urlscan.io logo urlscan.io
SecurityTrails logo

freecast123.com Open in urlscan Pro
2606:4700:3034::681f:4663  Public Scan

Go To Rescan Add Verdict Report
URL: http://freecast123.com/ad.html
Submission: On September 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3034::681f:4663, located in United States and belongs to CLOUDFLARENET, US. The main domain is freecast123.com.
This is the only time freecast123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
5 13 143.204.201.3 16509 (AMAZON-02)
4 35.209.6.106 19527 (GOOGLE-2)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 95.211.229.246 60781 (LEASEWEB-...)
18 5
3    2606:4700:3034::681f:4663 (United States)

ASN13335 (CLOUDFLARENET, US)
freecast123.com
13    143.204.201.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-3.fra53.r.cloudfront.net
gleaminist.info
4    35.209.6.106 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
xu2.com
2    2606:4700:3035::681b:ab49 (United States)

ASN13335 (CLOUDFLARENET, US)
crichd.sx
1    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.optnx.com
Domain Requested by
13 gleaminist.info 5 redirects freecast123.com
4 xu2.com freecast123.com
3 freecast123.com freecast123.com
2 crichd.sx freecast123.com
1 s.optnx.com freecast123.com
18 5

This site contains no links.

Subject Issuer Validity Valid
gleaminist.info
Amazon		 2019-07-02 -
2020-08-02		 a year crt.sh
optnx.com
Let's Encrypt Authority X3		 2020-08-15 -
2020-11-13		 3 months crt.sh

This page contains 18 frames:

Primary Page: http://freecast123.com/ad.html
Frame ID: 5C1DDB145C5D0AF709BD12CDDD75EA0C
Requests: 1 HTTP requests in this frame

Frame: http://freecast123.com/pop/main.html
Frame ID: D0204F92788C2D84A22D83777074DE12
Requests: 1 HTTP requests in this frame

Frame: http://freecast123.com/pop/ad.html
Frame ID: 7DFF3571EC7CE5E3B91228221D135D92
Requests: 1 HTTP requests in this frame

Frame: http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQhdr4jI6oGU3BU9GH0dEdHP3xP.b6e%2CMlmj5CTEUoJd1iCigTGlvhzcLzBeEFC2y53e28HjuzHwlZoibITIG2zrpxlxSl1owR8ZDOJEuyFhg7ZckJG8CEY-cKJAxZXQ1ua8agCy9PYd0ziXVUTgxfCOkm1k-gMsplJAtEE6MEQrKuk1LpaSuDE544lmAJacGz4ou3oMEHTm4PAKUoIE2ntc-JYeAJgYYCS9PW2LP05r9HhUYfA4N3s4Dn6TTvuuyABfJ73uLytGDZ1iomU49pHUTNMaz4iVCcwcaRVGcyhJwjpvXNeDVAf7H5P7CI6l-ezm-8GY-rxPpyb3Gd6R5g3RJ-Q2ECey7iuRTrT4FvUnufSuyMp8_Ahe_ve7jJ3TiL6mHt7CWydNRYV0U2Gi447-3UINfcameD8x713VtG5GZTyUCZYPPQfAU_v6ksIwpL-xyBb3nLWYK5yMEWeL7lhxSk-Am0Dwd7nJDhqzGxEo9N1zhVIOj38XRLs1UGRd7FFiRmCCWLI%2C
Frame ID: 30633B57C1E5EE6949E676B60AA969A9
Requests: 1 HTTP requests in this frame

Frame: http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CA2Kmo3avoGU3Bv-GH0dEdHP3xP.7c7%2CAh1QwSPuWkLCpKop8PtVmCLkFyzLEeFVvW_1Nhigp9UK3YdNhe-ShGcS_InNSB5YJNr5bMQnOGfWmglFIy09xj9Fm4XEDRuSf73PyMsb_mUtAIQjkflFnlyIR6Wnd4XbZk5h6Td8HvHfUgJpdydWsseIPIwe94la5yTrJcwtlPiNx77uWOhasgWKdDzNS9M--boiC0rcriujKwTkRA1nnkGHeXLKKSGsG5b2h0ij9Mld6hfzowMjiB6h1oL4vszHSjd8G2JeeZEbTLyMxCpHWv7GdRdTqvWmz0KgCQ118q8k-2WsDmVG0Olbxw3keYyWpqc8TaGM71cHp-aqiGp25bLMpgO5MmfHaZ07zl0uq36BBn06TtFiHA1jl1FFO1k7tj047YJpg1LDxYV2goQEPHSvKzsq-4GlBU5ov1f7dBulFUGCOdtuttSd5RjSKzbVC2AQgbggaRCTDSgGD3QOmEHTQ9lua9o5hHfbRAuw92fFsC42PJcluv9DhrDDR_U2
Frame ID: EC61CD819128BE93ACA51AA30D0A2521
Requests: 1 HTTP requests in this frame

Frame: http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQjMuI2F6oGU3Bv-GH0dEdHP3xP.23e%2CviBY80YBByVdD87mGc6vhPTJj6bbxmREr3cSdZsSPxy0fP7mrWXFsUfj8eJSMAC8NP1fPWlJsZgProtPejYelKj1pxKhxfr9wCUc3p6b08HfMbn3d2f2sopPttIGqV3l-3PIzzf-femOjGfck_EYR6z6Bv5QAeT3q2sKcp3fyvGygceOvUU-_bzVBj22mXCplgOIe30va6T4YSy7Sm_yzg4zlxcsKtNGziaHH7Eq91qRAvDRCQC66quUw52f08sLS_F6fDgh4ZhZWdGyNBcWK7klFCVcuD92gVl5DAiQe_ec17-LP5uWmXqmciTjLrOW1RnGRp4QmAq8ZfzZhhbX5MIzr8dtLmsrwAUkwhAGm4cTzR2MTSE5m6EUt-vw7SHVqPgEUOcoRpcvzZcInDJ5mE_P0n7-kRVysFYzpeI7IzwrFqVy7HHjoOsw6ElDLoGdfQ13NJo3pxrvaJzR99p9_LXjLfMeQCDtLW0r1DK-WthT94Srp9YHNEQZlx13ppRH
Frame ID: EEB8E05D3D203F17B5CE5B24AD6AC81A
Requests: 1 HTTP requests in this frame

Frame: http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2Cgja3o2YXoGU3Bv-GH0dEdHP3xP.00b%2CSd06DMbdvhQRivLZppOD-9eNBk4Z2szZF4YMsEdLfM1Qkzv6NbRE6OiZJcTf1DaoaJmLak9fx-1FovcyXbnDjhMdBRfXbd3YxWHHdWnj4AY0jWOqjwnEQ4KyuPu1JEECszHJgktLVE9-gaDf9b5GK2u4-YXNeeG72yiBMNFj0YpEaPoSMLFfFWQ5_JPDMN5caiM88AcBVkq4AANSb-913R8XEHkdUZKtsapEuQoQa9gagqc2gqiF7TGFO5Hb_V8x1kCrJ5epRu0sXg3F__9H3yICbAUfFRWMffSgUbzMFlyb-A0s4PaNpzqUsmLrIbnH9MN-D1_hko63td4Mdc0R3ujqWmXKgxTPag1c6NqMBgw5fbugPe-RMTzIIEcjLkSrJX1P48eWylmS-YPz6kNcQTTtEPG7FZlenTLDRDoHPQhrwhkvTUmcXuJvCYCmFWB3cWLVyfrvuwK3Q8rIS8MNcKK9cYAvVJj-0yWs1iIsnQtRMR3kcbYdMJuBOWc6jHc-
Frame ID: BC139A41090278C3AC09222C02E6D997
Requests: 1 HTTP requests in this frame

Frame: http://crichd.sx/ad-direct.html
Frame ID: 4D18E77753B0CEA922DCA16153A49C1D
Requests: 1 HTTP requests in this frame

Frame: http://crichd.sx/ad-direct.html
Frame ID: 8DB385F04EB8D1D3E40A9554D96DB6C4
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=794298&ref=
Frame ID: D06DE1119D719D4A13C5777F2291E2F8
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=794298&ref=
Frame ID: 930548FAEA0E34CDA5C8C46A227DF669
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=794298&ref=
Frame ID: 860933ADEED7E8488E3A4085980A1527
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=794298&ref=
Frame ID: 87901EBB2A52226E9A8D65566C94C7A0
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=642340&ref=
Frame ID: 8E64FA36046C0D6CB6A915B31E358019
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=649613&ref=
Frame ID: 301D96638F18B13F6625F53638E5677C
Requests: 1 HTTP requests in this frame

Frame: https://s.optnx.com/cimp.php?data=TVRZd01ESTROVGd4TTN3ek9EZGxOV0UzT1RnMVpUTm1Nak0xWW1JNVpXRmtaamhqTVdFM1lqRmtPQS0tfGh0dHBzOi8vYmVzdG1lZGlhdGVjaC5wb3N0YWZmaWxpYXRlcHJvLmNvbS9zY3JpcHRzL2huY2Q3OThtOT9hX2FpZD0xNSZhX2JpZD0zZjJmYTAyZiZkYXRhMT10b21hRE5LJmRhdGEyPXRvbWEzNzc3ODU3XzY4NDc4MyZjaGFuPU9QVHxodHRwc3w4Mi4xMDIuMjAuMjExfEROS3w0MXxhZG1hdmVuLmNvbXw1MzUzNDh8NDMwNjc1fDg0NTQ1N3wzNzc3ODU3fDUxM3wzMzE4Njg5fDM0MDI3MTU5fDE2fDJ8MHwwfDc0MXw2ODQ3ODN8MTB8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8RE5LfHw5OHw0fDF8fDJlMDRmMjFhYjBlNTQwODkxNjQyNWFiNjNjNWI3ZjhkfGQ0MWQ4Y2Q5OGYwMGIyMDRlOTgwMDk5OGVjZjg0MjdlfDB8Mnx8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3w3MWZmNTRlYmRkYjFlMDkwZmJmMTczZDk2ZTIzNDJjOHwwfDB8MHw2NDE4NTM4fC0xfDB8MjYxODQyNXxob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDgzfDB8MHxPS3w0MWU1NGM3NWQwMDA2YWViNjczMTdjYzU0Zjc2MWJkZA--
Frame ID: B1DBCCBEC7052DEAE5917D23601B58CD
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=641503&ref=
Frame ID: 0D31A838C4F756C252E3503947297B66
Requests: 1 HTTP requests in this frame

Frame: https://gleaminist.info/redirect?tid=664282&ref=
Frame ID: DDC4995F9F534D6424A68031C084626C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

18
Requests

6 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

2 kB
Transfer

3 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2 HTTP 302
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQhdr4jI6oGU3BU9GH0dEdHP3xP.b6e%2CMlmj5CTEUoJd1iCigTGlvhzcLzBeEFC2y53e28HjuzHwlZoibITIG2zrpxlxSl1owR8ZDOJEuyFhg7ZckJG8CEY-cKJAxZXQ1ua8agCy9PYd0ziXVUTgxfCOkm1k-gMsplJAtEE6MEQrKuk1LpaSuDE544lmAJacGz4ou3oMEHTm4PAKUoIE2ntc-JYeAJgYYCS9PW2LP05r9HhUYfA4N3s4Dn6TTvuuyABfJ73uLytGDZ1iomU49pHUTNMaz4iVCcwcaRVGcyhJwjpvXNeDVAf7H5P7CI6l-ezm-8GY-rxPpyb3Gd6R5g3RJ-Q2ECey7iuRTrT4FvUnufSuyMp8_Ahe_ve7jJ3TiL6mHt7CWydNRYV0U2Gi447-3UINfcameD8x713VtG5GZTyUCZYPPQfAU_v6ksIwpL-xyBb3nLWYK5yMEWeL7lhxSk-Am0Dwd7nJDhqzGxEo9N1zhVIOj38XRLs1UGRd7FFiRmCCWLI%2C
Request Chain 3
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2 HTTP 302
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CA2Kmo3avoGU3Bv-GH0dEdHP3xP.7c7%2CAh1QwSPuWkLCpKop8PtVmCLkFyzLEeFVvW_1Nhigp9UK3YdNhe-ShGcS_InNSB5YJNr5bMQnOGfWmglFIy09xj9Fm4XEDRuSf73PyMsb_mUtAIQjkflFnlyIR6Wnd4XbZk5h6Td8HvHfUgJpdydWsseIPIwe94la5yTrJcwtlPiNx77uWOhasgWKdDzNS9M--boiC0rcriujKwTkRA1nnkGHeXLKKSGsG5b2h0ij9Mld6hfzowMjiB6h1oL4vszHSjd8G2JeeZEbTLyMxCpHWv7GdRdTqvWmz0KgCQ118q8k-2WsDmVG0Olbxw3keYyWpqc8TaGM71cHp-aqiGp25bLMpgO5MmfHaZ07zl0uq36BBn06TtFiHA1jl1FFO1k7tj047YJpg1LDxYV2goQEPHSvKzsq-4GlBU5ov1f7dBulFUGCOdtuttSd5RjSKzbVC2AQgbggaRCTDSgGD3QOmEHTQ9lua9o5hHfbRAuw92fFsC42PJcluv9DhrDDR_U2
Request Chain 4
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2 HTTP 302
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQjMuI2F6oGU3Bv-GH0dEdHP3xP.23e%2CviBY80YBByVdD87mGc6vhPTJj6bbxmREr3cSdZsSPxy0fP7mrWXFsUfj8eJSMAC8NP1fPWlJsZgProtPejYelKj1pxKhxfr9wCUc3p6b08HfMbn3d2f2sopPttIGqV3l-3PIzzf-femOjGfck_EYR6z6Bv5QAeT3q2sKcp3fyvGygceOvUU-_bzVBj22mXCplgOIe30va6T4YSy7Sm_yzg4zlxcsKtNGziaHH7Eq91qRAvDRCQC66quUw52f08sLS_F6fDgh4ZhZWdGyNBcWK7klFCVcuD92gVl5DAiQe_ec17-LP5uWmXqmciTjLrOW1RnGRp4QmAq8ZfzZhhbX5MIzr8dtLmsrwAUkwhAGm4cTzR2MTSE5m6EUt-vw7SHVqPgEUOcoRpcvzZcInDJ5mE_P0n7-kRVysFYzpeI7IzwrFqVy7HHjoOsw6ElDLoGdfQ13NJo3pxrvaJzR99p9_LXjLfMeQCDtLW0r1DK-WthT94Srp9YHNEQZlx13ppRH
Request Chain 5
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2 HTTP 302
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2Cgja3o2YXoGU3Bv-GH0dEdHP3xP.00b%2CSd06DMbdvhQRivLZppOD-9eNBk4Z2szZF4YMsEdLfM1Qkzv6NbRE6OiZJcTf1DaoaJmLak9fx-1FovcyXbnDjhMdBRfXbd3YxWHHdWnj4AY0jWOqjwnEQ4KyuPu1JEECszHJgktLVE9-gaDf9b5GK2u4-YXNeeG72yiBMNFj0YpEaPoSMLFfFWQ5_JPDMN5caiM88AcBVkq4AANSb-913R8XEHkdUZKtsapEuQoQa9gagqc2gqiF7TGFO5Hb_V8x1kCrJ5epRu0sXg3F__9H3yICbAUfFRWMffSgUbzMFlyb-A0s4PaNpzqUsmLrIbnH9MN-D1_hko63td4Mdc0R3ujqWmXKgxTPag1c6NqMBgw5fbugPe-RMTzIIEcjLkSrJX1P48eWylmS-YPz6kNcQTTtEPG7FZlenTLDRDoHPQhrwhkvTUmcXuJvCYCmFWB3cWLVyfrvuwK3Q8rIS8MNcKK9cYAvVJj-0yWs1iIsnQtRMR3kcbYdMJuBOWc6jHc-
Request Chain 14
  • https://gleaminist.info/redirect?tid=684783&ref= HTTP 302
  • https://s.optnx.com/cimp.php?data=TVRZd01ESTROVGd4TTN3ek9EZGxOV0UzT1RnMVpUTm1Nak0xWW1JNVpXRmtaamhqTVdFM1lqRmtPQS0tfGh0dHBzOi8vYmVzdG1lZGlhdGVjaC5wb3N0YWZmaWxpYXRlcHJvLmNvbS9zY3JpcHRzL2huY2Q3OThtOT9hX2FpZD0xNSZhX2JpZD0zZjJmYTAyZiZkYXRhMT10b21hRE5LJmRhdGEyPXRvbWEzNzc3ODU3XzY4NDc4MyZjaGFuPU9QVHxodHRwc3w4Mi4xMDIuMjAuMjExfEROS3w0MXxhZG1hdmVuLmNvbXw1MzUzNDh8NDMwNjc1fDg0NTQ1N3wzNzc3ODU3fDUxM3wzMzE4Njg5fDM0MDI3MTU5fDE2fDJ8MHwwfDc0MXw2ODQ3ODN8MTB8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8RE5LfHw5OHw0fDF8fDJlMDRmMjFhYjBlNTQwODkxNjQyNWFiNjNjNWI3ZjhkfGQ0MWQ4Y2Q5OGYwMGIyMDRlOTgwMDk5OGVjZjg0MjdlfDB8Mnx8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3w3MWZmNTRlYmRkYjFlMDkwZmJmMTczZDk2ZTIzNDJjOHwwfDB8MHw2NDE4NTM4fC0xfDB8MjYxODQyNXxob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDgzfDB8MHxPS3w0MWU1NGM3NWQwMDA2YWViNjczMTdjYzU0Zjc2MWJkZA--

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ad.html
freecast123.com/ 		157 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
http://freecast123.com/ad.html
Protocol
HTTP/1.1
Server
2606:4700:3034::681f:4663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970aff4d818c7edb3f0183fcc9a5fd17533fafff63232871cc45a50b7be9cd34

Request headers

Host
freecast123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 19:50:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7af85babb1a228a02a7d2f7d9489f3821600285811; expires=Fri, 16-Oct-20 19:50:11 GMT; path=/; domain=.freecast123.com; HttpOnly; SameSite=Lax
Last-Modified
Sat, 29 Aug 2020 12:07:35 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
053a10b9610000bf14b50d0200000001
Server
cloudflare
CF-RAY
5d3d1d6f0d63bf14-FRA
Content-Encoding
gzip
main.html
freecast123.com/pop/ Frame D020 		144 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
http://freecast123.com/pop/main.html
Requested by
Host: freecast123.com
URL: http://freecast123.com/ad.html
Protocol
HTTP/1.1
Server
2606:4700:3034::681f:4663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fe435dbb976b31b6c2cd6dfe80a9381f57cb66d6580af72f063ef0d11d6376f

Request headers

Host
freecast123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://freecast123.com/ad.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d7af85babb1a228a02a7d2f7d9489f3821600285811
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freecast123.com/ad.html

Response headers

Date
Wed, 16 Sep 2020 19:50:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 30 Oct 2019 17:02:39 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
053a10ba390000bf14b50d5200000001
Server
cloudflare
CF-RAY
5d3d1d705e50bf14-FRA
Content-Encoding
gzip
ad.html
freecast123.com/pop/ Frame 7DFF 		3 KB
630 B 		Document
General
Check archive.org
Download Go to
Full URL
http://freecast123.com/pop/ad.html
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/main.html
Protocol
HTTP/1.1
Server
2606:4700:3034::681f:4663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad735ea38911d1e9c6c2be23756587f94cd5ac62a16f09e8df51bedad70f8118

Request headers

Host
freecast123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://freecast123.com/pop/main.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d7af85babb1a228a02a7d2f7d9489f3821600285811
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freecast123.com/pop/main.html

Response headers

Date
Wed, 16 Sep 2020 19:50:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 20 Jul 2020 12:10:02 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
053a10bb040000bf14b50d9200000001
Server
cloudflare
CF-RAY
5d3d1d71afa5bf14-FRA
Content-Encoding
gzip
s2iurl.php
xu2.com/script/ Frame 3063
Redirect Chain
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQhdr4jI6oGU3BU9GH0dEdHP3xP.b6e%2CMlmj5CTEUoJd1iCigTGlvhzcLzBeEFC2y53e28HjuzHwlZoibITIG2zrpxlxSl1owR8ZDOJEuyFhg7ZckJG8CE...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQhdr4jI6oGU3BU9GH0dEdHP3xP.b6e%2CMlmj5CTEUoJd1iCigTGlvhzcLzBeEFC2y53e28HjuzHwlZoibITIG2zrpxlxSl1owR8ZDOJEuyFhg7ZckJG8CEY-cKJAxZXQ1ua8agCy9PYd0ziXVUTgxfCOkm1k-gMsplJAtEE6MEQrKuk1LpaSuDE544lmAJacGz4ou3oMEHTm4PAKUoIE2ntc-JYeAJgYYCS9PW2LP05r9HhUYfA4N3s4Dn6TTvuuyABfJ73uLytGDZ1iomU49pHUTNMaz4iVCcwcaRVGcyhJwjpvXNeDVAf7H5P7CI6l-ezm-8GY-rxPpyb3Gd6R5g3RJ-Q2ECey7iuRTrT4FvUnufSuyMp8_Ahe_ve7jJ3TiL6mHt7CWydNRYV0U2Gi447-3UINfcameD8x713VtG5GZTyUCZYPPQfAU_v6ksIwpL-xyBb3nLWYK5yMEWeL7lhxSk-Am0Dwd7nJDhqzGxEo9N1zhVIOj38XRLs1UGRd7FFiRmCCWLI%2C
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Server
35.209.6.106 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
xu2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Wed, 16 Sep 2020 19:50:13 GMT
Content-Type
text/html; charset=utf-8; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Link
<//xu2.com>; rel=dns-prefetch,<//xu2.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Date
Wed, 16 Sep 2020 19:50:13 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=70f5cb41-57c1-48cd-ae12-1cece98ee29f
Set-Cookie
fv=rjgErds5qjYFrSEFqTaErTY8pdwGvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
Location
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQhdr4jI6oGU3BU9GH0dEdHP3xP.b6e%2CMlmj5CTEUoJd1iCigTGlvhzcLzBeEFC2y53e28HjuzHwlZoibITIG2zrpxlxSl1owR8ZDOJEuyFhg7ZckJG8CEY-cKJAxZXQ1ua8agCy9PYd0ziXVUTgxfCOkm1k-gMsplJAtEE6MEQrKuk1LpaSuDE544lmAJacGz4ou3oMEHTm4PAKUoIE2ntc-JYeAJgYYCS9PW2LP05r9HhUYfA4N3s4Dn6TTvuuyABfJ73uLytGDZ1iomU49pHUTNMaz4iVCcwcaRVGcyhJwjpvXNeDVAf7H5P7CI6l-ezm-8GY-rxPpyb3Gd6R5g3RJ-Q2ECey7iuRTrT4FvUnufSuyMp8_Ahe_ve7jJ3TiL6mHt7CWydNRYV0U2Gi447-3UINfcameD8x713VtG5GZTyUCZYPPQfAU_v6ksIwpL-xyBb3nLWYK5yMEWeL7lhxSk-Am0Dwd7nJDhqzGxEo9N1zhVIOj38XRLs1UGRd7FFiRmCCWLI%2C
X-Cache
Miss from cloudfront
Via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
5CgYxxCZtIKRaAZZ2jogqk4AS45lhcNfXTSxjgQQph3f8QFFyDKg6w==
s2iurl.php
xu2.com/script/ Frame EC61
Redirect Chain
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CA2Kmo3avoGU3Bv-GH0dEdHP3xP.7c7%2CAh1QwSPuWkLCpKop8PtVmCLkFyzLEeFVvW_1Nhigp9UK3YdNhe-ShGcS_InNSB5YJNr5bMQnOGfWmglFIy09xj...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CA2Kmo3avoGU3Bv-GH0dEdHP3xP.7c7%2CAh1QwSPuWkLCpKop8PtVmCLkFyzLEeFVvW_1Nhigp9UK3YdNhe-ShGcS_InNSB5YJNr5bMQnOGfWmglFIy09xj9Fm4XEDRuSf73PyMsb_mUtAIQjkflFnlyIR6Wnd4XbZk5h6Td8HvHfUgJpdydWsseIPIwe94la5yTrJcwtlPiNx77uWOhasgWKdDzNS9M--boiC0rcriujKwTkRA1nnkGHeXLKKSGsG5b2h0ij9Mld6hfzowMjiB6h1oL4vszHSjd8G2JeeZEbTLyMxCpHWv7GdRdTqvWmz0KgCQ118q8k-2WsDmVG0Olbxw3keYyWpqc8TaGM71cHp-aqiGp25bLMpgO5MmfHaZ07zl0uq36BBn06TtFiHA1jl1FFO1k7tj047YJpg1LDxYV2goQEPHSvKzsq-4GlBU5ov1f7dBulFUGCOdtuttSd5RjSKzbVC2AQgbggaRCTDSgGD3QOmEHTQ9lua9o5hHfbRAuw92fFsC42PJcluv9DhrDDR_U2
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Server
35.209.6.106 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
xu2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Wed, 16 Sep 2020 19:50:13 GMT
Content-Type
text/html; charset=utf-8; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Link
<//xu2.com>; rel=dns-prefetch,<//xu2.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Date
Wed, 16 Sep 2020 19:50:13 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=e5811f47-4f8e-4677-b614-88c5f5c875a7
Set-Cookie
fv=rjgErds5qjYFrSEFqTaErTY8pdwGvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
Location
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CA2Kmo3avoGU3Bv-GH0dEdHP3xP.7c7%2CAh1QwSPuWkLCpKop8PtVmCLkFyzLEeFVvW_1Nhigp9UK3YdNhe-ShGcS_InNSB5YJNr5bMQnOGfWmglFIy09xj9Fm4XEDRuSf73PyMsb_mUtAIQjkflFnlyIR6Wnd4XbZk5h6Td8HvHfUgJpdydWsseIPIwe94la5yTrJcwtlPiNx77uWOhasgWKdDzNS9M--boiC0rcriujKwTkRA1nnkGHeXLKKSGsG5b2h0ij9Mld6hfzowMjiB6h1oL4vszHSjd8G2JeeZEbTLyMxCpHWv7GdRdTqvWmz0KgCQ118q8k-2WsDmVG0Olbxw3keYyWpqc8TaGM71cHp-aqiGp25bLMpgO5MmfHaZ07zl0uq36BBn06TtFiHA1jl1FFO1k7tj047YJpg1LDxYV2goQEPHSvKzsq-4GlBU5ov1f7dBulFUGCOdtuttSd5RjSKzbVC2AQgbggaRCTDSgGD3QOmEHTQ9lua9o5hHfbRAuw92fFsC42PJcluv9DhrDDR_U2
X-Cache
Miss from cloudfront
Via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
Y-PuIZ06pcLUeVqmhwJ_VpjSpfpHCEifNy4cz1v0-TIBcBvrasyXVw==
s2iurl.php
xu2.com/script/ Frame EEB8
Redirect Chain
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQjMuI2F6oGU3Bv-GH0dEdHP3xP.23e%2CviBY80YBByVdD87mGc6vhPTJj6bbxmREr3cSdZsSPxy0fP7mrWXFsUfj8eJSMAC8NP1fPWlJsZgProtPejYelK...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQjMuI2F6oGU3Bv-GH0dEdHP3xP.23e%2CviBY80YBByVdD87mGc6vhPTJj6bbxmREr3cSdZsSPxy0fP7mrWXFsUfj8eJSMAC8NP1fPWlJsZgProtPejYelKj1pxKhxfr9wCUc3p6b08HfMbn3d2f2sopPttIGqV3l-3PIzzf-femOjGfck_EYR6z6Bv5QAeT3q2sKcp3fyvGygceOvUU-_bzVBj22mXCplgOIe30va6T4YSy7Sm_yzg4zlxcsKtNGziaHH7Eq91qRAvDRCQC66quUw52f08sLS_F6fDgh4ZhZWdGyNBcWK7klFCVcuD92gVl5DAiQe_ec17-LP5uWmXqmciTjLrOW1RnGRp4QmAq8ZfzZhhbX5MIzr8dtLmsrwAUkwhAGm4cTzR2MTSE5m6EUt-vw7SHVqPgEUOcoRpcvzZcInDJ5mE_P0n7-kRVysFYzpeI7IzwrFqVy7HHjoOsw6ElDLoGdfQ13NJo3pxrvaJzR99p9_LXjLfMeQCDtLW0r1DK-WthT94Srp9YHNEQZlx13ppRH
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Server
35.209.6.106 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
xu2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Wed, 16 Sep 2020 19:50:13 GMT
Content-Type
text/html; charset=utf-8; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Link
<//xu2.com>; rel=dns-prefetch,<//xu2.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Date
Wed, 16 Sep 2020 19:50:13 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=bdb0f1fa-ed21-4811-a741-dafa6c20b8f5
Set-Cookie
fv=rjgErds5qjYFrSEFqTaErTY8pdwGvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
Location
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2CQjMuI2F6oGU3Bv-GH0dEdHP3xP.23e%2CviBY80YBByVdD87mGc6vhPTJj6bbxmREr3cSdZsSPxy0fP7mrWXFsUfj8eJSMAC8NP1fPWlJsZgProtPejYelKj1pxKhxfr9wCUc3p6b08HfMbn3d2f2sopPttIGqV3l-3PIzzf-femOjGfck_EYR6z6Bv5QAeT3q2sKcp3fyvGygceOvUU-_bzVBj22mXCplgOIe30va6T4YSy7Sm_yzg4zlxcsKtNGziaHH7Eq91qRAvDRCQC66quUw52f08sLS_F6fDgh4ZhZWdGyNBcWK7klFCVcuD92gVl5DAiQe_ec17-LP5uWmXqmciTjLrOW1RnGRp4QmAq8ZfzZhhbX5MIzr8dtLmsrwAUkwhAGm4cTzR2MTSE5m6EUt-vw7SHVqPgEUOcoRpcvzZcInDJ5mE_P0n7-kRVysFYzpeI7IzwrFqVy7HHjoOsw6ElDLoGdfQ13NJo3pxrvaJzR99p9_LXjLfMeQCDtLW0r1DK-WthT94Srp9YHNEQZlx13ppRH
X-Cache
Miss from cloudfront
Via
1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
oggbjE3WRsD5YyK0bJmNkesQcXaXSduPOtu58Hz1_8_GjKeh91QNPQ==
s2iurl.php
xu2.com/script/ Frame BC13
Redirect Chain
  • http://gleaminist.info/redirect?tid=762855&ref=crichd.sx/home2
  • http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2Cgja3o2YXoGU3Bv-GH0dEdHP3xP.00b%2CSd06DMbdvhQRivLZppOD-9eNBk4Z2szZF4YMsEdLfM1Qkzv6NbRE6OiZJcTf1DaoaJmLak9fx-1FovcyXbnDjh...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2Cgja3o2YXoGU3Bv-GH0dEdHP3xP.00b%2CSd06DMbdvhQRivLZppOD-9eNBk4Z2szZF4YMsEdLfM1Qkzv6NbRE6OiZJcTf1DaoaJmLak9fx-1FovcyXbnDjhMdBRfXbd3YxWHHdWnj4AY0jWOqjwnEQ4KyuPu1JEECszHJgktLVE9-gaDf9b5GK2u4-YXNeeG72yiBMNFj0YpEaPoSMLFfFWQ5_JPDMN5caiM88AcBVkq4AANSb-913R8XEHkdUZKtsapEuQoQa9gagqc2gqiF7TGFO5Hb_V8x1kCrJ5epRu0sXg3F__9H3yICbAUfFRWMffSgUbzMFlyb-A0s4PaNpzqUsmLrIbnH9MN-D1_hko63td4Mdc0R3ujqWmXKgxTPag1c6NqMBgw5fbugPe-RMTzIIEcjLkSrJX1P48eWylmS-YPz6kNcQTTtEPG7FZlenTLDRDoHPQhrwhkvTUmcXuJvCYCmFWB3cWLVyfrvuwK3Q8rIS8MNcKK9cYAvVJj-0yWs1iIsnQtRMR3kcbYdMJuBOWc6jHc-
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Server
35.209.6.106 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
xu2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Wed, 16 Sep 2020 19:50:13 GMT
Content-Type
text/html; charset=utf-8; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Link
<//xu2.com>; rel=dns-prefetch,<//xu2.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Date
Wed, 16 Sep 2020 19:50:13 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=e69e99be-95b4-412d-841b-0c63d1aee2e7
Set-Cookie
fv=rjgErds5qjYFrSEFqTaErTY8pdwGvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
Location
http://xu2.com/script/s2iurl.php?csid=2355987&s1=762855&md=0&stamat=m%7C%2C%2Cgja3o2YXoGU3Bv-GH0dEdHP3xP.00b%2CSd06DMbdvhQRivLZppOD-9eNBk4Z2szZF4YMsEdLfM1Qkzv6NbRE6OiZJcTf1DaoaJmLak9fx-1FovcyXbnDjhMdBRfXbd3YxWHHdWnj4AY0jWOqjwnEQ4KyuPu1JEECszHJgktLVE9-gaDf9b5GK2u4-YXNeeG72yiBMNFj0YpEaPoSMLFfFWQ5_JPDMN5caiM88AcBVkq4AANSb-913R8XEHkdUZKtsapEuQoQa9gagqc2gqiF7TGFO5Hb_V8x1kCrJ5epRu0sXg3F__9H3yICbAUfFRWMffSgUbzMFlyb-A0s4PaNpzqUsmLrIbnH9MN-D1_hko63td4Mdc0R3ujqWmXKgxTPag1c6NqMBgw5fbugPe-RMTzIIEcjLkSrJX1P48eWylmS-YPz6kNcQTTtEPG7FZlenTLDRDoHPQhrwhkvTUmcXuJvCYCmFWB3cWLVyfrvuwK3Q8rIS8MNcKK9cYAvVJj-0yWs1iIsnQtRMR3kcbYdMJuBOWc6jHc-
X-Cache
Miss from cloudfront
Via
1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
l8pJpNQ0De7WG7AJtL6OxLx1-ttAnin4RgTAZ6GyDGNR51svEzBU5g==
Cookie set ad-direct.html
crichd.sx/ Frame 4D18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://crichd.sx/ad-direct.html
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:ab49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
crichd.sx
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 19:50:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8b782b2deade57af6e89809885f3c0a11600285811; expires=Fri, 16-Oct-20 19:50:11 GMT; path=/; domain=.crichd.sx; HttpOnly; SameSite=Lax
Last-Modified
Mon, 25 Feb 2019 10:35:56 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
053a10bbe000001f4144a38200000001
Server
cloudflare
CF-RAY
5d3d1d730a6d1f41-FRA
Content-Encoding
gzip
Cookie set ad-direct.html
crichd.sx/ Frame 8DB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://crichd.sx/ad-direct.html
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:ab49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
crichd.sx
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 19:50:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d97d847948840f2b6d067ab88cf6fa5ac1600285811; expires=Fri, 16-Oct-20 19:50:11 GMT; path=/; domain=.crichd.sx; HttpOnly; SameSite=Lax
Last-Modified
Mon, 25 Feb 2019 10:35:56 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
053a10bbe00000178a7cb28200000001
Server
cloudflare
CF-RAY
5d3d1d730d43178a-FRA
Content-Encoding
gzip
redirect
gleaminist.info/ Frame D06D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=794298&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=794298&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=12d45290-1ba0-4772-aead-4632b61bdfbc fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Zbpz1gufBLNHuHjx-c5_0t9Dnh0x_ZWBUqlrwIhJbEB40RS43sV5CA==
redirect
gleaminist.info/ Frame 9305 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=794298&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=794298&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=9af15d31-d08f-4b22-a698-86d71275d054 fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
yAk8Cmqh5iuw7e_EmHrIX-0CB5NHaCwhmioK_n93YM2jaBcDRNIQ8Q==
redirect
gleaminist.info/ Frame 8609 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=794298&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=794298&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=cf09f850-b120-445a-82ec-88438c228d1d fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
i_Pl_BZDWsiHsEwwwT8ikyP7cPvCeRaDg_tuFaV2Jls0PVrmZLRMNQ==
redirect
gleaminist.info/ Frame 8790 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=794298&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=794298&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=be8e3f09-53ea-41d0-a83f-ff18deb25bca fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
_DCpmGoYJw7kAj9UskboPvkOj9YSkSMbjcWV8mPM2Vuf5TdAbOTEEg==
redirect
gleaminist.info/ Frame 8E64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=642340&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=642340&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=6ca67323-422c-4033-a6af-13e2c0e8219c fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
5m4K1yf2Ez9H3SAgSxIdBF6Kk9FoG4_1HtyHSypV5nw-J3iPPtTPeg==
redirect
gleaminist.info/ Frame 301D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=649613&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=649613&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=cc542224-73ab-455b-85f3-82f42f8b5f45 fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
_eRAyXRO9Kpd0iQqG3SkBBgMEA_my9_uwnz0Ip32xV-9gKyztNrc0A==
Cookie set cimp.php
s.optnx.com/ Frame B1DB
Redirect Chain
  • https://gleaminist.info/redirect?tid=684783&ref=
  • https://s.optnx.com/cimp.php?data=TVRZd01ESTROVGd4TTN3ek9EZGxOV0UzT1RnMVpUTm1Nak0xWW1JNVpXRmtaamhqTVdFM1lqRmtPQS0tfGh0dHBzOi8vYmVzdG1lZGlhdGVjaC5wb3N0YWZmaWxpYXRlcHJvLmNvbS9zY3JpcHRzL2huY2Q3OThtOT9...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.optnx.com/cimp.php?data=TVRZd01ESTROVGd4TTN3ek9EZGxOV0UzT1RnMVpUTm1Nak0xWW1JNVpXRmtaamhqTVdFM1lqRmtPQS0tfGh0dHBzOi8vYmVzdG1lZGlhdGVjaC5wb3N0YWZmaWxpYXRlcHJvLmNvbS9zY3JpcHRzL2huY2Q3OThtOT9hX2FpZD0xNSZhX2JpZD0zZjJmYTAyZiZkYXRhMT10b21hRE5LJmRhdGEyPXRvbWEzNzc3ODU3XzY4NDc4MyZjaGFuPU9QVHxodHRwc3w4Mi4xMDIuMjAuMjExfEROS3w0MXxhZG1hdmVuLmNvbXw1MzUzNDh8NDMwNjc1fDg0NTQ1N3wzNzc3ODU3fDUxM3wzMzE4Njg5fDM0MDI3MTU5fDE2fDJ8MHwwfDc0MXw2ODQ3ODN8MTB8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8RE5LfHw5OHw0fDF8fDJlMDRmMjFhYjBlNTQwODkxNjQyNWFiNjNjNWI3ZjhkfGQ0MWQ4Y2Q5OGYwMGIyMDRlOTgwMDk5OGVjZjg0MjdlfDB8Mnx8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3w3MWZmNTRlYmRkYjFlMDkwZmJmMTczZDk2ZTIzNDJjOHwwfDB8MHw2NDE4NTM4fC0xfDB8MjYxODQyNXxob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDgzfDB8MHxPS3w0MWU1NGM3NWQwMDA2YWViNjczMTdjYzU0Zjc2MWJkZA--
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
s.optnx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 16 Sep 2020 19:50:13 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225f626c75dc54a6.25289962207562431%22%3B%7D; expires=Fri, 16 Sep 2022 19:50:13 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Content-Encoding
gzip

Redirect headers

status
302
content-type
text/plain
content-length
0
location
https://s.optnx.com/cimp.php?data=TVRZd01ESTROVGd4TTN3ek9EZGxOV0UzT1RnMVpUTm1Nak0xWW1JNVpXRmtaamhqTVdFM1lqRmtPQS0tfGh0dHBzOi8vYmVzdG1lZGlhdGVjaC5wb3N0YWZmaWxpYXRlcHJvLmNvbS9zY3JpcHRzL2huY2Q3OThtOT9hX2FpZD0xNSZhX2JpZD0zZjJmYTAyZiZkYXRhMT10b21hRE5LJmRhdGEyPXRvbWEzNzc3ODU3XzY4NDc4MyZjaGFuPU9QVHxodHRwc3w4Mi4xMDIuMjAuMjExfEROS3w0MXxhZG1hdmVuLmNvbXw1MzUzNDh8NDMwNjc1fDg0NTQ1N3wzNzc3ODU3fDUxM3wzMzE4Njg5fDM0MDI3MTU5fDE2fDJ8MHwwfDc0MXw2ODQ3ODN8MTB8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8RE5LfHw5OHw0fDF8fDJlMDRmMjFhYjBlNTQwODkxNjQyNWFiNjNjNWI3ZjhkfGQ0MWQ4Y2Q5OGYwMGIyMDRlOTgwMDk5OGVjZjg0MjdlfDB8Mnx8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3w3MWZmNTRlYmRkYjFlMDkwZmJmMTczZDk2ZTIzNDJjOHwwfDB8MHw2NDE4NTM4fC0xfDB8MjYxODQyNXxob3N0aW5nfHZwbnwxfDE0NDB8fDJ8MHwwfDgzfDB8MHxPS3w0MWU1NGM3NWQwMDA2YWViNjczMTdjYzU0Zjc2MWJkZA--
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=aa6ca438-3e01-4442-924f-eedfc3ea45b4 fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
AnnIl7DLU2ZWPjM8_lPNPy4JVvjSlzjtPaZP6G1RQ0_Q0ad96BjRRA==
redirect
gleaminist.info/ Frame 0D31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=641503&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=641503&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=958a9deb-88ce-48d4-8fb5-1af5a48017e4
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
CLPter1cJgYioR1pcZCT0fpm47ygg63Fp9NqfxlfTABbY2TZd8Upng==
redirect
gleaminist.info/ Frame DDC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gleaminist.info/redirect?tid=664282&ref=
Requested by
Host: freecast123.com
URL: http://freecast123.com/pop/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-3.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
gleaminist.info
:scheme
https
:path
/redirect?tid=664282&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Wed, 16 Sep 2020 19:50:13 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=2d701fcd-d0d1-4186-9c8d-8686c7d6285d fv=rjgErds5qjYFrGEFqTaErTY8pdwHvdw=; Expires=Thu, 16 Sep 2021 19:50:13 GMT; Max-Age=31536000; Domain=.gleaminist.info; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
6GUPSBZdNDQaMBVCdlL2dhzdZwcwbJC2LcmHV8Jikb66er0DWlcbaw==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

3 Cookies

Domain/Path Name / Value
.alibaba.com/ Name: _tb_token_
Value: 30653868543ef
.alibaba.com/ Name: t
Value: f25e56bf810a1a85ed65a1b6431c0682
.alibaba.com/ Name: cookie2
Value: ubd2bcd96bee57f285c3da7032549864