vertiqui.com Open in urlscan Pro
116.202.161.246 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://6trck.xyz/go/1?pub_id=p_1885&feed_id=p_1223&source=kissasian.la&sub_id=16421
Effective URL:
https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr
Submission: On October 26 via api (October 26th 2024, 8:56:12 am UTC) from LU — Scanned from GB

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 14 domains to perform 38 HTTP transactions. The main IP is 116.202.161.246, located in and belongs to . The main domain is vertiqui.com.
TLS certificate: Issued by R10 on September 24th 2024. Valid for: 3 months.

This is the only time vertiqui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.214.244.181 173.214.244.181	15317 (SERVEREL-AS) (SERVEREL-AS)
1 1	144.76.106.61 144.76.106.61	24940 (HETZNER-AS) (HETZNER-AS)
5	23.158.56.123 23.158.56.123	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a01:4f8:1c1e... 2a01:4f8:1c1e:d90d::1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.4.41.114 46.4.41.114	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2400:52e0:1e0... 2400:52e0:1e00::860:1	60068 (CDN77 _) (CDN77 _)
1	138.199.37.232 138.199.37.232	60068 (CDN77 _) (CDN77 _)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	193.108.117.211 193.108.117.211	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1	2a01:4f8:172:... 2a01:4f8:172:1d2e::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.4.115.66 46.4.115.66	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:440... 2606:4700:4400::ac40:986a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	136.243.42.50 136.243.42.50	24940 (HETZNER-AS) (HETZNER-AS)
2	116.202.161.246 116.202.161.246	() ()
38	11

1 173.214.244.181 (United States) 1 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.244.181.serverel.net

6trck.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.106.61 (Hamm, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.61.106.76.144.clients.your-server.de

news-xcicila.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.158.56.123 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 123-56-158-23.clients.gthost.com

60311daf9a.news-xvokiga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:1c1e:d90d::1 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.114 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-203.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::860:1 (Germany) 1 redirects

ASN60068 (CDN77 _, GB)

icon.eu.awmndw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.232 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 138-199-37-232.bunnyinfra.net

cdn4.eu.mndx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.108.117.211 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 211-117-108-193.clients.gthost.com

df3ff6618d.news-xboyale.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:172:1d2e::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.115.66 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-102.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 136.243.42.50 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.50.42.243.136.clients.your-server.de

eec51ad693.news-xmagoga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.161.246 (None, )

ASN- ()

vertiqui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	news-xmagoga.com 1 redirects eec51ad693.news-xmagoga.com	90 KB
5	news-xboyale.site df3ff6618d.news-xboyale.site	82 KB
5	news-xvokiga.com 60311daf9a.news-xvokiga.com	97 KB
4	gstatic.com fonts.gstatic.com	73 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
2	vertiqui.com vertiqui.com	895 B
2	cdn.house 2 redirects img.cdn.house — Cisco Umbrella Rank: 10094	348 B
2	partners-show.com show.partners-show.com — Cisco Umbrella Rank: 21055	3 KB
1	adskeeper.com s-img.adskeeper.com — Cisco Umbrella Rank: 33028	5 KB
1	mndx1.com cdn4.eu.mndx1.com — Cisco Umbrella Rank: 39494	53 KB
1	awmndw.com 1 redirects icon.eu.awmndw.com — Cisco Umbrella Rank: 224067	413 B
1	news-xcicila.com 1 redirects news-xcicila.com	288 B
1	6trck.xyz 1 redirects 6trck.xyz	112 B
0	kloiyeq.click Failed jbgf.kloiyeq.click Failed
38	14

	Domain	Requested by
14	eec51ad693.news-xmagoga.com	1 redirects df3ff6618d.news-xboyale.site eec51ad693.news-xmagoga.com
5	df3ff6618d.news-xboyale.site	60311daf9a.news-xvokiga.com df3ff6618d.news-xboyale.site
5	60311daf9a.news-xvokiga.com	60311daf9a.news-xvokiga.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	client
2	vertiqui.com	eec51ad693.news-xmagoga.com
2	img.cdn.house	2 redirects
2	show.partners-show.com	60311daf9a.news-xvokiga.com df3ff6618d.news-xboyale.site eec51ad693.news-xmagoga.com
1	s-img.adskeeper.com
1	cdn4.eu.mndx1.com
1	icon.eu.awmndw.com	1 redirects
1	news-xcicila.com	1 redirects
1	6trck.xyz	1 redirects
0	jbgf.kloiyeq.click Failed	vertiqui.com
38	14

This site contains no links.

Subject Issuer	Validity	Valid
*.news-xvokiga.com E5	`2024-08-29` - `2024-11-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
show.partners-show.com E6	`2024-09-13` - `2024-12-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.news-xboyale.site E6	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.news-xmagoga.com E6	`2024-08-29` - `2024-11-27`	3 months	crt.sh
vertiqui.com R10	`2024-09-24` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Frame: https://jbgf.kloiyeq.click/video-template?tag_id=120123&cl=1&click=1&nrd=1&utm_source=smtr&r=1&ver=
Frame ID: B893396A064833A0BC58C4002706D0FC
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading

Page URL History Show full URLs

https://6trck.xyz/go/1?pub_id=p_1885&feed_id=p_1223&source=kissasian.la&sub_id=16421 HTTP 302
https://news-xcicila.com/tds?id=1218717451&p1=smtr HTTP 302
https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43 Page URL
https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc... Page URL
https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=sm... Page URL
https://eec51ad693.news-xmagoga.com/tb?i=2&id=1218717451&land=39&monetization=user&p1=smtr&p2=&p3=&p4=&traceId=a... HTTP 302
https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr Page URL

Page Statistics

38
Requests

89 %
HTTPS

40 %
IPv6

14
Domains

14
Subdomains

11
IPs

2
Countries

406 kB
Transfer

864 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://6trck.xyz/go/1?pub_id=p_1885&feed_id=p_1223&source=kissasian.la&sub_id=16421 HTTP 302
https://news-xcicila.com/tds?id=1218717451&p1=smtr HTTP 302
https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43 Page URL
https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad Page URL
https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43 Page URL
https://eec51ad693.news-xmagoga.com/tb?i=2&id=1218717451&land=39&monetization=user&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&type=reject&fingerprint=4bc2da160225e238c838fc45742b244b HTTP 302
https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://6trck.xyz/go/1?pub_id=p_1885&feed_id=p_1223&source=kissasian.la&sub_id=16421 HTTP 302
https://news-xcicila.com/tds?id=1218717451&p1=smtr HTTP 302
https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Request Chain 10

https://img.cdn.house/i/1/zChevebpDF25EwlaH3c6dNlb44rQwJ_lgNDpPviuHWSRuf39FlX24dpZgEdIidS1hs69oDzXRjAPcJBUdlLUBQIMGz9gxNTfaT8sZa1fB4hK2K0VETluqxOuelCD5UWVMdTn3fsp9uxdGwBkb0FfoApB6A-N7fDgjyc2oDUznqzFmFZsYn_31jVxe4FVhkXLCysUBCEwaigE8ObS-DC6UphMkVi6coH-zyYxrhMOopW2e7d1DB4hPV4cGmqc-pPsEbPcKS__fHQCXGLT1o0U0dDB?inpage.template=retro_main HTTP 307
https://icon.eu.awmndw.com/v2/894/23965da7-9378-11ef-a56f-008cfaf38376/1/ic HTTP 302
https://cdn4.eu.mndx1.com/icon_7280374026662407_1456.png

Request Chain 23

https://img.cdn.house/i/1/HjUEDCXkRDpCN51Lt6GeT1abKzu1o5a_vl1YjyzBvTfLts-2RysCi1rP84JkESqLu9ImNIqOrlUj5Tc-7HPEKYT0HTX75MifngpofHsZdWrtGSQ7Ynpy6SR0PEHWx7qdHKUhUsRM-c1lV7wNwrKOx78X9ONCsLgDovWvaFhCNClFLDgQRPjW29r6z4rAySQyBNGqCPqckEbEfp-RF3hBG8YBudw1j_qVShbxnfXGM873G7esa868IsYUyQmDCeplkq3gOHY6ROKi6U5Oqnufa1pU1Qw86VlcUf5gPIprHSAnMv9nKYM9jTHr-BnEz9fOdblDaQ_P0X7wcNlVFSxYiCAnR0KlDOgJsAsxsEyFpbhFhJVlNtkj2e1D8Q29RnvSdbuCesDeMAGtMo0JFX6fyC0-T6m4gBg1h0lIdspOEQHKuv0FxbDfdADuVpjKW4h3bUZFPgayUp_mHl41GdieCQhzK-OpFg==?inpage.template=retro_main HTTP 307
https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1729932969-UNSDQcx6GKGh_wRbmqtgUXXWJa3hNQFUS08IFR17iz8

38 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
60311daf9a.news-xvokiga.com/
Redirect Chain

https://6trck.xyz/go/1?pub_id=p_1885&feed_id=p_1223&source=kissasian.la&sub_id=16421
https://news-xcicila.com/tds?id=1218717451&p1=smtr
https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

49 KB
49 KB

249ms
58ms

Document
text/html

23.158.56.123
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

123-56-158-23.clients.gthost.com

Software

nginx /

Resource Hash

5772d1a1d7065179b65d0797f00b8befeb478cfadbe9504c476dae695d5b18ec

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218

Response headers

accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 08:56:06 GMT
server: nginx
vary: Origin
x-frame-options: DENY

Redirect headers

accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-length: 0
date: Sat, 26 Oct 2024 08:56:06 GMT
location: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
60311daf9a.news-xvokiga.com/ 50 KB
20 KB 45ms
44ms Script
application/javascript 23.158.56.123
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://60311daf9a.news-xvokiga.com/revopush_v2.js
Requested by: Host: 60311daf9a.news-xvokiga.com
URL: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 123-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: 5d18da2b99ee5284c5e3ea1f75524876e5849e74f076b043363e212f2e8440bb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

content-encoding: gzip
etag: "671901ba-50db"
accept-ranges: bytes
content-length: 20699
date: Sat, 26 Oct 2024 08:56:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 process.js Show response
60311daf9a.news-xvokiga.com/ 27 KB
10 KB 45ms
44ms Script
application/javascript 23.158.56.123
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://60311daf9a.news-xvokiga.com/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Requested by: Host: 60311daf9a.news-xvokiga.com
URL: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 123-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: fc4e7cba1184f1db26fdb242b7a503b0bdadc85bd21a10a83d1cff7fad2379b4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Sat, 26 Oct 2024 08:56:06 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 landsw_v2.js
60311daf9a.news-xvokiga.com/ 0
6 KB 66ms
66ms Other
application/javascript 23.158.56.123
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://60311daf9a.news-xvokiga.com/landsw_v2.js
Requested by: Host: 60311daf9a.news-xvokiga.com
URL: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 123-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

content-encoding: gzip
etag: "671901ba-1611"
accept-ranges: bytes
content-length: 5649
date: Sat, 26 Oct 2024 08:56:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 314.js Show response
60311daf9a.news-xvokiga.com/ 96 KB
12 KB 44ms
44ms Script
application/javascript 23.158.56.123
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://60311daf9a.news-xvokiga.com/314.js
Requested by: Host: 60311daf9a.news-xvokiga.com
URL: https://60311daf9a.news-xvokiga.com/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 123-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: eef8cf6b8f2ecc33364a48a2899a60ab0858e550880da7d23a2207cb3b09487b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

content-encoding: gzip
etag: "671901ba-2e63"
accept-ranges: bytes
content-length: 11875
date: Sat, 26 Oct 2024 08:56:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 204ms
59ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://60311daf9a.news-xvokiga.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 08:56:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:56:07 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H/1.1 200
OK / Show response
show.partners-show.com/api/v1/inpage/show/ 997 B
1 KB 601ms
444ms Fetch
application/json 2a01:4f8:1c1e:d90d::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=135548&subacc=1218717451&sub1=smtr&adult=true&traffic=2&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&limit=1
Requested by: Host: 60311daf9a.news-xvokiga.com
URL: https://60311daf9a.news-xvokiga.com/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:1c1e:d90d::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6d72880348693b009ca6f166c584028f509a8b0b4d313d7f8f62eda67f897154

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Content-Type: text/plain;charset=UTF-8
Referer: https://60311daf9a.news-xvokiga.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: close
Access-Control-Allow-Origin: https://60311daf9a.news-xvokiga.com
Date: Sat, 26 Oct 2024 08:56:07 GMT
Content-Type: application/json
Vary: Origin
Server: nginx

GET
H2

200

icon_7280374026662407_1456.png
cdn4.eu.mndx1.com/
Redirect Chain

https://img.cdn.house/i/1/zChevebpDF25EwlaH3c6dNlb44rQwJ_lgNDpPviuHWSRuf39FlX24dpZgEdIidS1hs69oDzXRjAPcJBUdlLUBQIMGz9gxNTfaT8sZa1fB4hK2K0VETluqxOuelCD5UWVMdTn3fsp9uxdGwBkb0FfoApB6A-N7fDgjyc2oDUznqz...
https://icon.eu.awmndw.com/v2/894/23965da7-9378-11ef-a56f-008cfaf38376/1/ic
https://cdn4.eu.mndx1.com/icon_7280374026662407_1456.png

52 KB
53 KB

251ms
62ms

Image
image/png

138.199.37.232
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.eu.mndx1.com/icon_7280374026662407_1456.png
Protocol: H2
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-37-232.bunnyinfra.net
Software: BunnyCDN-DE1-874 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://60311daf9a.news-xvokiga.com/

Response headers

cdn-status: 200
date: Sat, 26 Oct 2024 08:56:08 GMT
x-rgw-object-type: Normal
content-type: image/png
cdn-cachedat: 09/24/2024 13:20:21
last-modified: Wed, 11 Sep 2024 15:58:17 GMT
cdn-requestpullcode: 206
x-cache-status: HIT, HIT
cdn-cache: HIT
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
pragma: public
cdn-uid: 5ceed8e7-cd08-4fa9-9fd5-2c309512d291
cdn-requestid: a9d694e97be812554822be48e198c5b9
cdn-pullzone: 1056326
cdn-proxyver: 1.04
accept-ranges: bytes
content-length: 53566
cdn-edgestorageid: 863
server: BunnyCDN-DE1-874
cdn-requestcountrycode: GB

Redirect headers

cdn-status: 302
date: Sat, 26 Oct 2024 08:56:08 GMT
cdn-cache: MISS
cdn-cachedat: 10/26/2024 08:56:08
cdn-requestpullcode: 302
cache-control: no-store, must-revalidate, no-cache, max-age=0
location: https://cdn4.eu.mndx1.com/icon_7280374026662407_1456.png
cdn-requestpullsuccess: True
pragma: no-cache
cdn-uid: 5ceed8e7-cd08-4fa9-9fd5-2c309512d291
cdn-requestid: 461c71666d288ccf40747c9b2f7b3174
cdn-pullzone: 1117332
cdn-proxyver: 1.05
cdn-requesttime: 0
content-length: 0
cdn-edgestorageid: 860
server: BunnyCDN-DE1-860
cdn-requestcountrycode: GB

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 171ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Origin: https://60311daf9a.news-xvokiga.com
Referer: https://fonts.googleapis.com/

Response headers

age: 371602
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 171ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Origin: https://60311daf9a.news-xvokiga.com
Referer: https://fonts.googleapis.com/

Response headers

age: 329845
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
df3ff6618d.news-xboyale.site/ 49 KB
34 KB 368ms
62ms Document
text/html 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad

Requested by

Host: 60311daf9a.news-xvokiga.com
URL: https://60311daf9a.news-xvokiga.com/revopush_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

211-117-108-193.clients.gthost.com

Software

nginx /

Resource Hash

f0a4e72bcf93b6f4f72fe5c79e1ab8659dd31a692de53490408093227d7c04ff

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://60311daf9a.news-xvokiga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 08:56:08 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
df3ff6618d.news-xboyale.site/ 50 KB
20 KB 64ms
60ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://df3ff6618d.news-xboyale.site/revopush_v2.js
Requested by: Host: df3ff6618d.news-xboyale.site
URL: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 5d18da2b99ee5284c5e3ea1f75524876e5849e74f076b043363e212f2e8440bb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad

Response headers

content-encoding: gzip
etag: "671901ba-50db"
accept-ranges: bytes
content-length: 20699
date: Sat, 26 Oct 2024 08:56:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 process.js Show response
df3ff6618d.news-xboyale.site/ 27 KB
10 KB 65ms
62ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://df3ff6618d.news-xboyale.site/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Requested by: Host: df3ff6618d.news-xboyale.site
URL: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 78ad9291aaaa9a197184f8d32e4c91ef9f3d787feb27d7e3a5e01b7b79408766

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Sat, 26 Oct 2024 08:56:08 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 landsw_v2.js
df3ff6618d.news-xboyale.site/ 0
6 KB 42ms
38ms Other
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://df3ff6618d.news-xboyale.site/landsw_v2.js
Requested by: Host: df3ff6618d.news-xboyale.site
URL: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad

Response headers

content-encoding: gzip
etag: "671901ba-1611"
accept-ranges: bytes
content-length: 5649
date: Sat, 26 Oct 2024 08:56:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 314.js Show response
df3ff6618d.news-xboyale.site/ 96 KB
12 KB 47ms
47ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://df3ff6618d.news-xboyale.site/314.js
Requested by: Host: df3ff6618d.news-xboyale.site
URL: https://df3ff6618d.news-xboyale.site/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: eef8cf6b8f2ecc33364a48a2899a60ab0858e550880da7d23a2207cb3b09487b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad

Response headers

content-encoding: gzip
etag: "671901ba-2e63"
accept-ranges: bytes
content-length: 11875
date: Sat, 26 Oct 2024 08:56:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 208ms
66ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://df3ff6618d.news-xboyale.site/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 08:56:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:56:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H/1.1 200
OK / Show response
show.partners-show.com/api/v1/inpage/show/ 2 KB
1 KB 565ms
387ms Fetch
application/json 2a01:4f8:172:1d2e::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=135548&subacc=1218717451&sub1=smtr&adult=true&traffic=2&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&limit=1
Requested by: Host: df3ff6618d.news-xboyale.site
URL: https://df3ff6618d.news-xboyale.site/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:172:1d2e::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7cde7a3b2f5ecbbb7092c0bb9fcab2ab73c4d9ef94bf53157acdd492d73a8c82

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Content-Type: text/plain;charset=UTF-8
Referer: https://df3ff6618d.news-xboyale.site/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
Connection: close
Access-Control-Allow-Origin: https://df3ff6618d.news-xboyale.site
Date: Sat, 26 Oct 2024 08:56:09 GMT
Content-Type: application/json
Vary: Origin
Server: nginx

GET
H3

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp
s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/
Redirect Chain

https://img.cdn.house/i/1/HjUEDCXkRDpCN51Lt6GeT1abKzu1o5a_vl1YjyzBvTfLts-2RysCi1rP84JkESqLu9ImNIqOrlUj5Tc-7HPEKYT0HTX75MifngpofHsZdWrtGSQ7Ynpy6SR0PEHWx7qdHKUhUsRM-c1lV7wNwrKOx78X9ONCsLgDovWvaFhCNCl...
https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1729932969-UNSDQcx6GKGh_...

5 KB
5 KB

306ms
105ms

Image
image/webp

2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1729932969-UNSDQcx6GKGh_wRbmqtgUXXWJa3hNQFUS08IFR17iz8

Protocol

Server

2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://df3ff6618d.news-xboyale.site/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 819187
x-mg-request-uuid: a58c67e0-56aa-4d4f-a2d2-465c5098793c
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:56:10 GMT
content-type: image/webp
last-modified: Tue, 09 Aug 2022 16:05:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8d893b47ad10772b-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5166
server: cloudflare

Redirect headers

location: https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1729932969-UNSDQcx6GKGh_wRbmqtgUXXWJa3hNQFUS08IFR17iz8
content-length: 0
date: Sat, 26 Oct 2024 08:56:09 GMT
server: nginx

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 154ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Origin: https://df3ff6618d.news-xboyale.site
Referer: https://fonts.googleapis.com/

Response headers

age: 371605
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 152ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Origin: https://df3ff6618d.news-xboyale.site
Referer: https://fonts.googleapis.com/

Response headers

age: 329848
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
eec51ad693.news-xmagoga.com/ 4 KB
4 KB 301ms
48ms Document
text/html 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Requested by

Host: df3ff6618d.news-xboyale.site
URL: https://df3ff6618d.news-xboyale.site/revopush_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.42.243.136.clients.your-server.de

Software

nginx /

Resource Hash

7ecbbc149cf28569639ff398692c12b11d02a88cc58207f03757be6d08c1614a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://df3ff6618d.news-xboyale.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 08:56:12 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
eec51ad693.news-xmagoga.com/ 50 KB
20 KB 97ms
95ms Script
application/javascript 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eec51ad693.news-xmagoga.com/revopush_v2.js
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 5d18da2b99ee5284c5e3ea1f75524876e5849e74f076b043363e212f2e8440bb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

content-encoding: gzip
etag: "671901ba-50db"
accept-ranges: bytes
content-length: 20699
date: Sat, 26 Oct 2024 08:56:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 process.js Show response
eec51ad693.news-xmagoga.com/ 27 KB
10 KB 132ms
131ms Script
application/javascript 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eec51ad693.news-xmagoga.com/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b5450faf30d1a3cc82f3f010b5e8f3febb65447ffa14a206741fd9314cada191

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Sat, 26 Oct 2024 08:56:12 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 icon1.png
eec51ad693.news-xmagoga.com/lands/39/img/ 7 KB
7 KB 131ms
130ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon1.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 7252
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-1c54"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 icon2.png
eec51ad693.news-xmagoga.com/lands/39/img/ 4 KB
5 KB 132ms
131ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon2.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 4576
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-11e0"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 icon3.png
eec51ad693.news-xmagoga.com/lands/39/img/ 8 KB
8 KB 92ms
74ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon3.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 7847
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-1ea7"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 icon4.png
eec51ad693.news-xmagoga.com/lands/39/img/ 7 KB
7 KB 93ms
76ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon4.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 7032
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-1b78"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 icon5.png
eec51ad693.news-xmagoga.com/lands/39/img/ 3 KB
3 KB 61ms
44ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon5.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 3264
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-cc0"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 icon7.png
eec51ad693.news-xmagoga.com/lands/39/img/ 3 KB
3 KB 92ms
75ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon7.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 3283
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-cd3"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 icon8.png
eec51ad693.news-xmagoga.com/lands/39/img/ 4 KB
4 KB 91ms
75ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/img/icon8.png
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 4064
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-fe0"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 landsw_v2.js
eec51ad693.news-xmagoga.com/ 0
6 KB 89ms
76ms Other
application/javascript 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eec51ad693.news-xmagoga.com/landsw_v2.js
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

content-encoding: gzip
etag: "671901ba-1611"
accept-ranges: bytes
content-length: 5649
date: Sat, 26 Oct 2024 08:56:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 314.js Show response
eec51ad693.news-xmagoga.com/ 96 KB
12 KB 70ms
68ms Script
application/javascript 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eec51ad693.news-xmagoga.com/314.js
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/process.js?id=1218717451&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: eef8cf6b8f2ecc33364a48a2899a60ab0858e550880da7d23a2207cb3b09487b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

content-encoding: gzip
etag: "671901ba-2e63"
accept-ranges: bytes
content-length: 11875
date: Sat, 26 Oct 2024 08:56:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 191ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 08:56:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:56:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST /
show.partners-show.com/api/v1/inpage/show/ 0
0

GET
H2 200 favicon.png
eec51ad693.news-xmagoga.com/lands/39/ 589 B
709 B 48ms
47ms Other
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eec51ad693.news-xmagoga.com/lands/39/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43

Response headers

accept-ranges: bytes
content-length: 589
date: Sat, 26 Oct 2024 08:56:12 GMT
etag: "671901ba-24d"
content-type: image/png
last-modified: Wed, 23 Oct 2024 14:01:30 GMT
server: nginx

GET
H2

200

Primary Request BhJ9m2Zh2pE=
vertiqui.com/
Redirect Chain

https://eec51ad693.news-xmagoga.com/tb?i=2&id=1218717451&land=39&monetization=user&p1=smtr&p2=&p3=&p4=&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&type=reject&fingerprint=4bc2da160225e238c838fc457...
https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr

1 KB
777 B

274ms
102ms

Document
text/html

116.202.161.246

General

Check archive.org

Show headers Download Go to

Full URL: https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr
Requested by: Host: eec51ad693.news-xmagoga.com
URL: https://eec51ad693.news-xmagoga.com/revopush_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.161.246 -, , ASN (),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash

Request headers

Referer: https://eec51ad693.news-xmagoga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 08:56:12 GMT
server: nginx/1.24.0

Redirect headers

accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-length: 0
date: Sat, 26 Oct 2024 08:56:13 GMT
location: https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr
server: nginx
vary: Origin

GET video-template
jbgf.kloiyeq.click/ 0
0

GET
H2 200 favicon.ico
vertiqui.com/ 0
118 B 52ms
51ms Other
text/plain 116.202.161.246

General

Check archive.org

Show headers Download Go to

Full URL: https://vertiqui.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.161.246 -, , ASN (),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 OPR/75.0.3969.218
Referer: https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr

Response headers

accept-ranges: bytes
content-length: 0
date: Sat, 26 Oct 2024 08:56:12 GMT
content-type: text/plain; charset=utf-8
last-modified: Mon, 21 Oct 2024 11:14:12 GMT
server: nginx/1.24.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: show.partners-show.com
URL: https://show.partners-show.com/api/v1/inpage/show/?uid=135548&subacc=1218717451&sub1=smtr&adult=true&traffic=2&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&limit=1

Domain: jbgf.kloiyeq.click
URL: https://jbgf.kloiyeq.click/video-template?tag_id=120123&cl=1&click=1&nrd=1&utm_source=smtr&r=1&ver=

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://60311daf9a.news-xvokiga.com/?drs=16&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0509001D4200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://df3ff6618d.news-xboyale.site/?drs=80&i=1&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43&fingerprint=aa9aae90b6292541551d9e7950d603ad Message: [GroupMarkerNotSet(crbug.com/242999)!:A040BA01D4200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://eec51ad693.news-xmagoga.com/?drs=82&fingerprint=aa9aae90b6292541551d9e7950d603ad&i=2&id=1218717451&p1=smtr&traceId=a21ee960-ad25-4257-8a1d-c594aacfdc43 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0509001D4200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://vertiqui.com/BhJ9m2Zh2pE=?utm_source=smtr Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0BA01D4200000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60311daf9a.news-xvokiga.com
6trck.xyz
cdn4.eu.mndx1.com
df3ff6618d.news-xboyale.site
eec51ad693.news-xmagoga.com
fonts.googleapis.com
fonts.gstatic.com
icon.eu.awmndw.com
img.cdn.house
jbgf.kloiyeq.click
news-xcicila.com
s-img.adskeeper.com
show.partners-show.com
vertiqui.com
jbgf.kloiyeq.click
show.partners-show.com
116.202.161.246
136.243.42.50
138.199.37.232
144.76.106.61
173.214.244.181
193.108.117.211
23.158.56.123
2400:52e0:1e00::860:1
2606:4700:4400::ac40:986a
2a00:1450:4001:80f::2003
2a00:1450:4001:830::200a
2a01:4f8:172:1d2e::2
2a01:4f8:1c1e:d90d::1
46.4.115.66
46.4.41.114
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5
5772d1a1d7065179b65d0797f00b8befeb478cfadbe9504c476dae695d5b18ec
5d18da2b99ee5284c5e3ea1f75524876e5849e74f076b043363e212f2e8440bb
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
6d72880348693b009ca6f166c584028f509a8b0b4d313d7f8f62eda67f897154
78ad9291aaaa9a197184f8d32e4c91ef9f3d787feb27d7e3a5e01b7b79408766
7cde7a3b2f5ecbbb7092c0bb9fcab2ab73c4d9ef94bf53157acdd492d73a8c82
7ecbbc149cf28569639ff398692c12b11d02a88cc58207f03757be6d08c1614a
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
b5450faf30d1a3cc82f3f010b5e8f3febb65447ffa14a206741fd9314cada191
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
eef8cf6b8f2ecc33364a48a2899a60ab0858e550880da7d23a2207cb3b09487b
f0a4e72bcf93b6f4f72fe5c79e1ab8659dd31a692de53490408093227d7c04ff
fc4e7cba1184f1db26fdb242b7a503b0bdadc85bd21a10a83d1cff7fad2379b4

vertiqui.com Open in urlscan Pro 116.202.161.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

38 Requests

89 %HTTPS

40 %IPv6

14 Domains

14 Subdomains

11 IPs

2 Countries

406 kBTransfer

864 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vertiqui.com Open in urlscan Pro
116.202.161.246 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

89 %
HTTPS

40 %
IPv6

14
Domains

14
Subdomains

11
IPs

2
Countries

406 kB
Transfer

864 kB
Size

0
Cookies

38 HTTP transactions
6 data transactions