urlscan.io logo urlscan.io
SecurityTrails logo

hotdrinks3.xyz Open in urlscan Pro
173.214.240.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxheh...
Effective URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMS...
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 12 domains to perform 20 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is hotdrinks3.xyz.
TLS certificate: Issued by E6 on June 20th 2024. Valid for: 3 months.
This is the only time hotdrinks3.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 8 173.214.240.15 15317 (SERVEREL-AS)
2 2a00:1450:400... 15169 (GOOGLE)
5 5 199.182.164.180 15317 (SERVEREL-AS)
2 5 104.19.131.76 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 7 104.19.132.76 13335 (CLOUDFLAR...)
1 172.64.152.106 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
20 8
8    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
todayposts3.xyz
freetrckr.com
globaltelegraph2.xyz
hotdrinks3.xyz
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.rexsrv.com
xml.galaxypush.com
xml.pushsupreme.com
5    104.19.131.76 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    104.19.132.76 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
1    172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.com
1    2606:4700:3038::6815:eabe (United States)

ASN13335 (CLOUDFLARENET, US)
notifypicture.info
Apex Domain
Subdomains		 Transfer
12 mgid.com
c.mgid.com — Cisco Umbrella Rank: 5892
s-img.mgid.com — Cisco Umbrella Rank: 8542
35 KB
4 gstatic.com
fonts.gstatic.com
63 KB
3 globaltelegraph2.xyz
globaltelegraph2.xyz
3 KB
2 hotdrinks3.xyz
hotdrinks3.xyz
3 KB
2 galaxypush.com
xml.galaxypush.com — Cisco Umbrella Rank: 140711
1 KB
2 rexsrv.com
xml.rexsrv.com — Cisco Umbrella Rank: 77461
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
2 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 672301
679 B
1 pushsupreme.com
xml.pushsupreme.com
669 B
1 notifypicture.info
notifypicture.info — Cisco Umbrella Rank: 45355 Failed
68 KB
1 adskeeper.com
c.adskeeper.com Failed
s-img.adskeeper.com — Cisco Umbrella Rank: 27266
17 KB
1 todayposts3.xyz
todayposts3.xyz
120 B
20 12
Domain Requested by
7 s-img.mgid.com globaltelegraph2.xyz
hotdrinks3.xyz
5 c.mgid.com 5 redirects
4 fonts.gstatic.com fonts.googleapis.com
3 globaltelegraph2.xyz 1 redirects globaltelegraph2.xyz
2 hotdrinks3.xyz 1 redirects globaltelegraph2.xyz
2 xml.galaxypush.com 2 redirects
2 xml.rexsrv.com 2 redirects
2 fonts.googleapis.com globaltelegraph2.xyz
hotdrinks3.xyz
2 freetrckr.com 2 redirects
1 xml.pushsupreme.com 1 redirects
1 notifypicture.info hotdrinks3.xyz
1 s-img.adskeeper.com hotdrinks3.xyz
1 todayposts3.xyz 1 redirects
0 c.adskeeper.com Failed hotdrinks3.xyz
20 14

This site contains no links.

Subject Issuer Validity Valid
newstodai3.xyz
E6		 2024-06-20 -
2024-09-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
mgid.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh
notifypicture.info
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: F03503720D48A985335FC57A1F35C561
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

  1. http://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymi... HTTP 307
    https://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
    https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJT... Page URL
  2. https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
    https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJT... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

65 %
HTTPS

38 %
IPv6

12
Domains

14
Subdomains

8
IPs

3
Countries

188 kB
Transfer

227 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylwvmzdvkztkwzdzizju3owm1n2u1zwq5zwuyndg2njfhltm5njktmc4wmdazmsuymiu1rcu3ra%3d%3d&t=1719117294534&rnd=459022078&j...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 307
    https://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylwvmzdvkztkwzdzizju3owm1n2u1zwq5zwuyndg2njfhltm5njktmc4wmdazmsuymiu1rcu3ra%3d%3d&t=1719117294534&rnd=459022078&j...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 302
    https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
    https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
    https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylwvmzdvkztkwzdzizju3owm1n2u1zwq5zwuyndg2njfhltm5njktmc4wmdazmsuymiu1rcu3ra%3d%3d&t=1719117294534&rnd=459022078&j...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 307
  • https://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylwvmzdvkztkwzdzizju3owm1n2u1zwq5zwuyndg2njfhltm5njktmc4wmdazmsuymiu1rcu3ra%3d%3d&t=1719117294534&rnd=459022078&j...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 302
  • https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
  • https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://globaltelegraph2.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0Q0YzE5MzZiZmU3Y2UwZGFmZjZjYmM1NGZjYjk5YzRhYiUyNnJuZCUzRDgzNDkyOTc1&t=1719210233614&rnd=427244316&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=4c1936bfe7ce0daff6cbc54fcb99c4ab&rnd=83492975 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|wCsUxmj0rLwpazoJ_afortKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWduq1lUHp4x9zrb7uocsbPb2g*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPjLFZzOT523qmMjFh_0rjea0Jt5uxsOZnn_umJOxMgRJ&rid=536cec03-31f2-11ef-a80f-c84bd6826564&psid=106643&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTIxMDIzMi1lR0dlOFdrNWt0c2FLcVlCc3FzMjZXRmlRUi1wMG1ISkUxd2VqTlFBY1Fr HTTP 301
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210232-eGGe8Wk5ktsaKqYBsqs26WFiQR-p0mHJE1wejNQAcQk
Request Chain 4
  • https://xml.galaxypush.com/icon?sid=ad5654f8a47344914f277806ac9cbcff&rnd=26005875 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|wCsUxmj0rLwpazoJ_afortKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWduq1lUHp4x9zrb7uocsbPb2g*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPjLFZzOT523qmMjFh_0rjea0Jt5uxsOZnn_umJOxMgRJ&rid=536d4300-31f2-11ef-9ab8-c84bd68370c0&psid=670333&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTIxMDIzMi1lR0dlOFdrNWt0c2FLcVlCc3FzMjZXRmlRUi1wMG1ISkUxd2VqTlFBY1Fr HTTP 301
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210232-eGGe8Wk5ktsaKqYBsqs26WFiQR-p0mHJE1wejNQAcQk
Request Chain 9
  • https://hotdrinks3.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QzYTFlODg3ZjZlZDFhZGQyMWM4NjJhYzlhY2M0MzA2YiUyNnJuZCUzRDQ5MjQ0MDQz&t=1719210237440&rnd=72855058&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=3a1e887f6ed1add21c862ac9acc4306b&rnd=49244043 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdutpfZwGF6UkdBuJcxxAgaEI*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPvjmN7Rk0aYukCE8WCvqDgfIfhvvLuEJdyIec22M32EN&rid=55922d57-31f2-11ef-8e14-c84bd6836428&psid=106621&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTIxMDIzNS12QUVHS2FiU29EcXd5LVRmRkVRbkQ5V1FRdUQxZ1BVX1dlemdsaGN2alBj HTTP 301
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
Request Chain 10
  • https://nytoday1.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_533_3675_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaHN1cHJlbWUuY29tJTJGaWNvbiUzRnNpZCUzRDgwZTdlNWQ1NGY3N2I4ZjY3M2Q1MThhNjdkZGU0YWFiJTI2cm5kJTNEMzY2ODMxMTk%3D&t=1719210237440&rnd=596469236&i=1 HTTP 302
  • https://xml.pushsupreme.com/icon?sid=80e7e5d54f77b8f673d518a67dde4aab&rnd=36683119 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNMtf9ikaj_KfY53hGojn8vw7rqo0-lpoGpon1slvf5x-rWUMf2GWpr-w4P4fyHvfwYDlFbfXGuA6fUYc8Z5SBQ*&cid=1289986&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rid=5591fdf3-31f2-11ef-8e14-c84bd6836428&psid=1970623
Request Chain 13
  • https://xml.justpush.pro/icon?sid=704a35e9606dcea57dd3b2ddc38b07ba&rnd=363280767 HTTP 302
  • https://feed-33879.feedfinder23.info/api/push/track?id=4y-101xg4d&event=1&sig=80413f4cd70f73238ad876eac367c9&u=aHR0cHM6Ly9ub3RpZnlwaWN0dXJlLmluZm8vcC9jcmVhdGl2ZS1pY29uLzU1ODI1MC5wbmc%3D&time=1719210236 HTTP 302
  • https://notifypicture.info/p/creative-icon/558250.png
Request Chain 15
  • https://xml.pushsupreme.com/icon?sid=927de5a6c61f70d349586a1de95030ec&rnd=36683119 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNKhc6zYYPZvfOMkZ94XXRu1xqJc6ms7klagU3qILI0ZT7Yjim-xUWGVXYTAlDWdulallQYyG0CQXYo77sFvmR4*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPjLFZzOT523qmMjFh_0rjea0Jt5uxsOZnn_umJOxMgRJ&rid=5591f09b-31f2-11ef-8e14-c84bd6836428&psid=178021&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTIxMDIzNS12QUVHS2FiU29EcXd5LVRmRkVRbkQ5V1FRdUQxZ1BVX1dlemdsaGN2alBj HTTP 301
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
Request Chain 16
  • https://xml.galaxypush.com/icon?sid=3d5418635174c2d8e756eb62ace2cd04&rnd=38243578 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdutpfZwGF6UkdBuJcxxAgaEI*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPvjmN7Rk0aYukCE8WCvqDgfIfhvvLuEJdyIec22M32EN&rid=55923286-31f2-11ef-9ab8-c84bd68370c0&psid=670332&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTIxMDIzNS12QUVHS2FiU29EcXd5LVRmRkVRbkQ5V1FRdUQxZ1BVX1dlemdsaGN2alBj HTTP 301
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js
globaltelegraph2.xyz/
Redirect Chain
  • http://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylwvmzdvkztkwzdzizju3owm1n2u1zwq5...
  • https://todayposts3.xyz/event_6f67fdc7-3d71-7610-c7a8-b0fe92349c75_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylwvmzdvkztkwzdzizju3owm1n2u1zwq...
  • https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1
  • https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
6ed2fcbf1b16cef9adabc231d7345c0ba5fb644edf30b0a2b22d48bb3f9161f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 24 Jun 2024 06:23:53 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Mon, 24 Jun 2024 06:23:53 GMT
location
https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: globaltelegraph2.xyz
URL: https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://globaltelegraph2.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Jun 2024 06:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Jun 2024 04:24:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jun 2024 06:23:53 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain
  • https://globaltelegraph2.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0Q0YzE5MzZiZmU3Y2UwZGFmZjZjYmM1NGZjYjk5YzRhYiUyN...
  • https://xml.rexsrv.com/icon?sid=4c1936bfe7ce0daff6cbc54fcb99c4ab&rnd=83492975
  • https://c.mgid.com/c?pv=2&v=0|0|0|wCsUxmj0rLwpazoJ_afortKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWduq1lUHp4x9zrb7uocsbPb2g*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPjLFZzOT523qmMj...
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...
8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210232-eGGe8Wk5ktsaKqYBsqs26WFiQR-p0mHJE1wejNQAcQk
Requested by
Host: globaltelegraph2.xyz
URL: https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://globaltelegraph2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 06:23:54 GMT
cf-cache-status
HIT
last-modified
Mon, 20 May 2024 21:17:04 GMT
x-mg-request-uuid
cfadfc06-43d2-423e-87f4-2505d926d93a
server
cloudflare
age
2059429
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1bd18251ad4-FRA
content-length
8376
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 24 Jun 2024 06:23:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
6f2373fe-6bdd-49a8-b5b1-421693c080c8
server
cloudflare
location
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210232-eGGe8Wk5ktsaKqYBsqs26WFiQR-p0mHJE1wejNQAcQk
cf-ray
898aa1bd78e41ad4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/453x227/-/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My80MTAyNjU1OWQyYjU0ZDIxZjBmMzk3YzE4YjU3YmJkYy5qcGc.webp?v=1719210232-tKjkY2wSwcG5OEW9At_uHA31CgyL0Yfs_WYoNrXRmfc
Requested by
Host: globaltelegraph2.xyz
URL: https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://globaltelegraph2.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 06:23:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
2afe0285-a560-410f-9543-a7e6e5af0ead
age
8430270
alt-svc
h3=":443"; ma=86400
content-length
7736
last-modified
Mon, 18 Mar 2024 16:38:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1b8fb071ad4-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain
  • https://xml.galaxypush.com/icon?sid=ad5654f8a47344914f277806ac9cbcff&rnd=26005875
  • https://c.mgid.com/c?pv=2&v=0|0|0|wCsUxmj0rLwpazoJ_afortKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWduq1lUHp4x9zrb7uocsbPb2g*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPjLFZzOT523qmMj...
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210232-eGGe8Wk5ktsaKqYBsqs26WFiQR-p0mHJE1wejNQAcQk
Requested by
Host: globaltelegraph2.xyz
URL: https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://globaltelegraph2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 06:23:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
cfadfc06-43d2-423e-87f4-2505d926d93a
age
2059429
alt-svc
h3=":443"; ma=86400
content-length
8376
last-modified
Mon, 20 May 2024 21:17:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1bd18251ad4-FRA

Redirect headers

date
Mon, 24 Jun 2024 06:23:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
40a04370-7d13-47bf-b7f1-eb2501d5a54e
server
cloudflare
location
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210232-eGGe8Wk5ktsaKqYBsqs26WFiQR-p0mHJE1wejNQAcQk
cf-ray
898aa1bccfd61ad4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://globaltelegraph2.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:32:50 GMT
x-content-type-options
nosniff
age
211863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jun 2025 19:32:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://globaltelegraph2.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options
nosniff
age
488434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:43:19 GMT
event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_0_4001
globaltelegraph2.xyz/ 		114 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://globaltelegraph2.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjQ2Ny00YzE5MzZiZmU3Y2UwZGFmZjZjYmM1NGZjYjk5YzRhYi0zNzQ3LTAuMDAwNDU2JTIyJTVEJTdE&t=1719210233614&rnd=919247966&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: globaltelegraph2.xyz
URL: https://globaltelegraph2.xyz/sw_a1e0a425-06c1-14fe-e94c-c503a87a9abb_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
2c60fe2c9cfedf2c075729e2c04f490e6fab0d1e1c5975f0a9acc01cd4a9cca8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 06:23:55 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js
hotdrinks3.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1
  • https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: globaltelegraph2.xyz
URL: https://globaltelegraph2.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjQ2Ny00YzE5MzZiZmU3Y2UwZGFmZjZjYmM1NGZjYjk5YzRhYi0zNzQ3LTAuMDAwNDU2JTIyJTVEJTdE&t=1719210233614&rnd=919247966&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
e07198c500fae1294d6fb39039f9dc0c7f1fcfcaba500e2e0e15ccb764173343

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 24 Jun 2024 06:23:57 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Mon, 24 Jun 2024 06:23:56 GMT
location
https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hotdrinks3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Jun 2024 06:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Jun 2024 05:59:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jun 2024 06:23:57 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain
  • https://hotdrinks3.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QzYTFlODg3ZjZlZDFhZGQyMWM4NjJhYzlhY2M0MzA2YiUyNnJuZCU...
  • https://xml.rexsrv.com/icon?sid=3a1e887f6ed1add21c862ac9acc4306b&rnd=49244043
  • https://c.mgid.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdutpfZwGF6UkdBuJcxxAgaEI*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPvjmN7Rk0aYukCE...
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...
8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hotdrinks3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 06:23:58 GMT
cf-cache-status
HIT
last-modified
Mon, 20 May 2024 21:17:04 GMT
x-mg-request-uuid
cfadfc06-43d2-423e-87f4-2505d926d93a
server
cloudflare
age
2059433
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1d4a84e65a7-FRA
content-length
8376
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 24 Jun 2024 06:23:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
7f4fb565-3199-4fb7-b548-248bbeeecfa8
server
cloudflare
location
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
cf-ray
898aa1d4e89d65a7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
c
c.adskeeper.com/
Redirect Chain
  • https://nytoday1.xyz/event_67b0552a-fa98-2258-32d7-1bff45d9cce6_533_3675_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaHN1cHJlbWUuY29tJTJGaWNvbiUzRnNpZCUzRDgwZTdlNWQ1NGY3N2I4ZjY3M2Q1MThhNjdkZGU0YWFiJTI...
  • https://xml.pushsupreme.com/icon?sid=80e7e5d54f77b8f673d518a67dde4aab&rnd=36683119
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNMtf9ikaj_KfY53hGojn8vw7rqo0-lpoGpon1slvf5x-rWUMf2GWpr-w4P4fyHvfwYDlFbfXGuA6fUYc8Z5SBQ*&cid=1289986&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-...
0
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/453x227/-/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My80MTAyNjU1OWQyYjU0ZDIxZjBmMzk3YzE4YjU3YmJkYy5qcGc.webp?v=1719210235-h8eJacJ00_nQ9GopI6qb07tYmOisTkjCNvPZ6YRDjJ0
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hotdrinks3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 06:23:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
2afe0285-a560-410f-9543-a7e6e5af0ead
age
8430274
alt-svc
h3=":443"; ma=86400
content-length
7736
last-modified
Mon, 18 Mar 2024 16:38:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1d14c2465a7-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTEwLzc0MjUzMC80Mjg1Y...
s-img.adskeeper.com/g/19552177/492x328/-/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/19552177/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTEwLzc0MjUzMC80Mjg1YTU5Nzc5OTcwOGFkZDJjNzY5MWVmNzc2NzYxZC5qcGc.webp?v=1719210235-iN_mEKAkPJcbHI_KWpCo4-ZJdEATe-qrRprBgDpHGzk
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e53acd3fb061f5ebb23fa2bd32d307a373dd64ad3d289b893e57d2f0b8807ad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hotdrinks3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 06:23:57 GMT
cf-cache-status
HIT
last-modified
Tue, 21 May 2024 05:10:20 GMT
x-mg-request-uuid
3efd937e-fa8e-4f76-bd2e-cc08768c3d20
server
cloudflare
age
1123077
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1d15ebf2671-TXL
content-length
16786
alt-svc
h3=":443"; ma=86400
558250.png
notifypicture.info/p/creative-icon/
Redirect Chain
  • https://xml.justpush.pro/icon?sid=704a35e9606dcea57dd3b2ddc38b07ba&rnd=363280767
  • https://feed-33879.feedfinder23.info/api/push/track?id=4y-101xg4d&event=1&sig=80413f4cd70f73238ad876eac367c9&u=aHR0cHM6Ly9ub3RpZnlwaWN0dXJlLmluZm8vcC9jcmVhdGl2ZS1pY29uLzU1ODI1MC5wbmc%3D&time=171921...
  • https://notifypicture.info/p/creative-icon/558250.png
0
0
558250.png
notifypicture.info/p/creative-image/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notifypicture.info/p/creative-image/558250.png
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7549e484d9ea4b217aef0654bfbea6d318b3422fc60eb90038191414ce91f575

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hotdrinks3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 06:23:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
349342
content-disposition
inline; filename="creative-image-558250.png"
alt-svc
h3=":443"; ma=86400
content-length
68540
pragma
public
last-modified
Tue, 21 May 2024 05:08:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdCu6rUOKAfU%2FIBuWELKlAogl3YJUTvARliVp%2FtUI6cSr5lfv%2B99BQMZKKnSMXD5OL3CM8RRr%2Fp%2F0hPDSV7JVgiTGveOP044cRa9USw%2FiMYNlQhBeZd2z5Fv%2FzTde4P%2B8vhim37j4fPpVVroBxsrop8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
898aa1d19b611c2e-FRA
expires
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain
  • https://xml.pushsupreme.com/icon?sid=927de5a6c61f70d349586a1de95030ec&rnd=36683119
  • https://c.mgid.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNKhc6zYYPZvfOMkZ94XXRu1xqJc6ms7klagU3qILI0ZT7Yjim-xUWGVXYTAlDWdulallQYyG0CQXYo77sFvmR4*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPjLFZzOT523qmMj...
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...
8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hotdrinks3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 06:23:58 GMT
cf-cache-status
HIT
last-modified
Mon, 20 May 2024 21:17:04 GMT
x-mg-request-uuid
cfadfc06-43d2-423e-87f4-2505d926d93a
server
cloudflare
age
2059433
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1d4a84e65a7-FRA
content-length
8376
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 24 Jun 2024 06:23:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
a76341a2-ae67-4bbc-8c5e-1830208eca6b
server
cloudflare
location
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
cf-ray
898aa1d4984165a7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain
  • https://xml.galaxypush.com/icon?sid=3d5418635174c2d8e756eb62ace2cd04&rnd=38243578
  • https://c.mgid.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNKhc6zYYPZvfOMkZ94XXRuOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdutpfZwGF6UkdBuJcxxAgaEI*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPvjmN7Rk0aYukCE...
  • https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
Requested by
Host: hotdrinks3.xyz
URL: https://hotdrinks3.xyz/sw_f2b5ae5f-f069-7275-494d-6044573c8967_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hotdrinks3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 06:23:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
cfadfc06-43d2-423e-87f4-2505d926d93a
age
2059433
alt-svc
h3=":443"; ma=86400
content-length
8376
last-modified
Mon, 20 May 2024 21:17:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
898aa1d4a84e65a7-FRA

Redirect headers

date
Mon, 24 Jun 2024 06:23:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
b68fcfc0-a854-488e-a9af-f2ff7440d23c
server
cloudflare
location
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719210235-vAEGKabSoDqwy-TfFEQnD9WQQuD1gPU_WezglhcvjPc
cf-ray
898aa1d46fff65a7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hotdrinks3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:32:50 GMT
x-content-type-options
nosniff
age
211867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jun 2025 19:32:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hotdrinks3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options
nosniff
age
488438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:43:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.adskeeper.com
URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|ALjb1mKdSyP9SZB8tx1PBNMtf9ikaj_KfY53hGojn8vw7rqo0-lpoGpon1slvf5x-rWUMf2GWpr-w4P4fyHvfwYDlFbfXGuA6fUYc8Z5SBQ*&cid=1289986&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rid=5591fdf3-31f2-11ef-8e14-c84bd6836428&psid=1970623
Domain
notifypicture.info
URL
https://notifypicture.info/p/creative-icon/558250.png

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| isIframe function| go

1 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: Zu1QKbnGMNBokPh6H1bYlFMd2Py.D.BDANIlAzUdNZM-1719210233-1.0.1.1-GXLEgnDfAWz2LY19NkyhYSZ58PLTHcTz_BI2S5AJhKLguwU3iDMEnMgBgYF0a6rhAeRJIlfkY.EfDw2AUIYY2A