urlscan.io logo urlscan.io
SecurityTrails logo

click2up.com Open in urlscan Pro
95.216.26.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL: https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s3_13396252286353951369_1159_6_0&cpa_cost=0.0002&SOURCE_...
Submission: On February 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 11 domains to perform 11 HTTP transactions. The main IP is 95.216.26.241, located in and belongs to . The main domain is click2up.com.
TLS certificate: Issued by R3 on February 10th 2024. Valid for: 3 months.
This is the only time click2up.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 15 173.214.240.15 15317 (SERVEREL-AS)
1 142.250.65.234 15169 (GOOGLE)
2 2 199.182.164.180 15317 (SERVEREL-AS)
2 3 192.243.58.125 39572 (ADVANCEDH...)
2 45.133.44.32 39572 (ADVANCEDH...)
2 142.251.40.131 15169 (GOOGLE)
1 185.162.87.220 39572 (ADVANCEDH...)
1 95.216.26.241 ()
11 8
15    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
goldnews2.xyz
freetrckr.com
wolftop4.xyz
1    142.250.65.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f10.1e100.net
fonts.googleapis.com
2    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.planetpush.net
3    192.243.58.125 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
sinqya.xyz
2    45.133.44.32 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
i.wmgtr.com
2    142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net
fonts.gstatic.com
1    185.162.87.220 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ceigix.com
1    95.216.26.241 (None, )

ASN- ()
click2up.com
Apex Domain
Subdomains		 Transfer
10 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 776842
3 KB
3 sinqya.xyz
sinqya.xyz — Cisco Umbrella Rank: 36409
656 B
3 wolftop4.xyz
wolftop4.xyz
2 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 wmgtr.com
i.wmgtr.com — Cisco Umbrella Rank: 21348
28 KB
2 planetpush.net
xml.planetpush.net — Cisco Umbrella Rank: 121923
264 B
2 goldnews2.xyz
goldnews2.xyz
607 B
1 click2up.com
click2up.com
634 B
1 ceigix.com
ceigix.com — Cisco Umbrella Rank: 500145
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
0 videov-click.com Failed
videov-click.com Failed
11 11
Domain Requested by
10 freetrckr.com 10 redirects
3 sinqya.xyz 2 redirects ceigix.com
3 wolftop4.xyz 1 redirects wolftop4.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 i.wmgtr.com wolftop4.xyz
2 xml.planetpush.net 2 redirects
2 goldnews2.xyz 2 redirects
1 click2up.com ceigix.com
1 ceigix.com wolftop4.xyz
1 fonts.googleapis.com wolftop4.xyz
0 videov-click.com Failed
11 11

This site contains no links.

Subject Issuer Validity Valid
autoler4.xyz
R3		 2024-02-01 -
2024-05-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
i.wmgtr.com
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
ceigix.com
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh
sinqya.xyz
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
click2up.com
R3		 2024-02-10 -
2024-05-10		 3 months crt.sh

This page contains 1 frames:

Frame: https://videov-click.com/?subid=cndqqb9r9alc73d6e0sg&source=s1159_9c56eed5b64503ca4d35126d5bcea34e&creative_id=1419598
Frame ID: C0FFBF239DABD07E18A1F4F380E35F45
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymi... HTTP 301
    https://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
  2. https://xml.planetpush.net/click?s=1&tid=886&sid=92a9e678ff3bffbe5b10ff5460c62ea6&rnd=776068549 HTTP 302
    https://sinqya.xyz/dsp/ph/clcm?aid=13396252286353951369&mid=0&t=1708895517&s=1054234&sid=1159 HTTP 302
    https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly... Page URL
  3. https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s3_13396252286353951369_1159_6_0&cpa... Page URL

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

8
IPs

2
Countries

76 kB
Transfer

101 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltizzmi4otzhmdm1mjc4ndm5ztmzyzu4ndaznzcxmzu2ltm4mtutmc4wmde4njelmjilmkmlmji1mzqtnti1zdjmmzdkntzmywqxyzy1mdy5nmu3ndaymt...~311~...3mhewd3dfywxsx2l0jtiyjtde&if=1 HTTP 301
    https://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltizzmi4otzhmdm1mjc4ndm5ztmzyzu4ndaznzcxmzu2ltm4mtutmc4wmde4njelmjilmkmlmji1mzqtnti1zdjmmzdkntzmywqxyzy1mdy5nmu3ndaymt...~311~...3mhewd3dfywxsx2l0jtiyjtde&if=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://xml.planetpush.net/click?s=1&tid=886&sid=92a9e678ff3bffbe5b10ff5460c62ea6&rnd=776068549 HTTP 302
    https://sinqya.xyz/dsp/ph/clcm?aid=13396252286353951369&mid=0&t=1708895517&s=1054234&sid=1159 HTTP 302
    https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5XzExNTlfNl8wJmNwYV9jb3N0PTAuMDAwMiZTT1VSQ0VfSUQ9czExNTlfOWM1NmVlZDViNjQ1MDNjYTRkMzUxMjZkNWJjZWEzNGUmQ0FNUEFJR05fSUQ9MTA1NDIzNCZDT1VOVFJZPVVTJkJST1dTRVI9Q2hyb21lJkNSRUFUSVZFX0lEPTE0MTk1OTgmRk9STUFUPXB1c2gmT1M9V2luZG93cyZMQU5HPWVuJlpPTkVfSUQ9czExNTk= Page URL
  3. https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s3_13396252286353951369_1159_6_0&cpa_cost=0.0002&SOURCE_ID=s1159_9c56eed5b64503ca4d35126d5bcea34e&CAMPAIGN_ID=1054234&COUNTRY=US&BROWSER=Chrome&CREATIVE_ID=1419598&FORMAT=push&OS=Windows&LANG=en&ZONE_ID=s1159 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltizzmi4otzhmdm1mjc4ndm5ztmzyzu4ndaznzcxmzu2ltm4mtutmc4wmde4njelmjilmkmlmji1mzqtnti1zdjmmzdkntzmywqxyzy1mdy5nmu3ndaymt...~311~...3mhewd3dfywxsx2l0jtiyjtde&if=1 HTTP 301
  • https://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltizzmi4otzhmdm1mjc4ndm5ztmzyzu4ndaznzcxmzu2ltm4mtutmc4wmde4njelmjilmkmlmji1mzqtnti1zdjmmzdkntzmywqxyzy1mdy5nmu3ndaymt...~311~...3mhewd3dfywxsx2l0jtiyjtde&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://wolftop4.xyz/event_59b8cc5a-3caf-ac74-1934-0b767de36f2c_102_1226_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEOTJhOWU2NzhmZjNiZmZiZTViMTBmZjU0NjBjNjJlYTYlMjZybmQlM0Q0MjQwMTc3MA%3D%3D&t=1708895517955&rnd=405283314&i=1 HTTP 302
  • https://xml.planetpush.net/icon?sid=92a9e678ff3bffbe5b10ff5460c62ea6&rnd=42401770 HTTP 302
  • https://sinqya.xyz/dsp/ph/icm?aid=13396252286353951369&mid=0&sid=1159&t=1708895517&subid=9c56eed5b64503ca4d35126d5bcea34e HTTP 302
  • https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
Request Chain 7
  • https://xml.planetpush.net/click?s=1&tid=886&sid=92a9e678ff3bffbe5b10ff5460c62ea6&rnd=776068549 HTTP 302
  • https://sinqya.xyz/dsp/ph/clcm?aid=13396252286353951369&mid=0&t=1708895517&s=1054234&sid=1159 HTTP 302
  • https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5XzExNTlfNl8wJmNwYV9jb3N0PTAuMDAwMiZTT1VSQ0VfSUQ9czExNTlfOWM1NmVlZDViNjQ1MDNjYTRkMzUxMjZkNWJjZWEzNGUmQ0FNUEFJR05fSUQ9MTA1NDIzNCZDT1VOVFJZPVVTJkJST1dTRVI9Q2hyb21lJkNSRUFUSVZFX0lEPTE0MTk1OTgmRk9STUFUPXB1c2gmT1M9V2luZG93cyZMQU5HPWVuJlpPTkVfSUQ9czExNTk=

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js
wolftop4.xyz/
Redirect Chain
  • http://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltizzmi4otzhmdm1mjc4ndm5ztmzyzu4ndaznz...
  • https://goldnews2.xyz/event_01a9f773-c548-2959-2068-71f117a0fb17_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltizzmi4otzhmdm1mjc4ndm5ztmzyzu4ndazn...
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
78f341b98ee1bf3a3f9052913453a4c2e26ecba578d0127bc9cb71894a90fcba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 25 Feb 2024 21:11:57 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Sun, 25 Feb 2024 21:11:57 GMT
location
https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: wolftop4.xyz
URL: https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.234 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f10.1e100.net
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wolftop4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Feb 2024 21:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 20:56:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Feb 2024 21:11:58 GMT
o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
i.wmgtr.com/cic/
Redirect Chain
  • https://wolftop4.xyz/event_59b8cc5a-3caf-ac74-1934-0b767de36f2c_102_1226_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEOTJhOWU2NzhmZjNiZmZiZTViMTBmZjU0NjBjNjJlYTYlMjZ...
  • https://xml.planetpush.net/icon?sid=92a9e678ff3bffbe5b10ff5460c62ea6&rnd=42401770
  • https://sinqya.xyz/dsp/ph/icm?aid=13396252286353951369&mid=0&sid=1159&t=1708895517&subid=9c56eed5b64503ca4d35126d5bcea34e
  • https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
Requested by
Host: wolftop4.xyz
URL: https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Server
45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wolftop4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Mon, 26 Feb 2024 20:11:58 GMT
date
Sun, 25 Feb 2024 21:11:58 GMT
content-encoding
gzip
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT

Redirect headers

location
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
date
Sun, 25 Feb 2024 21:11:58 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
i.wmgtr.com/cim/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cim/4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
Requested by
Host: wolftop4.xyz
URL: https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
6bd9cd7785446537c145de6313a125d7c728bfd9add3f1628e547ad167cdb558
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wolftop4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Mon, 26 Feb 2024 20:11:58 GMT
date
Sun, 25 Feb 2024 21:11:58 GMT
content-encoding
gzip
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wolftop4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:33:45 GMT
x-content-type-options
nosniff
age
308293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:33:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wolftop4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 07:50:33 GMT
x-content-type-options
nosniff
age
307285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Feb 2025 07:50:33 GMT
event_59b8cc5a-3caf-ac74-1934-0b767de36f2c_102_0_3001
wolftop4.xyz/ 		150 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wolftop4.xyz/event_59b8cc5a-3caf-ac74-1934-0b767de36f2c_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtOTJhOWU2NzhmZjNiZmZiZTViMTBmZjU0NjBjNjJlYTYtMTIyNi0wLjAwMDA4NSUyMiU1RCU3RA%3D%3D&t=1708895517955&rnd=406285859&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: wolftop4.xyz
URL: https://wolftop4.xyz/sw_f0257c92-bbb3-6d44-bc49-8a34228fe150_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
dc53b59f28bc96a37c22028a5d64c1204455fdb0cbd1748f672012088b5299da

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 21:11:59 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
fp.html
ceigix.com/
Redirect Chain
  • https://xml.planetpush.net/click?s=1&tid=886&sid=92a9e678ff3bffbe5b10ff5460c62ea6&rnd=776068549
  • https://sinqya.xyz/dsp/ph/clcm?aid=13396252286353951369&mid=0&t=1708895517&s=1054234&sid=1159
  • https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5...
30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5XzExNTlfNl8wJmNwYV9jb3N0PTAuMDAwMiZTT1VSQ0VfSUQ9czExNTlfOWM1NmVlZDViNjQ1MDNjYTRkMzUxMjZkNWJjZWEzNGUmQ0FNUEFJR05fSUQ9MTA1NDIzNCZDT1VOVFJZPVVTJkJST1dTRVI9Q2hyb21lJkNSRUFUSVZFX0lEPTE0MTk1OTgmRk9STUFUPXB1c2gmT1M9V2luZG93cyZMQU5HPWVuJlpPTkVfSUQ9czExNTk=
Requested by
Host: wolftop4.xyz
URL: https://wolftop4.xyz/event_59b8cc5a-3caf-ac74-1934-0b767de36f2c_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtOTJhOWU2NzhmZjNiZmZiZTViMTBmZjU0NjBjNjJlYTYtMTIyNi0wLjAwMDA4NSUyMiU1RCU3RA%3D%3D&t=1708895517955&rnd=406285859&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.87.220 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
e5f14041768342aa780a55e702a30d939563af64fb2c19e37568bfa049a5694a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Feb 2024 21:12:01 GMT
server
nginx/1.25.0
vary
Accept-Encoding
x-zone
eu3

Redirect headers

content-length
567
content-type
text/html; charset=utf-8
date
Sun, 25 Feb 2024 21:12:01 GMT
location
https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5XzExNTlfNl8wJmNwYV9jb3N0PTAuMDAwMiZTT1VSQ0VfSUQ9czExNTlfOWM1NmVlZDViNjQ1MDNjYTRkMzUxMjZkNWJjZWEzNGUmQ0FNUEFJR05fSUQ9MTA1NDIzNCZDT1VOVFJZPVVTJkJST1dTRVI9Q2hyb21lJkNSRUFUSVZFX0lEPTE0MTk1OTgmRk9STUFUPXB1c2gmT1M9V2luZG93cyZMQU5HPWVuJlpPTkVfSUQ9czExNTk=
server
nginx/1.18.0
sfd
sinqya.xyz/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sinqya.xyz/sfd?a=1&fp=b8c4a52e22574def21ee72f3fb6f6cf2&rid=13396252286353951369_6&dw=1600&dh=1200&tz=-10&ult=2024-02-25%2011:12:02&so=landscape-primary&if=0&bt=100
Requested by
Host: ceigix.com
URL: https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5XzExNTlfNl8wJmNwYV9jb3N0PTAuMDAwMiZTT1VSQ0VfSUQ9czExNTlfOWM1NmVlZDViNjQ1MDNjYTRkMzUxMjZkNWJjZWEzNGUmQ0FNUEFJR05fSUQ9MTA1NDIzNCZDT1VOVFJZPVVTJkJST1dTRVI9Q2hyb21lJkNSRUFUSVZFX0lEPTE0MTk1OTgmRk9STUFUPXB1c2gmT1M9V2luZG93cyZMQU5HPWVuJlpPTkVfSUQ9czExNTk=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.243.58.125 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ceigix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 25 Feb 2024 21:12:02 GMT
server
nginx/1.18.0
content-length
0
Primary Request click
click2up.com/ 		345 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click2up.com/click?key=xnfiwespxr450fy5p2u5&click_id=s3_13396252286353951369_1159_6_0&cpa_cost=0.0002&SOURCE_ID=s1159_9c56eed5b64503ca4d35126d5bcea34e&CAMPAIGN_ID=1054234&COUNTRY=US&BROWSER=Chrome&CREATIVE_ID=1419598&FORMAT=push&OS=Windows&LANG=en&ZONE_ID=s1159
Requested by
Host: ceigix.com
URL: https://ceigix.com/fp.html?rid=13396252286353951369_6&sd=aHR0cHM6Ly9zaW5xeWEueHl6&ru=aHR0cHM6Ly9jbGljazJ1cC5jb20vY2xpY2s/a2V5PXhuZml3ZXNweHI0NTBmeTVwMnU1JmNsaWNrX2lkPXMzXzEzMzk2MjUyMjg2MzUzOTUxMzY5XzExNTlfNl8wJmNwYV9jb3N0PTAuMDAwMiZTT1VSQ0VfSUQ9czExNTlfOWM1NmVlZDViNjQ1MDNjYTRkMzUxMjZkNWJjZWEzNGUmQ0FNUEFJR05fSUQ9MTA1NDIzNCZDT1VOVFJZPVVTJkJST1dTRVI9Q2hyb21lJkNSRUFUSVZFX0lEPTE0MTk1OTgmRk9STUFUPXB1c2gmT1M9V2luZG93cyZMQU5HPWVuJlpPTkVfSUQ9czExNTk=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.26.241 -, , ASN (),
Reverse DNS
Software
Caddy /
Resource Hash

Request headers

Referer
https://ceigix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
345
content-type
text/html; charset=UTF-8
date
Sun, 25 Feb 2024 21:12:13 GMT
server
Caddy
x-request-id
46472211-fdb2-49a5-8d2b-2df547b7a543
/
videov-click.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
videov-click.com
URL
https://videov-click.com/?subid=cndqqb9r9alc73d6e0sg&source=s1159_9c56eed5b64503ca4d35126d5bcea34e&creative_id=1419598

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies