urlscan.io logo urlscan.io
SecurityTrails logo

play.google.com Open in urlscan Pro
2607:f8b0:4006:817::200e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fallmt.us/
Effective URL: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Submission: On March 13 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 11 domains to perform 23 HTTP transactions. The main IP is 2607:f8b0:4006:817::200e, located in Queens, United States and belongs to GOOGLE, US. The main domain is play.google.com.
TLS certificate: Issued by GTS CA 1C3 on February 17th 2022. Valid for: 3 months.
This is the only time play.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 54.235.190.66 14618 (AMAZON-AES)
3 2606:4700:303... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 5.101.47.96 209813 (FASTCONTENT)
1 2 5.189.217.119 209813 (FASTCONTENT)
1 2 149.248.3.79 ()
2 2607:f8b0:400... ()
23 8
1    2606:4700:3033::6815:1f95 (United States)

ASN13335 (CLOUDFLARENET, US)
fallmt.us
2    54.235.190.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-190-66.compute-1.amazonaws.com
httpslink.com
3    2606:4700:3034::6815:1a7 (United States)

ASN13335 (CLOUDFLARENET, US)
myclick-2.com
5    2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
play.google.com
1    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    5.101.47.96 (Fremont, United States)

ASN209813 (FASTCONTENT, DE)
mega-prizes.life
2    5.189.217.119 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
svxidj.inchpageus.xyz
2    149.248.3.79 (None, )

ASN- ()
rockstorageplace.com
2    2607:f8b0:4006:820::2003 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 myclick-2.com
myclick-2.com
14 KB
2 gstatic.com
www.gstatic.com
ssl.gstatic.com Failed
fonts.gstatic.com Failed
7 KB
2 google.com
play.google.com
211 KB
2 rockstorageplace.com
rockstorageplace.com
923 B
2 inchpageus.xyz
svxidj.inchpageus.xyz
2 KB
2 mega-prizes.life
mega-prizes.life
88 KB
2 httpslink.com
httpslink.com — Cisco Umbrella Rank: 284518
680 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
437 B
1 fallmt.us
fallmt.us
694 B
0 googleusercontent.com Failed
play-lh.googleusercontent.com Failed
23 11
Domain Requested by
3 www.google-analytics.com myclick-2.com
www.google-analytics.com
3 myclick-2.com myclick-2.com
2 www.gstatic.com play.google.com
2 play.google.com rockstorageplace.com
myclick-2.com
2 rockstorageplace.com 1 redirects svxidj.inchpageus.xyz
2 svxidj.inchpageus.xyz 1 redirects mega-prizes.life
2 mega-prizes.life myclick-2.com
mega-prizes.life
2 httpslink.com 2 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 fallmt.us 1 redirects
0 fonts.gstatic.com Failed play.google.com
0 ssl.gstatic.com Failed play.google.com
0 play-lh.googleusercontent.com Failed play.google.com
23 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-30 -
2022-12-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
mega-prizes.life
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
*.inchpageus.xyz
R3		 2022-03-13 -
2022-06-11		 3 months crt.sh
rockstorageplace.com
R3		 2022-03-05 -
2022-06-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Frame ID: 71C3056A5E2619EFBA40F5ADF62B45CF
Requests: 29 HTTP requests in this frame

Frame: https://mega-prizes.life/media/mainstream/frame.html
Frame ID: CE18E4D6347D029B24D082A6B8CBB6F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fallmt.us/ HTTP 301
    https://httpslink.com/h0s3 HTTP 302
    https://httpslink.com/w0ve HTTP 302
    https://myclick-2.com/p/0l1n/fHFs/TiBH Page URL
  2. https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170 Page URL
  3. https://svxidj.inchpageus.xyz/fngvivoj/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170&f=1&sid=t3~2kpdf... Page URL
  4. https://svxidj.inchpageus.xyz/web/?sid=t3~2kpdf0hnpxoeobodhrfuy3fn HTTP 302
    https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBlt... HTTP 302
    https://rockstorageplace.com/away.php Page URL
  5. https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

23
Requests

65 %
HTTPS

56 %
IPv6

11
Domains

13
Subdomains

8
IPs

2
Countries

343 kB
Transfer

1366 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fallmt.us/ HTTP 301
    https://httpslink.com/h0s3 HTTP 302
    https://httpslink.com/w0ve HTTP 302
    https://myclick-2.com/p/0l1n/fHFs/TiBH Page URL
  2. https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170 Page URL
  3. https://svxidj.inchpageus.xyz/fngvivoj/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170&f=1&sid=t3~2kpdf0hnpxoeobodhrfuy3fn&fp=zwnffpvPerYWTYrYO2y%2B2EcCNjJd%2F3Tw55635y1JIP3p%2BMRav%2B8KQglEQOUv58KEsars5v4gOA5L7hLUE%2BydydmozQQ82ELFBmpcUthLpo5yG9%2Fxa9vbwP3lm9e1HVlDZ%2BSq327OX3cRZi7PAMbCluppDJ5nPH7i%2BJ3ck6ADldjfVPhG6bTsrJSf0N6%2BSgd51dqKDrCIj9FEkbhnwD7WvouYnSd0mza0kHrS%2BYSV98NiquiapmoYQZL8l43RDgZuys5ZEz2pug5P0NqJFXH0%2B915r4%2BHldlvLmMgEfX5WadbkJQfw2rfajdYRZQdhaPcK7swbMF%2BZRjuyzWJddNVHkBYV2naPhsdZ7%2FDmIAYBlkQht%2FQgXx1MQjFUPSMLOwzhaJBje3uRLumZvCgtUkGrYtxZ4y%2B3q%2F3fBEtpYiedEi%2FIz4acoP5uqDok5xl8tMptZJVwpX2rbfsatVGLo6fwLir6Rd8%2B25G70fPYai1aqytMcKaeJK1CTcnF1OPLC4Go3WsFnW1DqGoWdJZlXaXfR0aDgLwLGyzI7pbn9v9kG2XvnQqGHiD46um602CE3OOd7SQmKXFBnDl49fRbycRv0zr2Ekp8hRKKLslh4ykurMXciG1svcyoeMChbo1Y8Y%2FP5h%2BFmBXxcbtZlKk9smNvKlBIFpt1KgyeRAQ84U75NK9eyI4ioG7vgfRYtZpkdQVK6fQElKVYadqcRjZ0z0ZDdurPkRV0U59M4uEZgbq3ohiJPvk60R315w7K6DvxCB%2FLMbKFhJDl2vhyI7cwZo1%2Bwrk2npp5%2BsKjJHt5nXMZejrbnCha2lHR8oJ%2FACIqu%2BIE9t3clSxKWyh%2FiT%2F0JqlmbhJsTZvGdi5HweVYLWoee3g%2F9KKFnqzny2AsfNhgu5bNN0rjDiSQSwJPqo4hCwAsrbpingfDb29N0BjdupzwYOehG8H99rWO%2BXmSTUa7Su0n2Jh0eOgqiYkwWI0WU1%2Bkh5mRKwTJp5s2pFw%2BpQrgYe63SCPRaYYPl1KPrubCcjRsVJ%2FNoAU0SxALG4dIjwXQVCxdTcmZU6l57NQAUkIV7XdtgLphKcC0p6a2guYuGsRxhV%2BkdojE6oRPblb1UVal2jyugEpaUOGgpDvwN8jpfNr41P2Ffwo23ucBrAZb6kwyttLYwauljzR%2BFMWWCY9gb5sNI2Q%2FOw%2FQ2JEw%2BL65o7d2%2B%2BlZ4aRK3OpHaUeqB6bgmD13xfyhnVIE4pgzIw3jyivbHqi6hZevxrpp055Nwwm65R7QdbmbepWsfkR0rWgE%2BhB3ESVVsYtYzJPSRQ2YeqoTrM5hnZN0wbWfQBPvSVskH5%2FScFYSA%2Bk%2FgJxPTpN%2F4P%2BW2ccjvxi%2Bo7ku34Lg6PApDeNmHoTBaLuz1Pn%2B1uUFFK8lzG0lQShXhLi2aTZLfgyWX1iV1NeQxB4gDgjbTGB1LUa7kfPlFnQNcDFe40bHJhTAPNmKu97BweDXZlutz9wYmMIRpg16roHPDIb0BovIS7kHw3N9oKGuWUZvZwXCU8A8tDR1dTyeow%2B%2FhheqzjS4L9qo6VHAOl%2BuwIh6qHytvKs1oGEumniCTU5i%2BKGbzmXIhnmHkenmVmz0YV3%2BKek3NaSn7qkzS8Iy%2B4QLGLm0Kq3fTa9wUwdHx1L8JDpHY5WmgaA1fI5Tx1cl3sTPyRDCPuY8TjGrhNP25AYwFQ%2FFL4z%2BMJxOd8%2BXk6XvXHl9brrv0%2FeNTJYmCkhtJ%2By5ERBt2lDhbQdZC6GBhpOzbMEq%2BuuQl9tuTP9o%2FEY1pL5bd4qGECjCJKlAKzrjOtWtWDwtqkmBzg7QlfdPRa6XJ6fkFq9WAR4vDibLbGw%2FED9lQrbxVvrO1dQLr4G%2F0el90uL0NRj38bSlJS30wt%2Bj8tyFPSMoqK%2B8GibJ2Is9a8%2Bh6CYKi6eu2zITsm72ujkSl0AnyBlsbXMX%2FZOeQdN3Bq6oYvQUFPozXQC5vjOZPLUvr5Q%2B5FLNCoslevseRIBGOFDRjzqMagk8ifsED7pqw%3D%3D Page URL
  4. https://svxidj.inchpageus.xyz/web/?sid=t3~2kpdf0hnpxoeobodhrfuy3fn HTTP 302
    https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D HTTP 302
    https://rockstorageplace.com/away.php Page URL
  5. https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://fallmt.us/ HTTP 301
  • https://httpslink.com/h0s3 HTTP 302
  • https://httpslink.com/w0ve HTTP 302
  • https://myclick-2.com/p/0l1n/fHFs/TiBH
Request Chain 10
  • https://svxidj.inchpageus.xyz/web/?sid=t3~2kpdf0hnpxoeobodhrfuy3fn HTTP 302
  • https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D HTTP 302
  • https://rockstorageplace.com/away.php

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
TiBH
myclick-2.com/p/0l1n/fHFs/
Redirect Chain
  • http://fallmt.us/
  • https://httpslink.com/h0s3
  • https://httpslink.com/w0ve
  • https://myclick-2.com/p/0l1n/fHFs/TiBH
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b18d505b513f375e7c8c5a439526cae71b45e4f00425e0d61b817e741882bab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Sun, 13 Mar 2022 06:44:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, private
x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BPatPLU9iBZDQNdm7wuh2CI4Yyp2oiQPZ0FNWvd%2FqSJqjofN98iR4jKAmwKEAX3aggCP3hwutDBEfrTldn6RfCUo1L4OxaeeD2LgmN4DSGVtJfz7SBAdiaStirfOvnN4hiAVif2I1%2FNdI6l"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6eb2cd998ceb1a07-EWR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control
no-cache, no-store
Date
Sun, 13 Mar 2022 06:44:47 GMT
Engine
clickmeter.redirect, version 2.0
Expires
-1
Location
https://myclick-2.com/p/0l1n/fHFs/TiBH
X-Rate-Limit-Limit
20s
X-Rate-Limit-Remaining
298
X-Rate-Limit-Reset
2022-03-13T06:45:08.1342300Z
Content-Length
0
Connection
keep-alive
app.js
myclick-2.com/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myclick-2.com/js/app.js?id=8bd454b4c27f257a9cb1
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404eaf6b5a1c24e8215fc66cdf8426c3207b53986b4e3ffa93a361ecdb733f62

Request headers

device-memory
8
Referer
https://myclick-2.com/p/0l1n/fHFs/TiBH
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 06:44:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Feb 2022 12:26:16 GMT
server
cloudflare
age
3073
etag
W/"620655e8-7ff7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjgdjD%2FoalGcgCf0HfSQgdnlveP%2FBYb076pTvF9FrIMwtWaIAh93Cm4D66NwpgS%2FIltUumUqE98vIyiZbZAooZJzvdfFX6PCJjQzfLP23nwU%2FVorn2c66ybqcpoTBakvGO2BDZbkVxIynsZ2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eb2cd9d08b71a07-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://myclick-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
52
date
Sun, 13 Mar 2022 06:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 13 Mar 2022 08:43:56 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1633275543&t=pageview&_s=1&dl=https%3A%2F%2Fmyclick-2.com%2Fp%2F0l1n%2FfHFs%2FTiBH&ul=en-us&de=UTF-8&dt=myclick-2.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1548707336&gjid=1027847936&cid=325771340.1647153889&tid=UA-110090096-2&_gid=969669157.1647153889&_r=1&_slc=1&z=670747905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myclick-2.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 06:44:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myclick-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myclick-2.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 06:44:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://myclick-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
myclick-2.com/ 		20 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myclick-2.com/finger
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/js/app.js?id=8bd454b4c27f257a9cb1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
Referer
https://myclick-2.com/p/0l1n/fHFs/TiBH
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Mar 2022 06:44:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V3tBnAloypghIe77C40KJTh8Ka%2B2NsUrFmyNhoAl6o5DlSnEtecVUfn7H7vMOq8uvC6XYKgHiNfWgKq0fQpb41zbYN%2F9g9YJ4O0vaIizmUeqnYzu46kAc7sXwNSKfm5ftKkt57WWJ1fnn%2F0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
6eb2cd9e9aeb8c47-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-110090096-2&cid=325771340.1647153889&jid=1548707336&gjid=1027847936&_gid=969669157.1647153889&_u=IEBAAEAAAAAAAC~&z=660707981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myclick-2.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 13 Mar 2022 06:44:49 GMT
content-type
text/plain
access-control-allow-origin
https://myclick-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mega-prizes.life/ 		87 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/js/app.js?id=8bd454b4c27f257a9cb1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.47.96 Fremont, United States, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
dcfbb5f3cbe1c0e28b561f8bff34a6f69b335cc736442f088a6d590e7763f764

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://myclick-2.com/

Response headers

Server
nginx
Date
Sun, 13 Mar 2022 06:44:50 GMT
Content-Type
text/html
Content-Length
89333
Connection
keep-alive
Cache-Control
private no-transform
frame.html
mega-prizes.life/media/mainstream/ Frame CE18 		39 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mega-prizes.life/media/mainstream/frame.html
Requested by
Host: mega-prizes.life
URL: https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.101.47.96 Fremont, United States, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170

Response headers

Server
nginx
Date
Sun, 13 Mar 2022 06:44:50 GMT
Content-Type
text/html
Content-Length
39
Connection
keep-alive
Last-Modified
Thu, 20 May 2021 10:23:22 GMT
Vary
Accept-Encoding
ETag
"60a6389a-27"
Cache-Control
no-transform
Accept-Ranges
bytes
/
svxidj.inchpageus.xyz/fngvivoj/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://svxidj.inchpageus.xyz/fngvivoj/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170&f=1&sid=t3~2kpdf0hnpxoeobodhrfuy3fn&fp=zwnffpvPerYWTYrYO2y%2B2EcCNjJd%2F3Tw55635y1JIP3p%2BMRav%2B8KQglEQOUv58KEsars5v4gOA5L7hLUE%2BydydmozQQ82ELFBmpcUthLpo5yG9%2Fxa9vbwP3lm9e1HVlDZ%2BSq327OX3cRZi7PAMbCluppDJ5nPH7i%2BJ3ck6ADldjfVPhG6bTsrJSf0N6%2BSgd51dqKDrCIj9FEkbhnwD7WvouYnSd0mza0kHrS%2BYSV98NiquiapmoYQZL8l43RDgZuys5ZEz2pug5P0NqJFXH0%2B915r4%2BHldlvLmMgEfX5WadbkJQfw2rfajdYRZQdhaPcK7swbMF%2BZRjuyzWJddNVHkBYV2naPhsdZ7%2FDmIAYBlkQht%2FQgXx1MQjFUPSMLOwzhaJBje3uRLumZvCgtUkGrYtxZ4y%2B3q%2F3fBEtpYiedEi%2FIz4acoP5uqDok5xl8tMptZJVwpX2rbfsatVGLo6fwLir6Rd8%2B25G70fPYai1aqytMcKaeJK1CTcnF1OPLC4Go3WsFnW1DqGoWdJZlXaXfR0aDgLwLGyzI7pbn9v9kG2XvnQqGHiD46um602CE3OOd7SQmKXFBnDl49fRbycRv0zr2Ekp8hRKKLslh4ykurMXciG1svcyoeMChbo1Y8Y%2FP5h%2BFmBXxcbtZlKk9smNvKlBIFpt1KgyeRAQ84U75NK9eyI4ioG7vgfRYtZpkdQVK6fQElKVYadqcRjZ0z0ZDdurPkRV0U59M4uEZgbq3ohiJPvk60R315w7K6DvxCB%2FLMbKFhJDl2vhyI7cwZo1%2Bwrk2npp5%2BsKjJHt5nXMZejrbnCha2lHR8oJ%2FACIqu%2BIE9t3clSxKWyh%2FiT%2F0JqlmbhJsTZvGdi5HweVYLWoee3g%2F9KKFnqzny2AsfNhgu5bNN0rjDiSQSwJPqo4hCwAsrbpingfDb29N0BjdupzwYOehG8H99rWO%2BXmSTUa7Su0n2Jh0eOgqiYkwWI0WU1%2Bkh5mRKwTJp5s2pFw%2BpQrgYe63SCPRaYYPl1KPrubCcjRsVJ%2FNoAU0SxALG4dIjwXQVCxdTcmZU6l57NQAUkIV7XdtgLphKcC0p6a2guYuGsRxhV%2BkdojE6oRPblb1UVal2jyugEpaUOGgpDvwN8jpfNr41P2Ffwo23ucBrAZb6kwyttLYwauljzR%2BFMWWCY9gb5sNI2Q%2FOw%2FQ2JEw%2BL65o7d2%2B%2BlZ4aRK3OpHaUeqB6bgmD13xfyhnVIE4pgzIw3jyivbHqi6hZevxrpp055Nwwm65R7QdbmbepWsfkR0rWgE%2BhB3ESVVsYtYzJPSRQ2YeqoTrM5hnZN0wbWfQBPvSVskH5%2FScFYSA%2Bk%2FgJxPTpN%2F4P%2BW2ccjvxi%2Bo7ku34Lg6PApDeNmHoTBaLuz1Pn%2B1uUFFK8lzG0lQShXhLi2aTZLfgyWX1iV1NeQxB4gDgjbTGB1LUa7kfPlFnQNcDFe40bHJhTAPNmKu97BweDXZlutz9wYmMIRpg16roHPDIb0BovIS7kHw3N9oKGuWUZvZwXCU8A8tDR1dTyeow%2B%2FhheqzjS4L9qo6VHAOl%2BuwIh6qHytvKs1oGEumniCTU5i%2BKGbzmXIhnmHkenmVmz0YV3%2BKek3NaSn7qkzS8Iy%2B4QLGLm0Kq3fTa9wUwdHx1L8JDpHY5WmgaA1fI5Tx1cl3sTPyRDCPuY8TjGrhNP25AYwFQ%2FFL4z%2BMJxOd8%2BXk6XvXHl9brrv0%2FeNTJYmCkhtJ%2By5ERBt2lDhbQdZC6GBhpOzbMEq%2BuuQl9tuTP9o%2FEY1pL5bd4qGECjCJKlAKzrjOtWtWDwtqkmBzg7QlfdPRa6XJ6fkFq9WAR4vDibLbGw%2FED9lQrbxVvrO1dQLr4G%2F0el90uL0NRj38bSlJS30wt%2Bj8tyFPSMoqK%2B8GibJ2Is9a8%2Bh6CYKi6eu2zITsm72ujkSl0AnyBlsbXMX%2FZOeQdN3Bq6oYvQUFPozXQC5vjOZPLUvr5Q%2B5FLNCoslevseRIBGOFDRjzqMagk8ifsED7pqw%3D%3D
Requested by
Host: mega-prizes.life
URL: https://mega-prizes.life/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.189.217.119 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://mega-prizes.life/

Response headers

Server
nginx
Date
Sun, 13 Mar 2022 06:44:52 GMT
Content-Type
text/html
Content-Length
1598
Connection
keep-alive
Cache-Control
private no-transform
away.php
rockstorageplace.com/
Redirect Chain
  • https://svxidj.inchpageus.xyz/web/?sid=t3~2kpdf0hnpxoeobodhrfuy3fn
  • https://rockstorageplace.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
  • https://rockstorageplace.com/away.php
283 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rockstorageplace.com/away.php
Requested by
Host: svxidj.inchpageus.xyz
URL: https://svxidj.inchpageus.xyz/fngvivoj/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170&f=1&sid=t3~2kpdf0hnpxoeobodhrfuy3fn&fp=zwnffpvPerYWTYrYO2y%2B2EcCNjJd%2F3Tw55635y1JIP3p%2BMRav%2B8KQglEQOUv58KEsars5v4gOA5L7hLUE%2BydydmozQQ82ELFBmpcUthLpo5yG9%2Fxa9vbwP3lm9e1HVlDZ%2BSq327OX3cRZi7PAMbCluppDJ5nPH7i%2BJ3ck6ADldjfVPhG6bTsrJSf0N6%2BSgd51dqKDrCIj9FEkbhnwD7WvouYnSd0mza0kHrS%2BYSV98NiquiapmoYQZL8l43RDgZuys5ZEz2pug5P0NqJFXH0%2B915r4%2BHldlvLmMgEfX5WadbkJQfw2rfajdYRZQdhaPcK7swbMF%2BZRjuyzWJddNVHkBYV2naPhsdZ7%2FDmIAYBlkQht%2FQgXx1MQjFUPSMLOwzhaJBje3uRLumZvCgtUkGrYtxZ4y%2B3q%2F3fBEtpYiedEi%2FIz4acoP5uqDok5xl8tMptZJVwpX2rbfsatVGLo6fwLir6Rd8%2B25G70fPYai1aqytMcKaeJK1CTcnF1OPLC4Go3WsFnW1DqGoWdJZlXaXfR0aDgLwLGyzI7pbn9v9kG2XvnQqGHiD46um602CE3OOd7SQmKXFBnDl49fRbycRv0zr2Ekp8hRKKLslh4ykurMXciG1svcyoeMChbo1Y8Y%2FP5h%2BFmBXxcbtZlKk9smNvKlBIFpt1KgyeRAQ84U75NK9eyI4ioG7vgfRYtZpkdQVK6fQElKVYadqcRjZ0z0ZDdurPkRV0U59M4uEZgbq3ohiJPvk60R315w7K6DvxCB%2FLMbKFhJDl2vhyI7cwZo1%2Bwrk2npp5%2BsKjJHt5nXMZejrbnCha2lHR8oJ%2FACIqu%2BIE9t3clSxKWyh%2FiT%2F0JqlmbhJsTZvGdi5HweVYLWoee3g%2F9KKFnqzny2AsfNhgu5bNN0rjDiSQSwJPqo4hCwAsrbpingfDb29N0BjdupzwYOehG8H99rWO%2BXmSTUa7Su0n2Jh0eOgqiYkwWI0WU1%2Bkh5mRKwTJp5s2pFw%2BpQrgYe63SCPRaYYPl1KPrubCcjRsVJ%2FNoAU0SxALG4dIjwXQVCxdTcmZU6l57NQAUkIV7XdtgLphKcC0p6a2guYuGsRxhV%2BkdojE6oRPblb1UVal2jyugEpaUOGgpDvwN8jpfNr41P2Ffwo23ucBrAZb6kwyttLYwauljzR%2BFMWWCY9gb5sNI2Q%2FOw%2FQ2JEw%2BL65o7d2%2B%2BlZ4aRK3OpHaUeqB6bgmD13xfyhnVIE4pgzIw3jyivbHqi6hZevxrpp055Nwwm65R7QdbmbepWsfkR0rWgE%2BhB3ESVVsYtYzJPSRQ2YeqoTrM5hnZN0wbWfQBPvSVskH5%2FScFYSA%2Bk%2FgJxPTpN%2F4P%2BW2ccjvxi%2Bo7ku34Lg6PApDeNmHoTBaLuz1Pn%2B1uUFFK8lzG0lQShXhLi2aTZLfgyWX1iV1NeQxB4gDgjbTGB1LUa7kfPlFnQNcDFe40bHJhTAPNmKu97BweDXZlutz9wYmMIRpg16roHPDIb0BovIS7kHw3N9oKGuWUZvZwXCU8A8tDR1dTyeow%2B%2FhheqzjS4L9qo6VHAOl%2BuwIh6qHytvKs1oGEumniCTU5i%2BKGbzmXIhnmHkenmVmz0YV3%2BKek3NaSn7qkzS8Iy%2B4QLGLm0Kq3fTa9wUwdHx1L8JDpHY5WmgaA1fI5Tx1cl3sTPyRDCPuY8TjGrhNP25AYwFQ%2FFL4z%2BMJxOd8%2BXk6XvXHl9brrv0%2FeNTJYmCkhtJ%2By5ERBt2lDhbQdZC6GBhpOzbMEq%2BuuQl9tuTP9o%2FEY1pL5bd4qGECjCJKlAKzrjOtWtWDwtqkmBzg7QlfdPRa6XJ6fkFq9WAR4vDibLbGw%2FED9lQrbxVvrO1dQLr4G%2F0el90uL0NRj38bSlJS30wt%2Bj8tyFPSMoqK%2B8GibJ2Is9a8%2Bh6CYKi6eu2zITsm72ujkSl0AnyBlsbXMX%2FZOeQdN3Bq6oYvQUFPozXQC5vjOZPLUvr5Q%2B5FLNCoslevseRIBGOFDRjzqMagk8ifsED7pqw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
149.248.3.79 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://svxidj.inchpageus.xyz/fngvivoj/?u=kcdweky&o=cawpazh&cid=mlClick-k5hLDgfB&t=428170&f=1&sid=t3~2kpdf0hnpxoeobodhrfuy3fn&fp=zwnffpvPerYWTYrYO2y%2B2EcCNjJd%2F3Tw55635y1JIP3p%2BMRav%2B8KQglEQOUv58KEsars5v4gOA5L7hLUE%2BydydmozQQ82ELFBmpcUthLpo5yG9%2Fxa9vbwP3lm9e1HVlDZ%2BSq327OX3cRZi7PAMbCluppDJ5nPH7i%2BJ3ck6ADldjfVPhG6bTsrJSf0N6%2BSgd51dqKDrCIj9FEkbhnwD7WvouYnSd0mza0kHrS%2BYSV98NiquiapmoYQZL8l43RDgZuys5ZEz2pug5P0NqJFXH0%2B915r4%2BHldlvLmMgEfX5WadbkJQfw2rfajdYRZQdhaPcK7swbMF%2BZRjuyzWJddNVHkBYV2naPhsdZ7%2FDmIAYBlkQht%2FQgXx1MQjFUPSMLOwzhaJBje3uRLumZvCgtUkGrYtxZ4y%2B3q%2F3fBEtpYiedEi%2FIz4acoP5uqDok5xl8tMptZJVwpX2rbfsatVGLo6fwLir6Rd8%2B25G70fPYai1aqytMcKaeJK1CTcnF1OPLC4Go3WsFnW1DqGoWdJZlXaXfR0aDgLwLGyzI7pbn9v9kG2XvnQqGHiD46um602CE3OOd7SQmKXFBnDl49fRbycRv0zr2Ekp8hRKKLslh4ykurMXciG1svcyoeMChbo1Y8Y%2FP5h%2BFmBXxcbtZlKk9smNvKlBIFpt1KgyeRAQ84U75NK9eyI4ioG7vgfRYtZpkdQVK6fQElKVYadqcRjZ0z0ZDdurPkRV0U59M4uEZgbq3ohiJPvk60R315w7K6DvxCB%2FLMbKFhJDl2vhyI7cwZo1%2Bwrk2npp5%2BsKjJHt5nXMZejrbnCha2lHR8oJ%2FACIqu%2BIE9t3clSxKWyh%2FiT%2F0JqlmbhJsTZvGdi5HweVYLWoee3g%2F9KKFnqzny2AsfNhgu5bNN0rjDiSQSwJPqo4hCwAsrbpingfDb29N0BjdupzwYOehG8H99rWO%2BXmSTUa7Su0n2Jh0eOgqiYkwWI0WU1%2Bkh5mRKwTJp5s2pFw%2BpQrgYe63SCPRaYYPl1KPrubCcjRsVJ%2FNoAU0SxALG4dIjwXQVCxdTcmZU6l57NQAUkIV7XdtgLphKcC0p6a2guYuGsRxhV%2BkdojE6oRPblb1UVal2jyugEpaUOGgpDvwN8jpfNr41P2Ffwo23ucBrAZb6kwyttLYwauljzR%2BFMWWCY9gb5sNI2Q%2FOw%2FQ2JEw%2BL65o7d2%2B%2BlZ4aRK3OpHaUeqB6bgmD13xfyhnVIE4pgzIw3jyivbHqi6hZevxrpp055Nwwm65R7QdbmbepWsfkR0rWgE%2BhB3ESVVsYtYzJPSRQ2YeqoTrM5hnZN0wbWfQBPvSVskH5%2FScFYSA%2Bk%2FgJxPTpN%2F4P%2BW2ccjvxi%2Bo7ku34Lg6PApDeNmHoTBaLuz1Pn%2B1uUFFK8lzG0lQShXhLi2aTZLfgyWX1iV1NeQxB4gDgjbTGB1LUa7kfPlFnQNcDFe40bHJhTAPNmKu97BweDXZlutz9wYmMIRpg16roHPDIb0BovIS7kHw3N9oKGuWUZvZwXCU8A8tDR1dTyeow%2B%2FhheqzjS4L9qo6VHAOl%2BuwIh6qHytvKs1oGEumniCTU5i%2BKGbzmXIhnmHkenmVmz0YV3%2BKek3NaSn7qkzS8Iy%2B4QLGLm0Kq3fTa9wUwdHx1L8JDpHY5WmgaA1fI5Tx1cl3sTPyRDCPuY8TjGrhNP25AYwFQ%2FFL4z%2BMJxOd8%2BXk6XvXHl9brrv0%2FeNTJYmCkhtJ%2By5ERBt2lDhbQdZC6GBhpOzbMEq%2BuuQl9tuTP9o%2FEY1pL5bd4qGECjCJKlAKzrjOtWtWDwtqkmBzg7QlfdPRa6XJ6fkFq9WAR4vDibLbGw%2FED9lQrbxVvrO1dQLr4G%2F0el90uL0NRj38bSlJS30wt%2Bj8tyFPSMoqK%2B8GibJ2Is9a8%2Bh6CYKi6eu2zITsm72ujkSl0AnyBlsbXMX%2FZOeQdN3Bq6oYvQUFPozXQC5vjOZPLUvr5Q%2B5FLNCoslevseRIBGOFDRjzqMagk8ifsED7pqw%3D%3D

Response headers

Server
nginx
Date
Sun, 13 Mar 2022 06:44:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache

Redirect headers

Server
nginx
Date
Sun, 13 Mar 2022 06:44:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/away.php
Primary Request details
play.google.com/store/apps/ 		976 KB
211 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Requested by
Host: rockstorageplace.com
URL: https://rockstorageplace.com/away.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2237ff4dd5db8873b4e6e3457d71a61971cce297a8efc8258d3586665577f02f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-yIF768wB68SSiLG6vF5JfQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'nonce-yIF768wB68SSiLG6vF5JfQ' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Mar 2022 06:44:53 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-yIF768wB68SSiLG6vF5JfQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'nonce-yIF768wB68SSiLG6vF5JfQ' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cspreport
play.google.com/_/PlayStoreUi/ 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://play.google.com/_/PlayStoreUi/cspreport
Requested by
Host: myclick-2.com
URL: https://myclick-2.com/p/0l1n/fHFs/TiBH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-evnouTByFO0K3SpARnQyRA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self', script-src 'nonce-evnouTByFO0K3SpARnQyRA' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 06:44:53 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-evnouTByFO0K3SpARnQyRA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self', script-src 'nonce-evnouTByFO0K3SpARnQyRA' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.PP51sWiEF-Y.es5.O/am=IjAwbEhFQCwEQA/d=1/excm=_b,_tp,appdetailsview/ed=1/dg=0/wt=2/esmo=1/rs=AB1caFUaWwHPPeUnqlIRsinyWCPGDJzg4Q/ 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.en.PP51sWiEF-Y.es5.O/am=IjAwbEhFQCwEQA/d=1/excm=_b,_tp,appdetailsview/ed=1/dg=0/wt=2/esmo=1/rs=AB1caFUaWwHPPeUnqlIRsinyWCPGDJzg4Q/m=_b,_tp
Requested by
Host: play.google.com
URL: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://play.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 21:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/play-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74329
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 00:27:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/play-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/play-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/play-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Mar 2023 21:14:02 GMT
play_prism_hlock_2x.png
www.gstatic.com/android/market_images/web/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/android/market_images/web/play_prism_hlock_2x.png
Requested by
Host: play.google.com
URL: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2bcef13146c704fd873d9df10f1368abb60c975779da274360fe97c2e37006b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://play.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:30:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
age
252848
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6640
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 Mar 2023 08:30:45 GMT
z5nin1RdQ4UZhv6fa1FNG7VE33imGqPgC4kKZIUjgf_up7E-Pj3AaojlMPwNNXaeGA=s180-rw
play-lh.googleusercontent.com/ 		0
0
mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w56-h14-rw
play-lh.googleusercontent.com/ 		0
0
STsINPHbz_Edu86xY7DeCJbXpLNM-dPyQ5mSBEJCfI0869PV7Z10P3QbFPA7iRsBzv4=w720-h310-rw
play-lh.googleusercontent.com/ 		0
0
Sf-9Gw3_fbZ9uf1CfeqZPI6weBl7C1x1xG8bpw6g-uYI6FXEBH6tNEtTxw84cv4kIA=w720-h310-rw
play-lh.googleusercontent.com/ 		0
0
rs=AA2YrTt622SBmfE1k76T8J83TqYLCpwGsQ
www.gstatic.com/og/_/js/k=og.og.en_US._i0776ZFClU.O/rt=j/m=ld,gl,sd,p,vd,lod,eld,ip,cpd,aswid/exm=bt,base,bn,bu,cp,el,lo,sf,up,dd,aw,iw,gi,vi,pi,eq/d=1/ed=1/ 		0
0
v1_4323f611.png
ssl.gstatic.com/gb/images/ 		0
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 		0
0
truncated
/ 		267 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		146 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		123 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		129 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		0
0
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://play.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play-lh.googleusercontent.com
URL
https://play-lh.googleusercontent.com/z5nin1RdQ4UZhv6fa1FNG7VE33imGqPgC4kKZIUjgf_up7E-Pj3AaojlMPwNNXaeGA=s180-rw
Domain
play-lh.googleusercontent.com
URL
https://play-lh.googleusercontent.com/mw_NfsvKM8m6RPv8Fz2GQawCOsqWv010saMnc7zbWalMxuaA9IY8h7E0VMieLxSxAFB98NFeYqbFrXXq=w56-h14-rw
Domain
play-lh.googleusercontent.com
URL
https://play-lh.googleusercontent.com/STsINPHbz_Edu86xY7DeCJbXpLNM-dPyQ5mSBEJCfI0869PV7Z10P3QbFPA7iRsBzv4=w720-h310-rw
Domain
play-lh.googleusercontent.com
URL
https://play-lh.googleusercontent.com/Sf-9Gw3_fbZ9uf1CfeqZPI6weBl7C1x1xG8bpw6g-uYI6FXEBH6tNEtTxw84cv4kIA=w720-h310-rw
Domain
www.gstatic.com
URL
https://www.gstatic.com/og/_/js/k=og.og.en_US._i0776ZFClU.O/rt=j/m=ld,gl,sd,p,vd,lod,eld,ip,cpd,aswid/exm=bt,base,bn,bu,cp,el,lo,sf,up,dd,aw,iw,gi,vi,pi,eq/d=1/ed=1/rs=AA2YrTt622SBmfE1k76T8J83TqYLCpwGsQ
Domain
ssl.gstatic.com
URL
https://ssl.gstatic.com/gb/images/v1_4323f611.png
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

7 Cookies

Domain/Path Name / Value
myclick-2.com/ Name: 6b9a00393fb1607b0ada13520f814ab5
Value: 6b9a00393fb1607b0ada13520f814ab5
.myclick-2.com/ Name: _ga
Value: GA1.2.325771340.1647153889
.myclick-2.com/ Name: _gid
Value: GA1.2.969669157.1647153889
.myclick-2.com/ Name: _gat
Value: 1
mega-prizes.life/ Name: sid
Value: t3~2kpdf0hnpxoeobodhrfuy3fn
mega-prizes.life/ Name: p1
Value: https://inchpageus.xyz/fngvivoj/
mega-prizes.life/ Name: s1
Value: nmv2kpwbo0ku1ppr

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.