urlscan.io logo urlscan.io
SecurityTrails logo

tgp1.brazzersnetwork.com Open in urlscan Pro
66.254.114.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bbcnews-h8rgzb.kmg1.xyz/
Effective URL: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&at...
Submission: On February 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 25 domains to perform 49 HTTP transactions. The main IP is 66.254.114.234, located in and belongs to . The main domain is tgp1.brazzersnetwork.com.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.
This is the only time tgp1.brazzersnetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 154.12.254.12 40021 (NL-811-40021)
1 209.126.85.168 40021 (NL-811-40021)
9 142.251.40.142 15169 (GOOGLE)
1 2 142.251.40.194 15169 (GOOGLE)
1 142.250.65.230 15169 (GOOGLE)
4 142.250.65.170 15169 (GOOGLE)
1 142.250.176.196 15169 (GOOGLE)
1 142.250.176.214 15169 (GOOGLE)
1 142.250.65.161 15169 (GOOGLE)
2 142.250.80.99 15169 (GOOGLE)
1 104.22.74.171 13335 (CLOUDFLAR...)
1 104.18.12.192 13335 (CLOUDFLAR...)
1 1 54.164.199.24 14618 (AMAZON-AES)
1 1 64.227.23.114 14061 (DIGITALOC...)
2 67.212.184.147 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 37.58.56.244 28753 (LEASEWEB-...)
8 88.208.60.53 39572 (ADVANCEDH...)
2 185.162.85.3 39572 (ADVANCEDH...)
1 2 185.162.85.20 ()
1 208.74.150.138 27589 (MOJOHOST)
3 3 216.18.168.28 ()
1 2 68.169.106.76 30602 (ISPRIME)
1 1 3.213.54.82 ()
1 66.254.114.234 ()
49 22
1    154.12.254.12 (New York, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1579699.contaboserver.net
bbcnews-h8rgzb.kmg1.xyz
1    209.126.85.168 (United States)

ASN40021 (NL-811-40021, US)
PTR: vmi964601.contaboserver.net
lacabrahd.com
9    142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net
www.youtube.com
2    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
static.doubleclick.net
4    142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
jnn-pa.googleapis.com
1    142.250.176.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net
www.google.com
1    142.250.176.214 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f22.1e100.net
i.ytimg.com
1    142.250.65.161 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f1.1e100.net
yt3.ggpht.com
2    142.250.80.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f3.1e100.net
www.gstatic.com
1    104.22.74.171 (None, )

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
1    104.18.12.192 (None, )

ASN13335 (CLOUDFLARENET, US)
llorens.nyc3.cdn.digitaloceanspaces.com
1    54.164.199.24 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-199-24.compute-1.amazonaws.com
rb.gy
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
2    67.212.184.147 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
my.contentrightnow.com
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.cimentbuilder.one
1    37.58.56.244 (Delmenhorst, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
clickon.icu
8    88.208.60.53 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
leadnote.me
2    185.162.85.3 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
mdakky.com
2    185.162.85.20 (Amsterdam, Netherlands)

ASN- ()
wokoez.com
1    208.74.150.138 (United States)

ASN27589 (MOJOHOST, US)
PTR: gold.hosthead.com
go.ero-advertising.com
3    216.18.168.28 (United States)

ASN- ()
trafforsrv.com
2    68.169.106.76 (United States)

ASN30602 (ISPRIME, US)
s.pemsrv.com
1    3.213.54.82 (None, )

ASN- ()
t.trk-vod.com
1    66.254.114.234 (None, )

ASN- ()
tgp1.brazzersnetwork.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
1009 KB
8 leadnote.me
leadnote.me
49 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230
40 KB
3 trafforsrv.com
trafforsrv.com — Cisco Umbrella Rank: 105066
1 KB
3 cimentbuilder.one
www.cimentbuilder.one
5 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 271
1 KB
2 pemsrv.com
s.pemsrv.com — Cisco Umbrella Rank: 20945
3 KB
2 wokoez.com
wokoez.com — Cisco Umbrella Rank: 370594
1 KB
2 mdakky.com
mdakky.com — Cisco Umbrella Rank: 31501
201 B
2 contentrightnow.com
my.contentrightnow.com
4 KB
2 gstatic.com
fonts.gstatic.com Failed
www.gstatic.com
17 KB
1 brazzersnetwork.com
tgp1.brazzersnetwork.com
1 trk-vod.com
t.trk-vod.com
680 B
1 ero-advertising.com
go.ero-advertising.com — Cisco Umbrella Rank: 723669
497 B
1 clickon.icu
clickon.icu
866 B
1 thegadgetguru.club
polo.thegadgetguru.club
292 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 120877
225 B
1 digitaloceanspaces.com
llorens.nyc3.cdn.digitaloceanspaces.com
932 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14172
32 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 218
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
74 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
play.google.com Failed
20 KB
1 lacabrahd.com
lacabrahd.com — Cisco Umbrella Rank: 393685
2 KB
1 kmg1.xyz
bbcnews-h8rgzb.kmg1.xyz
2 KB
0 links-api.lat Failed
links-api.lat Failed
49 25
Domain Requested by
9 www.youtube.com bbcnews-h8rgzb.kmg1.xyz
www.youtube.com
8 leadnote.me leadnote.me
4 jnn-pa.googleapis.com www.youtube.com
3 trafforsrv.com 3 redirects
3 www.cimentbuilder.one 2 redirects my.contentrightnow.com
2 s.pemsrv.com 1 redirects go.ero-advertising.com
2 wokoez.com 1 redirects leadnote.me
2 mdakky.com leadnote.me
2 my.contentrightnow.com llorens.nyc3.cdn.digitaloceanspaces.com
my.contentrightnow.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 tgp1.brazzersnetwork.com s.pemsrv.com
1 t.trk-vod.com 1 redirects
1 go.ero-advertising.com leadnote.me
1 clickon.icu www.cimentbuilder.one
1 polo.thegadgetguru.club 1 redirects
1 rb.gy 1 redirects
1 llorens.nyc3.cdn.digitaloceanspaces.com bbcnews-h8rgzb.kmg1.xyz
1 whos.amung.us bbcnews-h8rgzb.kmg1.xyz
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 lacabrahd.com bbcnews-h8rgzb.kmg1.xyz
1 bbcnews-h8rgzb.kmg1.xyz
0 play.google.com Failed www.youtube.com
0 fonts.gstatic.com Failed www.youtube.com
0 links-api.lat Failed bbcnews-h8rgzb.kmg1.xyz
49 28

This site contains no links.

Subject Issuer Validity Valid
*.kmg1.xyz
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
lacabrahd.com
cPanel, Inc. Certification Authority		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-11 -
2024-06-09		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-04		 a year crt.sh
my.contentrightnow.com
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh
www.cimentbuilder.one
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
clickon.icu
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
leadnote.me
ZeroSSL RSA Domain Secure Site CA		 2023-12-15 -
2024-03-14		 3 months crt.sh
mdakky.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
wokoez.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
go.ero-advertising.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
pemsrv.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
brazzersnetwork.com
R3		 2024-02-09 -
2024-05-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_5158506&apb=wnfarqqkkpmk74avi51irjni
Frame ID: ECED380EFFA401B41DB576B9585C5AD0
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Frame ID: F2C92290934A1F83FF67820A2A7F627C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bbcnews-h8rgzb.kmg1.xyz/ Page URL
  2. https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html Page URL
  3. https://rb.gy/rq01eq HTTP 301
    https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lor... HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://my.contentrightnow.com/proc.php?03ef478f3f5ef852aa86cd87424f0555ddbdbacd Page URL
  5. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website... Page URL
  6. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website... HTTP 302
    https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website... HTTP 302
    https://clickon.icu/go/4995/3?subid2=rest&subid1=13000bb324d307bb92569a8a0cf4f4773a9db0219-20240... Page URL
  7. https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==ey... Page URL
  8. https://wokoez.com/cuclc?aid=3768590207159192366&t=1708375531&s=121 HTTP 302
    https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqg... Page URL
  9. https://trafforsrv.com/show_std.php?id_site=6111&id_channel=25171&uf=true HTTP 302
    https://trafforsrv.com/impression.php?channel_id=25171&id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7... HTTP 302
    https://trafforsrv.com/click.php?id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-... HTTP 302
    https://s.pemsrv.com/splash.php?idzone=5040978&type=8 Page URL
  10. https://s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fgo.ero-advertising.com%2F&t... HTTP 302
    https://t.trk-vod.com/d2190426-19e8-4977-99a7-e8416acfe3b6?campid=5158506&varid=73979864&source=po... HTTP 302
    https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6O... Page URL

Page Statistics

49
Requests

82 %
HTTPS

0 %
IPv6

25
Domains

28
Subdomains

22
IPs

5
Countries

1231 kB
Transfer

4664 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bbcnews-h8rgzb.kmg1.xyz/ Page URL
  2. https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html Page URL
  3. https://rb.gy/rq01eq HTTP 301
    https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lorenamenpc HTTP 302
    https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  4. https://my.contentrightnow.com/proc.php?03ef478f3f5ef852aa86cd87424f0555ddbdbacd Page URL
  5. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400 Page URL
  6. https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400&eyeg=b718d5afe6bc8940c632d86c2d122007&eyer=0.1255512770565863&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400&eyeg=3&eyer=0.1255512770565863&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
    https://clickon.icu/go/4995/3?subid2=rest&subid1=13000bb324d307bb92569a8a0cf4f4773a9db0219-202402-flb*5738009-ccc5a*M7337417017768542316*sl_5738009-ccc5a*9684ec3d0d042baa6f06e10331b1bfcbd5cd2104*4400-5235070z*4400 Page URL
  7. https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995 Page URL
  8. https://wokoez.com/cuclc?aid=3768590207159192366&t=1708375531&s=121 HTTP 302
    https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLBa9DnkShrC5F0H8aLq1j5UhJjOquFSRpNgQ1fFHo80GsNhtFYrZFniOMq2yQBpW5So4EsKs2EgjJYgsl86FUIiElcPuRFbFJ0u1luZ4wjPCowZ7W4Ta-GkuylrIPIIRBiFk2ARnmxdkZf2sQq_mC0FFo6b4_1Sv8LuIaZR3EjZorT8rzceR7N-LZhM2ZHN5--_C9sRjmnmKkYHBP-io1qLL99UQUT1e64a-ZZnZgoQeWbdycGm_7NaOKqQUnqQl-Icz59mQgvyO0JL-qzw32EX0LudjQkcCz0nacRWETTLhelhhJYpZKmOhZn0tubvvKH_T3PY8nmPPC-mMaifqowHLDK6eegXySl-EfcUDmU_VPoDLMlTB4IQYBDVdDfYo_W-n7_tr9tEXRdZZxsaRswmb1hQIt_oQIS3_fFW0TYzyrQYMxCxfwHfZ_6TzXdsdt6HUMghM0EhNX5_FhgSK1uhjMM8Y25O3Y_aqW-J68HiTYsUqwTkvrO9iUMAE0UZaN_B0xLxF67fpig7nHyNZZ3mTHdgp0Wi7SlkMefIQubdKD1ld1bDr7jqpcCglQLa1viFz4Ik_kMz-iKULP2HzvB2Yt0wc2l72kHAisrcJt6zoziHHiTR-2RE3yRSkHgWvIx72YGBYU8Prldyd5gRBu7jhO0iGxx06Wx5TKXpFzWEA_iyBH335nm7DMczSYcUks334eAcH-RsaCZlzQdeVFx3gMYrD5PXAmfQqKIh744mtlTdOh7Z3SSsKrGLgStZ3O9OQ6UEFex_yJ8EAnqVRt8d2EgaHLF2FnZhk3AkOHI_gCsUX3R6D19ssTlBJqr9aeJNdcIIyylo-BZTuci-CKxY_2DxxmhwimmaIsElDfy4PMZBx5qzbfdo-eu5sZ6SrLctepaifT8IkHzKn55YY67g8Z1AZlyvEbgxS4PtcG29GyBPc82FCeg4HRFkoVMRFdHAqVbm4XHbN7fCYZb-LYlxkQ= Page URL
  9. https://trafforsrv.com/show_std.php?id_site=6111&id_channel=25171&uf=true HTTP 302
    https://trafforsrv.com/impression.php?channel_id=25171&id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-dbae7d87dfdf&site_id=6111&uuid=ca838d96-ce82-47a8-953c-37eab067d714 HTTP 302
    https://trafforsrv.com/click.php?id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-dbae7d87dfdf HTTP 302
    https://s.pemsrv.com/splash.php?idzone=5040978&type=8 Page URL
  10. https://s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fgo.ero-advertising.com%2F&tested=1&check=d8cdcf4a6643800dd310ff41d0308f57&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    https://t.trk-vod.com/d2190426-19e8-4977-99a7-e8416acfe3b6?campid=5158506&varid=73979864&source=porn.com&keyword=%&tags=go,ero,advertising,com&siteid=515128&zoneid=5040978&catid=508&country=USA&format=&cost=0.0000001&tag=opc45c3VS0y3WWusousutrpdK51UtrqZnTupldK6V0rqa6ZrLJ7XU2UVz21uprtptttdK6Z0rpXSuldM6V0rpnV1bUabb7a0cV6XR0S0y3WTXUyz11UV11zOp0pzlttspm31qqo4ms00s4lrsoz4nu2rdK7kMe5AxZ7I3IbsvYOY9Q_umrllVNPLK50rpXSuldK6V0rpXSumsltosqqoodK6V0rpXSuldK6V0rpXbz0zb2TTzWa21y700aWT3V18S3cVZ3VZuD7A HTTP 302
    https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_5158506&apb=wnfarqqkkpmk74avi51irjni Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 32
  • https://rb.gy/rq01eq HTTP 301
  • https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lorenamenpc HTTP 302
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 35
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400&eyeg=b718d5afe6bc8940c632d86c2d122007&eyer=0.1255512770565863&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400&eyeg=3&eyer=0.1255512770565863&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
  • https://clickon.icu/go/4995/3?subid2=rest&subid1=13000bb324d307bb92569a8a0cf4f4773a9db0219-202402-flb*5738009-ccc5a*M7337417017768542316*sl_5738009-ccc5a*9684ec3d0d042baa6f06e10331b1bfcbd5cd2104*4400-5235070z*4400
Request Chain 47
  • https://wokoez.com/cuclc?aid=3768590207159192366&t=1708375531&s=121 HTTP 302
  • https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLBa9DnkShrC5F0H8aLq1j5UhJjOquFSRpNgQ1fFHo80GsNhtFYrZFniOMq2yQBpW5So4EsKs2EgjJYgsl86FUIiElcPuRFbFJ0u1luZ4wjPCowZ7W4Ta-GkuylrIPIIRBiFk2ARnmxdkZf2sQq_mC0FFo6b4_1Sv8LuIaZR3EjZorT8rzceR7N-LZhM2ZHN5--_C9sRjmnmKkYHBP-io1qLL99UQUT1e64a-ZZnZgoQeWbdycGm_7NaOKqQUnqQl-Icz59mQgvyO0JL-qzw32EX0LudjQkcCz0nacRWETTLhelhhJYpZKmOhZn0tubvvKH_T3PY8nmPPC-mMaifqowHLDK6eegXySl-EfcUDmU_VPoDLMlTB4IQYBDVdDfYo_W-n7_tr9tEXRdZZxsaRswmb1hQIt_oQIS3_fFW0TYzyrQYMxCxfwHfZ_6TzXdsdt6HUMghM0EhNX5_FhgSK1uhjMM8Y25O3Y_aqW-J68HiTYsUqwTkvrO9iUMAE0UZaN_B0xLxF67fpig7nHyNZZ3mTHdgp0Wi7SlkMefIQubdKD1ld1bDr7jqpcCglQLa1viFz4Ik_kMz-iKULP2HzvB2Yt0wc2l72kHAisrcJt6zoziHHiTR-2RE3yRSkHgWvIx72YGBYU8Prldyd5gRBu7jhO0iGxx06Wx5TKXpFzWEA_iyBH335nm7DMczSYcUks334eAcH-RsaCZlzQdeVFx3gMYrD5PXAmfQqKIh744mtlTdOh7Z3SSsKrGLgStZ3O9OQ6UEFex_yJ8EAnqVRt8d2EgaHLF2FnZhk3AkOHI_gCsUX3R6D19ssTlBJqr9aeJNdcIIyylo-BZTuci-CKxY_2DxxmhwimmaIsElDfy4PMZBx5qzbfdo-eu5sZ6SrLctepaifT8IkHzKn55YY67g8Z1AZlyvEbgxS4PtcG29GyBPc82FCeg4HRFkoVMRFdHAqVbm4XHbN7fCYZb-LYlxkQ=
Request Chain 48
  • https://trafforsrv.com/show_std.php?id_site=6111&id_channel=25171&uf=true HTTP 302
  • https://trafforsrv.com/impression.php?channel_id=25171&id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-dbae7d87dfdf&site_id=6111&uuid=ca838d96-ce82-47a8-953c-37eab067d714 HTTP 302
  • https://trafforsrv.com/click.php?id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-dbae7d87dfdf HTTP 302
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bbcnews-h8rgzb.kmg1.xyz/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbcnews-h8rgzb.kmg1.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.12.254.12 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS
vmi1579699.contaboserver.net
Software
nginx/1.24.0 / PHP/8.2.12
Resource Hash
1d8277c8d22795f6edf64537db2f4f7ef5a02d2cea5d9948d560711a8fea64ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
1424
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Feb 2024 20:45:15 GMT
Server
nginx/1.24.0
X-Powered-By
PHP/8.2.12
fbmultiplepais
lacabrahd.com/api/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lacabrahd.com:3069/api/scripts/fbmultiplepais?%20contador=ALGOA&owner=elcrack2&isbot=false&before=true&selectedcountry=
Requested by
Host: bbcnews-h8rgzb.kmg1.xyz
URL: https://bbcnews-h8rgzb.kmg1.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.126.85.168 , United States, ASN40021 (NL-811-40021, US),
Reverse DNS
vmi964601.contaboserver.net
Software
/ Express
Resource Hash
2e70192458476746e84a9a76adcbe13b41c444fe6f30321777abd0d701ba9dba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bbcnews-h8rgzb.kmg1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Feb 2024 20:45:25 GMT
Connection
keep-alive
X-Powered-By
Express
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Content-Type
application/javascript
data.php
links-api.lat/src/ 		0
0
mwKJfNYwvm8
www.youtube.com/embed/ Frame F2C9 		92 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Requested by
Host: bbcnews-h8rgzb.kmg1.xyz
URL: https://bbcnews-h8rgzb.kmg1.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
ESF /
Resource Hash
9165c0ff538b504680c9188a649ea6ea18273732b8bc329af382c35824391eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbcnews-h8rgzb.kmg1.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Feb 2024 20:45:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/5683fc5e/ Frame F2C9 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
sffe /
Resource Hash
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 10:01:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
38645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48183
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Feb 2025 10:01:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2C9 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2C9 		0
0
embed.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/ Frame F2C9 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
sffe /
Resource Hash
5e8c7255c99441c92156a5f1b40520c4fa563b2edf94dc7101d0e33fa7bec3ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:06:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
365900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16779
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Feb 2025 15:06:55 GMT
www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame F2C9 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
sffe /
Resource Hash
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 04:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
405434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96927
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Feb 2025 04:08:01 GMT
base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/ Frame F2C9 		2 MB
776 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
sffe /
Resource Hash
88d25b8c03e76364c6c7bbdd74f9686429648ee83a9367ee8347f8ed9e5acb11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 11:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
794425
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Feb 2025 11:21:02 GMT
id
googleads.g.doubleclick.net/pagead/ Frame F2C9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
d3d8efe45011fa1b7e25ac72ddf67227ea8d49ee1a2bb89717e0cb5dc3ae2e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 19 Feb 2024 20:45:16 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F2C9 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:36:25 GMT
x-content-type-options
nosniff
age
531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Feb 2024 20:51:25 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 19 Feb 2024 20:45:19 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F2C9 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
826671a3853d590b7027253eb6076d5041b8f01b779db3454a88245870522550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 19 Feb 2024 20:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40734
x-xss-protection
0
remote.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/ Frame F2C9 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
sffe /
Resource Hash
b40c94f7d6d8cada4666c5d047768d0c4899e81405a9f4f03061fc5fc612b1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 02:33:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
65535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33842
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Feb 2025 02:33:01 GMT
O0gGkLOwZlsvEtn_3NBcCB5b9cpchHh7fZmHe94Vfgw.js
www.google.com/js/th/ Frame F2C9 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/O0gGkLOwZlsvEtn_3NBcCB5b9cpchHh7fZmHe94Vfgw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
sffe /
Resource Hash
3b480690b3b0665b2f12d9ffdcd05c081e5bf5ca5c84787b7d99877bde157e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 12:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
30782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19804
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Feb 2025 12:12:14 GMT
sddefault.jpg
i.ytimg.com/vi/mwKJfNYwvm8/ Frame F2C9 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/mwKJfNYwvm8/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f22.1e100.net
Software
sffe /
Resource Hash
dfcf56d8662e3b5b4dfb7f985b345971d76b97d5e99f985e72d22b18620d0dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:44:08 GMT
x-content-type-options
nosniff
age
69
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74930
x-xss-protection
0
server
sffe
etag
"1700576985"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 19 Feb 2024 22:44:08 GMT
truncated
/ Frame F2C9 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
fxGKYucJAVme-Yz4fsdCroCFCrANWqw0ql4GYuvx8Uq4l_euNJHgE-w9MTkLQA805vWCi-kE0g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F2C9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/fxGKYucJAVme-Yz4fsdCroCFCrANWqw0ql4GYuvx8Uq4l_euNJHgE-w9MTkLQA805vWCi-kE0g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
fife /
Resource Hash
bcc9daa8cccb674c41f4d0b0fe433f44d1529457b345ab46c0c370519fb3efce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:12:26 GMT
x-content-type-options
nosniff
age
5570
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5298
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Feb 2024 19:12:26 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F2C9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 20:45:17 GMT
generate_204
www.youtube.com/ Frame F2C9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?tD6Z1g
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/121/ Frame F2C9 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/121/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f3.1e100.net
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 16:05:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 20 Feb 2024 19:20:30 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F2C9 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time
1708375518563
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
X-YouTube-Client-Version
1.20240213.01.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
CgtBYmNoTWRRbkZJWSjb-86uBjIKCgJVUxIEGgAgDg%3D%3D
X-YouTube-Ad-Signals
dt=1708375516101&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 19 Feb 2024 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 19 Feb 2024 20:45:20 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F2C9 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
af1f189bc43a9eea57e18dcad429305566ce7da3ee6e4fa7fc5d0cec616fe04f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 19 Feb 2024 20:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame F2C9 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time
1708375522492
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
X-YouTube-Client-Version
1.20240213.01.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
CgtBYmNoTWRRbkZJWSjb-86uBjIKCgJVUxIEGgAgDg%3D%3D
X-YouTube-Ad-Signals
dt=1708375516101&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 19 Feb 2024 20:45:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
log
play.google.com/ Frame 		0
0
atr
www.youtube.com/api/stats/ Frame F2C9 		0
0
log
play.google.com/ Frame F2C9 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame F2C9 		0
0
/
whos.amung.us/pingjs/ 		32 B
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=undefined&t=La%20Chancla~%20Le%20%20dimo%20to&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=5901
Requested by
Host: bbcnews-h8rgzb.kmg1.xyz
URL: https://bbcnews-h8rgzb.kmg1.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bbcnews-h8rgzb.kmg1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
85815a7d7d21469b-DFW
alt-svc
h3=":443"; ma=86400
content-type
text/javascript;charset=UTF-8
dgthconhperial.html
llorens.nyc3.cdn.digitaloceanspaces.com/ 		798 B
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html
Requested by
Host: bbcnews-h8rgzb.kmg1.xyz
URL: https://bbcnews-h8rgzb.kmg1.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://bbcnews-h8rgzb.kmg1.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3008
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
85815a840a832d4a-DFW
content-encoding
gzip
content-type
text/html
date
Mon, 19 Feb 2024 20:45:27 GMT
last-modified
Fri, 09 Feb 2024 17:33:29 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
tx00000d60322447774614f-0065c661f5-50576-nyc3d
x-do-cdn-uuid
62251b6e-c5c8-4bca-8a88-c44fea1a3043
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type
Normal
/
my.contentrightnow.com/
Redirect Chain
  • https://rb.gy/rq01eq
  • https://polo.thegadgetguru.club/?k=0cf174f2c7b4ef97b9ae81f34a2f3ee8&type=mainstream&subtype=global&data1=lorenamenpc
  • https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by
Host: llorens.nyc3.cdn.digitaloceanspaces.com
URL: https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
a44a7a25b19befe2c7d9b02fffc46ba8a228d91f7651068c7a7b0e326d503863

Request headers

Referer
https://llorens.nyc3.cdn.digitaloceanspaces.com/dgthconhperial.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 20:45:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Feb 2024 20:45:27 GMT
Location
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
proc.php
my.contentrightnow.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.contentrightnow.com/proc.php?03ef478f3f5ef852aa86cd87424f0555ddbdbacd
Requested by
Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash

Request headers

Referer
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 20:45:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400
pragma
no-cache
server
nginx
vary
Accept-Encoding
/
www.cimentbuilder.one/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400
Requested by
Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/proc.php?03ef478f3f5ef852aa86cd87424f0555ddbdbacd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://my.contentrightnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 19 Feb 2024 20:45:28 GMT
Transfer-Encoding
chunked
3
clickon.icu/go/4995/
Redirect Chain
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400&eyeg=b718d5afe6bc8940c632d86c2d122007&eyer=0.1255512770565863...
  • https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400&eyeg=3&eyer=0.1255512770565863&eyei=0&eyew=1600&eyeh=1200&eye...
  • https://clickon.icu/go/4995/3?subid2=rest&subid1=13000bb324d307bb92569a8a0cf4f4773a9db0219-202402-flb*5738009-ccc5a*M7337417017768542316*sl_5738009-ccc5a*9684ec3d0d042baa6f06e10331b1bfcbd5cd2104*44...
350 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clickon.icu/go/4995/3?subid2=rest&subid1=13000bb324d307bb92569a8a0cf4f4773a9db0219-202402-flb*5738009-ccc5a*M7337417017768542316*sl_5738009-ccc5a*9684ec3d0d042baa6f06e10331b1bfcbd5cd2104*4400-5235070z*4400
Requested by
Host: www.cimentbuilder.one
URL: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.58.56.244 Delmenhorst, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash

Request headers

Referer
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7337417017768542316&website=4400-5235070z&placement=4400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Encoding
identity
Content-Length
350
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Feb 2024 20:45:30 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Mon, 19 Feb 2024 20:45:30 GMT
Pragma
no-cache
Server
nginx
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Feb 2024 20:45:28 GMT
Location
https://clickon.icu/go/4995/3?subid2=rest&subid1=13000bb324d307bb92569a8a0cf4f4773a9db0219-202402-flb*5738009-ccc5a*M7337417017768542316*sl_5738009-ccc5a*9684ec3d0d042baa6f06e10331b1bfcbd5cd2104*4400-5235070z*4400
play-2
leadnote.me/ 		22 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
c20b377029d8ca879aa6016c209fb225b694d5e4d265bcf25040728a3f73c790

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 20:45:31 GMT
server
nginx/1.25.0
vary
Accept-Encoding
x-zone
eu4
icon1.png
leadnote.me/images/play-2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon1.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-1c54"
content-type
image/png
accept-ranges
bytes
x-zone
eu4
content-length
7252
icon2.png
leadnote.me/images/play-2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon2.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-11e0"
content-type
image/png
accept-ranges
bytes
x-zone
eu
content-length
4576
icon3.png
leadnote.me/images/play-2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon3.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-1ea7"
content-type
image/png
accept-ranges
bytes
x-zone
eu3
content-length
7847
icon4.png
leadnote.me/images/play-2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon4.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-1b78"
content-type
image/png
accept-ranges
bytes
x-zone
eu4
content-length
7032
icon5.png
leadnote.me/images/play-2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon5.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-cc0"
content-type
image/png
accept-ranges
bytes
x-zone
eu
content-length
3264
icon7.png
leadnote.me/images/play-2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon7.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-cd3"
content-type
image/png
accept-ranges
bytes
x-zone
eu3
content-length
3283
icon8.png
leadnote.me/images/play-2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadnote.me/images/play-2/icon8.png
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.208.60.53 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 20:45:31 GMT
last-modified
Fri, 02 Feb 2024 10:17:33 GMT
server
nginx/1.25.0
etag
"65bcc13d-fe0"
content-type
image/png
accept-ranges
bytes
x-zone
eu4
content-length
4064
rpe
mdakky.com/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1020531&st=1026641&wd=47515&d=leadnote.me&tpl=70&rnd=0.476628246182621&sbid=4995&sbid2=
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.85.3 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Feb 2024 20:45:31 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
rpe
mdakky.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdakky.com/rpe?a=1&s=1&act=12&src=2&p=1020531&st=1026641&wd=47515&d=leadnote.me&tpl=70&rnd=0.3556159250258082&sbid=4995&sbid2=
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.85.3 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Feb 2024 20:45:31 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
phtbload
wokoez.com/ 		146 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wokoez.com/phtbload?a=1&e=aeyJwaWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNX0=
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.85.20 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://leadnote.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Feb 2024 20:45:31 GMT
content-encoding
gzip
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
p_imp.go
go.ero-advertising.com/openrtb/
Redirect Chain
  • https://wokoez.com/cuclc?aid=3768590207159192366&t=1708375531&s=121
  • https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLB...
631 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLBa9DnkShrC5F0H8aLq1j5UhJjOquFSRpNgQ1fFHo80GsNhtFYrZFniOMq2yQBpW5So4EsKs2EgjJYgsl86FUIiElcPuRFbFJ0u1luZ4wjPCowZ7W4Ta-GkuylrIPIIRBiFk2ARnmxdkZf2sQq_mC0FFo6b4_1Sv8LuIaZR3EjZorT8rzceR7N-LZhM2ZHN5--_C9sRjmnmKkYHBP-io1qLL99UQUT1e64a-ZZnZgoQeWbdycGm_7NaOKqQUnqQl-Icz59mQgvyO0JL-qzw32EX0LudjQkcCz0nacRWETTLhelhhJYpZKmOhZn0tubvvKH_T3PY8nmPPC-mMaifqowHLDK6eegXySl-EfcUDmU_VPoDLMlTB4IQYBDVdDfYo_W-n7_tr9tEXRdZZxsaRswmb1hQIt_oQIS3_fFW0TYzyrQYMxCxfwHfZ_6TzXdsdt6HUMghM0EhNX5_FhgSK1uhjMM8Y25O3Y_aqW-J68HiTYsUqwTkvrO9iUMAE0UZaN_B0xLxF67fpig7nHyNZZ3mTHdgp0Wi7SlkMefIQubdKD1ld1bDr7jqpcCglQLa1viFz4Ik_kMz-iKULP2HzvB2Yt0wc2l72kHAisrcJt6zoziHHiTR-2RE3yRSkHgWvIx72YGBYU8Prldyd5gRBu7jhO0iGxx06Wx5TKXpFzWEA_iyBH335nm7DMczSYcUks334eAcH-RsaCZlzQdeVFx3gMYrD5PXAmfQqKIh744mtlTdOh7Z3SSsKrGLgStZ3O9OQ6UEFex_yJ8EAnqVRt8d2EgaHLF2FnZhk3AkOHI_gCsUX3R6D19ssTlBJqr9aeJNdcIIyylo-BZTuci-CKxY_2DxxmhwimmaIsElDfy4PMZBx5qzbfdo-eu5sZ6SrLctepaifT8IkHzKn55YY67g8Z1AZlyvEbgxS4PtcG29GyBPc82FCeg4HRFkoVMRFdHAqVbm4XHbN7fCYZb-LYlxkQ=
Requested by
Host: leadnote.me
URL: https://leadnote.me/play-2?h=waWQiOjEwMjA1MzEsInNpZCI6MTAyNjY0MSwid2lkIjo0NzUxNSwic3JjIjoyfQ==eyJ&click_id=12bpft8c00084&si1=4995
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.74.150.138 , United States, ASN27589 (MOJOHOST, US),
Reverse DNS
gold.hosthead.com
Software
nginx /
Resource Hash

Request headers

Referer
https://leadnote.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
380
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 20:45:32 GMT
server
nginx
x-backend-server
dtr-web-ea-146

Redirect headers

content-length
1303
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 20:45:32 GMT
location
https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLBa9DnkShrC5F0H8aLq1j5UhJjOquFSRpNgQ1fFHo80GsNhtFYrZFniOMq2yQBpW5So4EsKs2EgjJYgsl86FUIiElcPuRFbFJ0u1luZ4wjPCowZ7W4Ta-GkuylrIPIIRBiFk2ARnmxdkZf2sQq_mC0FFo6b4_1Sv8LuIaZR3EjZorT8rzceR7N-LZhM2ZHN5--_C9sRjmnmKkYHBP-io1qLL99UQUT1e64a-ZZnZgoQeWbdycGm_7NaOKqQUnqQl-Icz59mQgvyO0JL-qzw32EX0LudjQkcCz0nacRWETTLhelhhJYpZKmOhZn0tubvvKH_T3PY8nmPPC-mMaifqowHLDK6eegXySl-EfcUDmU_VPoDLMlTB4IQYBDVdDfYo_W-n7_tr9tEXRdZZxsaRswmb1hQIt_oQIS3_fFW0TYzyrQYMxCxfwHfZ_6TzXdsdt6HUMghM0EhNX5_FhgSK1uhjMM8Y25O3Y_aqW-J68HiTYsUqwTkvrO9iUMAE0UZaN_B0xLxF67fpig7nHyNZZ3mTHdgp0Wi7SlkMefIQubdKD1ld1bDr7jqpcCglQLa1viFz4Ik_kMz-iKULP2HzvB2Yt0wc2l72kHAisrcJt6zoziHHiTR-2RE3yRSkHgWvIx72YGBYU8Prldyd5gRBu7jhO0iGxx06Wx5TKXpFzWEA_iyBH335nm7DMczSYcUks334eAcH-RsaCZlzQdeVFx3gMYrD5PXAmfQqKIh744mtlTdOh7Z3SSsKrGLgStZ3O9OQ6UEFex_yJ8EAnqVRt8d2EgaHLF2FnZhk3AkOHI_gCsUX3R6D19ssTlBJqr9aeJNdcIIyylo-BZTuci-CKxY_2DxxmhwimmaIsElDfy4PMZBx5qzbfdo-eu5sZ6SrLctepaifT8IkHzKn55YY67g8Z1AZlyvEbgxS4PtcG29GyBPc82FCeg4HRFkoVMRFdHAqVbm4XHbN7fCYZb-LYlxkQ=
server
nginx/1.18.0
splash.php
s.pemsrv.com/
Redirect Chain
  • https://trafforsrv.com/show_std.php?id_site=6111&id_channel=25171&uf=true
  • https://trafforsrv.com/impression.php?channel_id=25171&id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-dbae7d87dfdf&site_id=6111&uuid=ca838d96-ce82-47a8-953c-37eab067d714
  • https://trafforsrv.com/click.php?id=39e52af9-c195-4f6d-ae1b-b8d3b05f8e46%3Ad7fd613d-869f-4413-aac9-dbae7d87dfdf
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Requested by
Host: go.ero-advertising.com
URL: https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLBa9DnkShrC5F0H8aLq1j5UhJjOquFSRpNgQ1fFHo80GsNhtFYrZFniOMq2yQBpW5So4EsKs2EgjJYgsl86FUIiElcPuRFbFJ0u1luZ4wjPCowZ7W4Ta-GkuylrIPIIRBiFk2ARnmxdkZf2sQq_mC0FFo6b4_1Sv8LuIaZR3EjZorT8rzceR7N-LZhM2ZHN5--_C9sRjmnmKkYHBP-io1qLL99UQUT1e64a-ZZnZgoQeWbdycGm_7NaOKqQUnqQl-Icz59mQgvyO0JL-qzw32EX0LudjQkcCz0nacRWETTLhelhhJYpZKmOhZn0tubvvKH_T3PY8nmPPC-mMaifqowHLDK6eegXySl-EfcUDmU_VPoDLMlTB4IQYBDVdDfYo_W-n7_tr9tEXRdZZxsaRswmb1hQIt_oQIS3_fFW0TYzyrQYMxCxfwHfZ_6TzXdsdt6HUMghM0EhNX5_FhgSK1uhjMM8Y25O3Y_aqW-J68HiTYsUqwTkvrO9iUMAE0UZaN_B0xLxF67fpig7nHyNZZ3mTHdgp0Wi7SlkMefIQubdKD1ld1bDr7jqpcCglQLa1viFz4Ik_kMz-iKULP2HzvB2Yt0wc2l72kHAisrcJt6zoziHHiTR-2RE3yRSkHgWvIx72YGBYU8Prldyd5gRBu7jhO0iGxx06Wx5TKXpFzWEA_iyBH335nm7DMczSYcUks334eAcH-RsaCZlzQdeVFx3gMYrD5PXAmfQqKIh744mtlTdOh7Z3SSsKrGLgStZ3O9OQ6UEFex_yJ8EAnqVRt8d2EgaHLF2FnZhk3AkOHI_gCsUX3R6D19ssTlBJqr9aeJNdcIIyylo-BZTuci-CKxY_2DxxmhwimmaIsElDfy4PMZBx5qzbfdo-eu5sZ6SrLctepaifT8IkHzKn55YY67g8Z1AZlyvEbgxS4PtcG29GyBPc82FCeg4HRFkoVMRFdHAqVbm4XHbN7fCYZb-LYlxkQ=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.76 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://go.ero-advertising.com/openrtb/p_imp.go?xref=XUvvbOfukyWoFQ_L4GgiBV_e2LIntaSbaPpfqKub8-b_WH_EDmqVqgI1iEG_EBD7Pwy0dQnWpI3R1KwsmL76t6irciuLMvVD-XiSMjWfqvKLEfTMsSLlfLIWHtXLTDLitqS-arbkoXoLwoLBa9DnkShrC5F0H8aLq1j5UhJjOquFSRpNgQ1fFHo80GsNhtFYrZFniOMq2yQBpW5So4EsKs2EgjJYgsl86FUIiElcPuRFbFJ0u1luZ4wjPCowZ7W4Ta-GkuylrIPIIRBiFk2ARnmxdkZf2sQq_mC0FFo6b4_1Sv8LuIaZR3EjZorT8rzceR7N-LZhM2ZHN5--_C9sRjmnmKkYHBP-io1qLL99UQUT1e64a-ZZnZgoQeWbdycGm_7NaOKqQUnqQl-Icz59mQgvyO0JL-qzw32EX0LudjQkcCz0nacRWETTLhelhhJYpZKmOhZn0tubvvKH_T3PY8nmPPC-mMaifqowHLDK6eegXySl-EfcUDmU_VPoDLMlTB4IQYBDVdDfYo_W-n7_tr9tEXRdZZxsaRswmb1hQIt_oQIS3_fFW0TYzyrQYMxCxfwHfZ_6TzXdsdt6HUMghM0EhNX5_FhgSK1uhjMM8Y25O3Y_aqW-J68HiTYsUqwTkvrO9iUMAE0UZaN_B0xLxF67fpig7nHyNZZ3mTHdgp0Wi7SlkMefIQubdKD1ld1bDr7jqpcCglQLa1viFz4Ik_kMz-iKULP2HzvB2Yt0wc2l72kHAisrcJt6zoziHHiTR-2RE3yRSkHgWvIx72YGBYU8Prldyd5gRBu7jhO0iGxx06Wx5TKXpFzWEA_iyBH335nm7DMczSYcUks334eAcH-RsaCZlzQdeVFx3gMYrD5PXAmfQqKIh744mtlTdOh7Z3SSsKrGLgStZ3O9OQ6UEFex_yJ8EAnqVRt8d2EgaHLF2FnZhk3AkOHI_gCsUX3R6D19ssTlBJqr9aeJNdcIIyylo-BZTuci-CKxY_2DxxmhwimmaIsElDfy4PMZBx5qzbfdo-eu5sZ6SrLctepaifT8IkHzKn55YY67g8Z1AZlyvEbgxS4PtcG29GyBPc82FCeg4HRFkoVMRFdHAqVbm4XHbN7fCYZb-LYlxkQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Access-Control-Allow-Headers
X-CH-VALUES
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Feb 2024 20:45:33 GMT
Server
nginx
Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-length
0
date
Mon, 19 Feb 2024 20:45:33 GMT
location
https://s.pemsrv.com/splash.php?idzone=5040978&type=8
server
nginx
Primary Request tgp1
tgp1.brazzersnetwork.com/
Redirect Chain
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fgo.ero-advertising.com%2F&tested=1&check=d8cdcf4a6643800dd310ff41d0308f57&screen_resolution=1600x1200&container_resolution=1600...
  • https://t.trk-vod.com/d2190426-19e8-4977-99a7-e8416acfe3b6?campid=5158506&varid=73979864&source=porn.com&keyword=%&tags=go,ero,advertising,com&siteid=515128&zoneid=5040978&catid=508&country=USA&for...
  • https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_5158506&apb=wnfarqqkkpmk74avi51irjni
923 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_5158506&apb=wnfarqqkkpmk74avi51irjni
Requested by
Host: s.pemsrv.com
URL: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.234 -, , ASN (),
Reverse DNS
Software
openresty / Juan
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
cache-control
no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 20:45:35 GMT
etag
W/"e6ab4-RWGIJ6lrSsDyMLoVED0tlRwxDac"
server
openresty
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-powered-by
Juan
x-trace
2B6AD6C3352BBF3D54656AFB2070FFF2F99DD19408D970101B0D070DE800
x-xss-protection
1; mode=block
x_ats_instance_id
214411
x_ats_instance_type
tour
x_ats_page_id
N/A
x_ats_page_type
CUSTOM

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Mon, 19 Feb 2024 20:45:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_5158506&apb=wnfarqqkkpmk74avi51irjni
pragma
no-cache
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
links-api.lat
URL
https://links-api.lat/src/data.php
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=lH9N3NT3pOUcVSvJ&ver=2&cmt=0&fs=0&rt=0.001&euri=https%3A%2F%2Fbbcnews-h8rgzb.kmg1.xyz%2F&lact=9376&cl=606756184&mos=0&volume=100&cbr=Chrome&cbrver=121.0.6167.184&c=WEB_EMBEDDED_PLAYER&cver=1.20240213.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=en_US&cr=US&len=630&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153836%2C27%2C23100%2C53633%2C60171%2C24566%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C10825%2C16149%2C9954%2C27688%2C1598%2C3460%2C1908%2C2%2C1153%2C2865%2C1685%2C1866%2C277%2C850%2C2423%2C278%2C11422&muted=0&docid=mwKJfNYwvm8
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: x4vrdVdp4lM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: AbchMdQnFIY
clickon.icu/ Name: mobitck
Value: 1
.leadnote.me/ Name: truniq
Value: 1
.leadnote.me/ Name: prompt
Value: 1
.leadnote.me/ Name: tracking
Value: 1
trafforsrv.com/ Name: sppc_uuid
Value: ca838d96-ce82-47a8-953c-37eab067d714
.pemsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265d3bdedc3f6b9.304097194026536661%22%3B%7D
.pemsrv.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v4%7C%7CUSA%7C5040978%7C73979864%7C0%7C%7C508%7C41%7C2%7C40%7C0%7C0%7C0%7C46417728%7C4736286%7C4684888%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C65d3bdedc3f6b9.304097194026536661%7C4b4a088741ec553f17bb7f0673af29d6%7C0%7Cgo.ero-advertising.com%7C1600x1200%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1708375533%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Ce241e71217c860e43b72966f09f5a95a%7Cok%22%7D

23 Console Messages

Source Level URL
Text
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/(Line 20)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bbcnews-h8rgzb.kmg1.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbcnews-h8rgzb.kmg1.xyz
clickon.icu
fonts.gstatic.com
go.ero-advertising.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lacabrahd.com
leadnote.me
links-api.lat
llorens.nyc3.cdn.digitaloceanspaces.com
mdakky.com
my.contentrightnow.com
play.google.com
polo.thegadgetguru.club
rb.gy
s.pemsrv.com
static.doubleclick.net
t.trk-vod.com
tgp1.brazzersnetwork.com
trafforsrv.com
whos.amung.us
wokoez.com
www.cimentbuilder.one
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
fonts.gstatic.com
links-api.lat
play.google.com
www.youtube.com
104.18.12.192
104.22.74.171
142.250.176.196
142.250.176.214
142.250.65.161
142.250.65.170
142.250.65.230
142.250.80.99
142.251.40.142
142.251.40.194
154.12.254.12
185.162.85.20
185.162.85.3
208.74.150.138
209.126.85.168
216.18.168.28
3.213.54.82
37.58.56.244
51.68.81.31
54.164.199.24
64.227.23.114
66.254.114.234
67.212.184.147
68.169.106.76
88.208.60.53
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
1d8277c8d22795f6edf64537db2f4f7ef5a02d2cea5d9948d560711a8fea64ef
2e70192458476746e84a9a76adcbe13b41c444fe6f30321777abd0d701ba9dba
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
3b480690b3b0665b2f12d9ffdcd05c081e5bf5ca5c84787b7d99877bde157e0c
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
5e8c7255c99441c92156a5f1b40520c4fa563b2edf94dc7101d0e33fa7bec3ed
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
826671a3853d590b7027253eb6076d5041b8f01b779db3454a88245870522550
88d25b8c03e76364c6c7bbdd74f9686429648ee83a9367ee8347f8ed9e5acb11
9165c0ff538b504680c9188a649ea6ea18273732b8bc329af382c35824391eb7
a44a7a25b19befe2c7d9b02fffc46ba8a228d91f7651068c7a7b0e326d503863
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
af1f189bc43a9eea57e18dcad429305566ce7da3ee6e4fa7fc5d0cec616fe04f
b40c94f7d6d8cada4666c5d047768d0c4899e81405a9f4f03061fc5fc612b1bd
bcc9daa8cccb674c41f4d0b0fe433f44d1529457b345ab46c0c370519fb3efce
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c20b377029d8ca879aa6016c209fb225b694d5e4d265bcf25040728a3f73c790
d3d8efe45011fa1b7e25ac72ddf67227ea8d49ee1a2bb89717e0cb5dc3ae2e3e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dfcf56d8662e3b5b4dfb7f985b345971d76b97d5e99f985e72d22b18620d0dec
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660