ww12.keepvid.works Open in urlscan Pro
193.218.118.205  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ww12.keepvid.works/en/	26 KB 9 KB	868ms 280ms	Document text/html	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash f2b949e862847b53071083701abb12209d3e608ab29a35836354106dbbaf3644 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 15 Jul 2024 16:38:59 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx Transfer-Encoding chunked
GET H3	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 24 KB	229ms 151ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ww12.keepvid.works/ Origin https://ww12.keepvid.works User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:38:59 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 852 strict-transport-security max-age=31536000; includeSubDomains; preload age 10281577 cdn-cachedat 10/31/2023 18:51:53 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:59 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"ec3bb52a00e176a7181d454dffaea219" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 26163546969aeb28e4d007bdc34f30f3 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8a3b2fa04cc82b67-LAX cdn-requestpullsuccess True
GET H/1.1	200 OK	default.css ww12.keepvid.works/	7 KB 7 KB	242ms 241ms	Stylesheet text/css	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/default.css?v000012 Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash fbe0a51470b60a1afac1ce2c1ad37162316cc4f574b0bef5041cdea1006eca71 Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:38:59 GMT Last-Modified Wed, 21 Sep 2022 21:10:39 GMT Server nginx ETag "632b7dcf-1ad8" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6872
GET H/1.1	200 OK	keepvid-works-log-icon.png ww12.keepvid.works/images/	4 KB 4 KB	484ms 241ms	Image image/png	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Show image Full URL https://ww12.keepvid.works/images/keepvid-works-log-icon.png Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash dd3b1ba52ff77fd3e8462862d2d27af322e800cb003027e925139ab8373c8429 Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Fri, 21 May 2021 01:40:43 GMT Server nginx ETag "60a70f9b-102c" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4140
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	421ms 136ms	Script text/javascript	2607:f8b0:4006:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 21:33:28 GMT content-encoding gzip x-content-type-options nosniff age 241532 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Jul 2025 21:33:28 GMT
GET H3	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 12 KB	137ms 82ms	Script application/javascript	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ww12.keepvid.works/ Origin https://ww12.keepvid.works User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:38:59 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 899 strict-transport-security max-age=31536000; includeSubDomains; preload age 10267587 cdn-cachedat 08/29/2023 17:26:00 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"5869c96cc8f19086aee625d670d741f9" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid a1c24bb8794643c9d1edcdd21c9e9e51 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8a3b2fa04cc72b67-LAX cdn-requestpullsuccess True
GET H/1.1	200 OK	social-share-kit.min.js Show response ww12.keepvid.works/socialsharekit/js/	6 KB 6 KB	699ms 240ms	Script application/javascript	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/socialsharekit/js/social-share-kit.min.js Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash c5e0dfe7c67c57b81ccbe43199f96b6fb5c63a216b6bb4a8ca9de8d32d24a174 Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Fri, 21 May 2021 01:40:41 GMT Server nginx ETag "60a70f99-18ec" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6380
GET H/1.1	200 OK	social-share-kit.css ww12.keepvid.works/socialsharekit/css/	12 KB 13 KB	702ms 239ms	Stylesheet text/css	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/socialsharekit/css/social-share-kit.css Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash 8999b18b7b370af9fef7fc290a2861914ad02219d63e51f958870e54e4e54167 Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Fri, 21 May 2021 01:40:37 GMT Server nginx ETag "60a70f95-3170" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 12656
GET H/1.1	200 OK	keepvid.js Show response ww12.keepvid.works/	6 KB 6 KB	717ms 241ms	Script application/javascript	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/keepvid.js?v20011023 Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash 40c5732bf1fcad7088e859d723a3ecda8e9284c290df45af3ee0e6cc2e96a02d Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Thu, 18 Apr 2024 21:20:25 GMT Server nginx ETag "66218e99-18dd" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6365
GET H/1.1	200 OK	jquery-ui.min.css ww12.keepvid.works/	16 KB 17 KB	954ms 475ms	Stylesheet text/css	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/jquery-ui.min.css Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash 7824372caba242b82f290f8cff1966601ffc052c2f66cc1fb26d02cfd014a72f Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Fri, 21 May 2021 01:40:19 GMT Server nginx ETag "60a70f83-4171" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 16753
GET H/1.1	200 OK	jquery-ui.min.js Show response ww12.keepvid.works/	31 KB 32 KB	735ms 476ms	Script application/javascript	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/jquery-ui.min.js Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/en/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash ebd9b012f2a01a5a059c5d435303366fb11c383fb3b07b045e5547c8978f6e4e Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Fri, 21 May 2021 01:40:19 GMT Server nginx ETag "60a70f83-7da2" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 32162
GET H3	200	glyphicons-halflings-regular.woff2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/	18 KB 18 KB	86ms 85ms	Font font/woff2	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Origin https://ww12.keepvid.works User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:39:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 907 age 10272337 cdn-cachedat 03/01/2024 04:27:53 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18028 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag "448c34a56d699c29117adc64c43affeb" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 25f6e5a68b52fe1f8179a226b9a03bcf accept-ranges bytes timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8a3b2fa20f042b67-LAX cdn-requestpullsuccess True
GET H/1.1	200 OK	social-share-kit.woff ww12.keepvid.works/socialsharekit/fonts/	7 KB 7 KB	239ms 238ms	Font application/font-woff	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/socialsharekit/fonts/social-share-kit.woff Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/socialsharekit/css/social-share-kit.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash 0458fa0033848d1a830c91ade83e2692154c2e9836eaf7974fd4803d656f6efc Request headers Referer https://ww12.keepvid.works/socialsharekit/css/social-share-kit.css Origin https://ww12.keepvid.works User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:00 GMT Last-Modified Fri, 21 May 2021 01:40:38 GMT Server nginx ETag "60a70f96-1bf8" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 7160
GET H2	200	4378921 Show response ofleafeona.com/401/	87 KB 34 KB	851ms 422ms	Script application/javascript	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ofleafeona.com/401/4378921 Requested by Host: ww12.keepvid.works URL: https://ww12.keepvid.works/keepvid.js?v20011023 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 7677854d9f6d26d9b5e7e4118b82ae08915891e0351d1ad47436ab0f1cde4491 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:39:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 04a953eaac8ab30b4af8ffd7b16d37c4 pragma no-cache server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	32220 Show response cultergoy.com/gkIGMdszupsFyd/	6 B 1 KB	910ms 221ms	Script application/javascript	23.109.170.230 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://cultergoy.com/gkIGMdszupsFyd/32220?_=1721061540367 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 23.109.170.230 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:01 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=1 Transfer-Encoding chunked Connection keep-alive Server nginx Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list Access-Control-Max-Age 600 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://ww12.keepvid.works X-Frame-Options SAMEORIGIN Access-Control-Allow-Credentials true Vary Accept-Encoding Keep-Alive timeout=20 Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
GET H2	200	gid.js Show response my.rtmark.net/	65 B 547 B	642ms 214ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: ofleafeona.com URL: https://ofleafeona.com/401/4378921 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 46ee7527ab09e2811dc5cea4ee428c5ec380b67b785bc72a88e5ab1a8c0bddd7 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:39:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://ww12.keepvid.works access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H/1.1	200 OK	favicon.ico ww12.keepvid.works/	1 KB 1 KB	245ms 245ms	Other image/x-icon	193.218.118.205 EPINATURA
General Check archive.org Show headers Download Go to Full URL https://ww12.keepvid.works/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.218.118.205 Kyiv, Ukraine, ASN207656 (EPINATURA, UA), Reverse DNS 205.118.218.193.urdn.com.ua Software nginx / Resource Hash 5666e4ed23ccc309458d3815bd48bd2dc1e390e5e600e521c0b140ca41211173 Request headers Referer https://ww12.keepvid.works/en/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 15 Jul 2024 16:39:01 GMT Last-Modified Fri, 21 May 2021 01:40:18 GMT Server nginx ETag "60a70f82-47e" Content-Type image/x-icon Connection keep-alive Accept-Ranges bytes Content-Length 1150
OPTIONS H2	200	4378921 ofleafeona.com/500/	0 0	628ms 207ms	Preflight	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ofleafeona.com/500/4378921?excludes=&oaid=08009a8fdebb4158fc42daab88a1d105&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=960&wy=960&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fww12.keepvid.works%2Fen%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.353.3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://ww12.keepvid.works Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://ww12.keepvid.works access-control-max-age 600 allow GET, OPTIONS content-length 0 date Mon, 15 Jul 2024 16:39:02 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H3	200	stattag.js Show response tzegilo.com/	17 KB 8 KB	172ms 85ms	Script application/javascript	172.67.193.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tzegilo.com/stattag.js Requested by Host: ofleafeona.com URL: https://ofleafeona.com/401/4378921 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2 Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:39:02 GMT content-encoding br cf-cache-status HIT last-modified Thu, 11 Jul 2024 10:23:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 437 etag W/"668fb2be-45d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxmWJKZRVCPaQZiktSqwaZZJcRMGGsnLaIUaUHw1qkBo0f3pUfkW1GzagmspMjUP6Wb2F27JO6bNYNwRSDl3qLQBbewmPSJt4hNA7B9qPwnqSs%2B%2B3kYguSJX4qWlIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a3b2faedc4a533d-LAX link <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin alt-svc h3=":443"; ma=86400
GET H2	200	4378921 Show response ofleafeona.com/500/	980 B 2 KB	235ms 234ms	XHR application/javascript	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ofleafeona.com/500/4378921?excludes=&oaid=08009a8fdebb4158fc42daab88a1d105&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=960&wy=960&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fww12.keepvid.works%2Fen%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.353.3 Requested by Host: ofleafeona.com URL: https://ofleafeona.com/401/4378921 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3177df7fc3e6c9ecd12a9cb7613cd602e2beb832d80b99916634a24839b69077 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Mon, 15 Jul 2024 16:39:02 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-length 980 x-trace-id c1df223840543d0e5e57b05caa5bcbb7 pragma no-cache server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model vary Origin content-type application/javascript access-control-allow-origin https://ww12.keepvid.works access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
POST H/1.1	200 OK	add Show response fleraprt.com/log/	12 B 488 B	653ms 209ms	XHR application/json	139.45.195.254 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b3801799-e9b1-424f-8a32-72869351fecb Requested by Host: tzegilo.com URL: https://tzegilo.com/stattag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7 Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 15 Jul 2024 16:39:02 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://ww12.keepvid.works Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 12
POST H/1.1	200 OK	add Show response fleraprt.com/async_log/	0 428 B	650ms 208ms	XHR text/plain	139.45.195.254 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b3801799-e9b1-424f-8a32-72869351fecb Requested by Host: tzegilo.com URL: https://tzegilo.com/stattag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 15 Jul 2024 16:39:02 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Origin https://ww12.keepvid.works Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 0
GET H2	200	e70ec426d37c1fdf802fa8780aaeb596.png offerimage.com/www/images/	37 KB 37 KB	253ms 95ms	Image image/png	2606:4700:10::6816:21ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://offerimage.com/www/images/e70ec426d37c1fdf802fa8780aaeb596.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 202a562d2e14b3584c80c90b219c4908159d9fd30dea880c2d8df3efd6da25b3 Request headers Referer https://ww12.keepvid.works/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:39:03 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 05:04:25 GMT server cloudflare age 41610 etag "667509d9-9342" vary Accept-Encoding content-type image/png cache-control max-age=86400 accept-ranges bytes timing-allow-origin * cf-ray 8a3b2fb4cb648406-LAX content-length 37698 expires Tue, 16 Jul 2024 05:05:33 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery1124011094186637386572 object| SocialShareKit function| search function| getOutput1 function| isValidURL function| onSubmit function| showInstallPromotion function| find_links function| newLink string| stype string| jsValue1 string| sid object| zfgstorage object| 7yjxv4vthg object| zfgformats object| syncCallbacks object| webpushlogs boolean| __lwkemfd9q__ number| __qwe33wweq__

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ww12.keepvid.works/	1969-12-31 23:59:59	Name: PHPSESSID Value: m6a6d5vj11lvqf7ub9m0rabgsp
			ww12.keepvid.works/	1969-12-31 23:59:59	Name: language Value: en
			cultergoy.com/	1970-01-20 22:05:47	Name: GL_UI4 Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgstVgvTW99B7LLTula2GmGLdW3dzXRq%2FOTL%2BdEUbQoHyCeszUkV7WDJ1lXx6p56WSjt7XGZveKldxXeiuxqffPEtZ2ar3SA%2FoUVtOo2Ld%2BTmHTo0O2XduRwRweA%2FXXnB3dXApCs3ImBzEGYshhqZluE3KZQOrUiJAdTkxBxag%2BiCGRdRO8dcHHFSxoKpPiDsS7ddfPYpNFRZFFcH8ZlD8Sj601IYqelUGI32DVKY898RcsDU5nTxcAGkz7z%2F9%2BiuFnDTKDs%2B1CJH9C%2Fgbc802c
			cultergoy.com/	1970-01-20 22:05:47	Name: GL_GI10 Value: eJwNzEEOgjAQBdDOLGgkGvMjB%2BAERBHZG%2FQEDQcgUEkTMm3a6vll9XZPKcXVEewCzre%2Bbdru0bTXfrcDreDRgGfBaRSX7VKbPGWbQBE8PMFRUA7T5j4%2BiptAM8r3Vhu7fmXxIAft7q9GbAZLwmHwMfi4D6BQEDh7rcFpqRToV1z%2BjmEgeg%3D%3D
			my.rtmark.net/	1970-01-21 06:49:57	Name: ID Value: 08009a8fdebb4158fc42daab88a1d105
			spirteddvaita.com/	1970-01-20 22:05:47	Name: GL_UI4 Value: eJw9jUFOwzAQRZMmTltoAiPlABwhTgpql4hNF9whcuxJaup4Kttt4fYYJJjVf19Pf5IkWdQPkF6LNWQX8QxPqtnzcde1e%2BSdks2W86YZux3GaxXfSlhr3wcxGAw5rPwsXOjDNYfNhBadlr0khSU8RuuvOVm62RzY4IRVJbA5GqaE5eDo5tHVGeRWzAjVAYUy6P3b0VFkNosPcpDx9iVmbWNOG1iQr7PqDti7tpfPalMkVVUkcH82Iozk5l6riGxyQiGkr7CSIuBE7guWCv0p0BmAjOr%2F%2Fd%2FfzPysQaHwqmVECkd034rNUZA%3D
			ofleafeona.com/	1970-01-21 06:49:57	Name: OAID Value: 08009a8fdebb4158fc42daab88a1d105

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cultergoy.com
fleraprt.com
maxcdn.bootstrapcdn.com
my.rtmark.net
offerimage.com
ofleafeona.com
tzegilo.com
ww12.keepvid.works
104.18.10.207
139.45.195.254
139.45.195.8
139.45.197.244
172.67.193.52
193.218.118.205
23.109.170.230
2606:4700:10::6816:21ac
2607:f8b0:4006:80a::200a
0458fa0033848d1a830c91ade83e2692154c2e9836eaf7974fd4803d656f6efc
202a562d2e14b3584c80c90b219c4908159d9fd30dea880c2d8df3efd6da25b3
3177df7fc3e6c9ecd12a9cb7613cd602e2beb832d80b99916634a24839b69077
40c5732bf1fcad7088e859d723a3ecda8e9284c290df45af3ee0e6cc2e96a02d
46ee7527ab09e2811dc5cea4ee428c5ec380b67b785bc72a88e5ab1a8c0bddd7
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5666e4ed23ccc309458d3815bd48bd2dc1e390e5e600e521c0b140ca41211173
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
7677854d9f6d26d9b5e7e4118b82ae08915891e0351d1ad47436ab0f1cde4491
7824372caba242b82f290f8cff1966601ffc052c2f66cc1fb26d02cfd014a72f
8999b18b7b370af9fef7fc290a2861914ad02219d63e51f958870e54e4e54167
c5e0dfe7c67c57b81ccbe43199f96b6fb5c63a216b6bb4a8ca9de8d32d24a174
dd3b1ba52ff77fd3e8462862d2d27af322e800cb003027e925139ab8373c8429
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd9b012f2a01a5a059c5d435303366fb11c383fb3b07b045e5547c8978f6e4e
f2b949e862847b53071083701abb12209d3e608ab29a35836354106dbbaf3644
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fbe0a51470b60a1afac1ce2c1ad37162316cc4f574b0bef5041cdea1006eca71
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7