.js
videov-click.com/ 0
795 B 359ms
358ms Other
application/x-javascript 2606:4700:3033::ac43:db72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videov-click.com/sw-check-permissions-5a6e7.js?var=s212_e9e40bcf0ed14a28fbd870757199f66f&ymid=cnqc859r9alc738s7n7g&zoneId=5825202
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:db72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Mar 2023 09:45:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641ec2b2-236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BzmHWACuUY8y2e6nTLNT1McNrmDL8AktBTGkh7oPwKs4HN3whxvZYeLcwDeAatWmOk4qbFqS5ia5xsn80vP9XEPrrsODCeAfyiW%2FNGHFWN0almLQCaicgKF051lyC34ADmZsXb0f6U09Ymc5zoo"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 864fc0db49967420-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 21:56:25 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 462ms
171ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
laugoust.com/ 0
259 B 143ms
142ms Ping
text/plain 139.45.197.250

General

Check archive.org

Show headers Download Go to

Full URL

https://laugoust.com/zone?&pub=0&zone_id=5825202&is_mobile=false&domain=videov-click.com&var=s212_e9e40bcf0ed14a28fbd870757199f66f&ymid=cnqc859r9alc738s7n7g&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=6d62156a-af97-468e-9a1e-4138495a55aa&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: bb2899e53986dbb829044250ef2c93f2
date: Fri, 15 Mar 2024 21:56:25 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://videov-click.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 586ms
296ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 587ms
297ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js
my.rtmark.net/ 65 B
545 B 421ms
131ms Fetch
application/json 139.45.195.8

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5825202&checkDuplicate=true&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f

Requested by

Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:56:25 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://videov-click.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 588ms
299ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 577ms
298ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 235ms
235ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone
laugoust.com/ 802 B
1 KB 382ms
128ms Fetch
application/json 139.45.197.250

General

Check archive.org

Show headers Download Go to

Full URL

https://laugoust.com/zone?&pub=0&zone_id=5825202&is_mobile=false&domain=videov-click.com&var=s212_e9e40bcf0ed14a28fbd870757199f66f&ymid=cnqc859r9alc738s7n7g&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=6d62156a-af97-468e-9a1e-4138495a55aa&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://videov-click.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: abb0260fca2900c67d271237b545a572
date: Fri, 15 Mar 2024 21:56:25 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://videov-click.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 802

POST
H2 200 custom
jouteetu.net/ 0
0 190ms
189ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 163ms
163ms Ping
application/json 139.45.197.251

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: laugoust.com
URL: https://laugoust.com/pfe/current/micro.tag.min.js?z=5825202&ymid=cnqc859r9alc738s7n7g&var=s212_e9e40bcf0ed14a28fbd870757199f66f&sw=/sw-check-permissions-5a6e7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://videov-click.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET /
videot-click.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: videot-click.com
URL: https://videot-click.com/?source=my1

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 19:09:01	Name: __cf_bm Value: ktZsEyO317JFkf5ks7YjL06fbtwChcL8eCE6fKf0qS4-1710539781-1.0.1.1-BWefPfG_dKFGyaw1MVa3tbs1QKlGG7oRei_GVdsbFvySbgKB9WAI8ptJ3QNDiNKEjpq8MAjJSqPvEl44sRToOA
click2up.com/	1970-01-21 03:54:35	Name: uclick Value: zrmKlF4KPIg1grX3a2CY4yUXuTg/j8kYDadRV02Ehi3waGXLofR6ccPeedlVZhOdNrwO
click2up.com/	1970-01-21 03:54:35	Name: bcid Value: cnqc859r9alc738s7n7g
click2up.com/	1970-01-21 03:54:35	Name: cid Value: cnqc859r9alc738s7n7g

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fre-book3.xyz/sw_9e8ab678-6c66-fdd3-ce90-2aeaf242a225_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://videov-click.com/?subid=cnqc859r9alc738s7n7g&source=s212_e9e40bcf0ed14a28fbd870757199f66f&creative_id=1419599 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
click2up.com
fonts.googleapis.com
fonts.gstatic.com
fre-book3.xyz
freetrckr.com
i.wmgtr.com
jouteetu.net
laugoust.com
my.rtmark.net
s-img.mgid.com
videot-click.com
videov-click.com
vitaminshopsale3.xyz
xml.cpcmart.com
xml.ppctraffic.co
xml.pushking.net
xtssbu.xyz
videot-click.com
139.45.195.8
139.45.197.250
139.45.197.251
173.214.240.15
199.182.164.180
2606:4700:1::6813:824c
2606:4700:3033::ac43:db72
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::5f
2a02:b4a:1:8::9419:1
45.133.44.32
95.216.26.241
088fdc0e75285ef42652c5d6fe08dab857e12ced28a4f06a7e1d132abb69e5ad
09b6eef900c7a8e24be9cc14b88713900d71a2d45687f788ef2075536703d0ae
0da853be46a4cc5426bfd333bd80b3d71f84be19cdfd51e075e9357bf61c3134
1db93a4a037a47f16f186378cb74d77ab5fe6824b5961fe82ff8e43dca1ce7ed
2845e848fdb06dddaa4f6f7b88a652464b553e1aa303df61bf964af4f15900ad
3fb0f0514266fd53a74e447b34a567a5293c9d0b0ddcf44fac481368b0d63b02
5a4523c31982d872ec21a6a4575a24a1bc374397d36e12ef59dbe23e8b9a045e
6731a880f640ab663a732fa217e684b45cc927958eff65645eaaf637d0ef8c04
6bd9cd7785446537c145de6313a125d7c728bfd9add3f1628e547ad167cdb558
8c25aeb8ae447414c2452cfd407b66c5b7f548c671fbd16905f76d7ce50d9e33
914b840c0c3949faceb0ad636c3ab24f9c2e6f0f66b3af746b698ea440cda7ab
92331bb984ac6079c4523721f5d418b4106668ca89a8a920736a8ea8ff5edc8e
a0e144c4ea8c5744210c578b16a9963a82478474c4d9254f2a7eb5b5e6fa3101
a55e66b4fcc7af48c9a81c6b1c79d5b03c7dc666b844ba3e5c7df0c8a06b0b18
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb
b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c
c9079401c26dcf99e64e06ae0d5def352b7dfead672e679a8eae6032972ebc9c
cd57be30805b7b54d5951739299b0f8d655fd9493cbff79a5823500a309ee9fd
d509f9dbeec4e3f79666bbcdb018f9b1b6a9379b116a7700b52d0146fdedf91f
e1485cbdcab7b6610dd8770633d1d9c597f1a4a20115dc9aaef7a514f2a73091
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8549bddab61faba0f2287b4760376ad1405d109eadf8d96bcc80c323733b1af

videov-click.com Open in urlscan Pro 2606:4700:3033::ac43:db72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

38 Requests

87 %HTTPS

42 %IPv6

17 Domains

18 Subdomains

10 IPs

3 Countries

171 kBTransfer

201 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

videov-click.com Open in urlscan Pro
2606:4700:3033::ac43:db72 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

87 %
HTTPS

42 %
IPv6

17
Domains

18
Subdomains

10
IPs

3
Countries

171 kB
Transfer

201 kB
Size

4
Cookies

38 HTTP transactions
0 data transactions