clck.adskeeper.com Open in urlscan Pro
2606:4700:4400::ac40:986a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://shopsalesonic4.xyz/event_9b6e2fa6-b0a0-e3af-d97c-4b81a176a048_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2...
Effective URL:
https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjp...
Submission: On August 25 via api (August 25th 2024, 1:33:36 pm UTC) from US — Scanned from US

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 16 domains to perform 39 HTTP transactions. The main IP is 2606:4700:4400::ac40:986a, located in United States and belongs to CLOUDFLARENET, US. The main domain is clck.adskeeper.com.
TLS certificate: Issued by WE1 on July 22nd 2024. Valid for: 3 months.

This is the only time clck.adskeeper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14 20	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
11 11	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
5	2606:4700:440... 2606:4700:4400::6812:2396	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2 8	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:986a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2004	() ()
1	2606:4700:1::... 2606:4700:1::6813:814c	() ()
1	108.138.106.101 108.138.106.101	() ()
1	2607:f8b0:400... 2607:f8b0:4006:806::2003	() ()
39	12

20 173.214.240.15 (United States) 14 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

shopsalesonic4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home-awayh4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profileshopsale4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
synergynews5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.182.164.180 (United States) 11 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.ppctraffic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.pushking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.cpcmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.planetpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::6812:2396 (United States)

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:1::6813:824c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:1::6813:854c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clck.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:814c (None, )

ASN- ()

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (None, )

ASN- ()

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	mgid.com 4 redirects c.mgid.com — Cisco Umbrella Rank: 5722 s-img.mgid.com — Cisco Umbrella Rank: 6986 a.mgid.com cdn.mgid.com	88 KB
10	adskeeper.com c.adskeeper.com — Cisco Umbrella Rank: 21004 s-img.adskeeper.com — Cisco Umbrella Rank: 19154 clck.adskeeper.com cdn.adskeeper.com	62 KB
7	synergynews5.xyz 4 redirects synergynews5.xyz	4 KB
5	planetpush.net 5 redirects xml.planetpush.net — Cisco Umbrella Rank: 78746	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	287 KB
5	freetrckr.com 5 redirects freetrckr.com — Cisco Umbrella Rank: 637579	2 KB
4	pushking.net 4 redirects xml.pushking.net — Cisco Umbrella Rank: 48173	2 KB
4	home-awayh4.xyz 1 redirects home-awayh4.xyz	4 KB
3	profileshopsale4.xyz 3 redirects profileshopsale4.xyz	361 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	hotjar.com static.hotjar.com script.hotjar.com Failed	5 KB
1	google.com www.google.com	977 B
1	cpcmart.com 1 redirects xml.cpcmart.com — Cisco Umbrella Rank: 482159	286 B
1	ppctraffic.co 1 redirects xml.ppctraffic.co — Cisco Umbrella Rank: 501198	284 B
1	shopsalesonic4.xyz 1 redirects shopsalesonic4.xyz	129 B
0	adrta.com Failed ipds.adrta.com Failed
39	16

	Domain	Requested by
8	s-img.mgid.com	home-awayh4.xyz synergynews5.xyz
7	synergynews5.xyz	4 redirects home-awayh4.xyz synergynews5.xyz
6	c.mgid.com	4 redirects home-awayh4.xyz synergynews5.xyz
5	xml.planetpush.net	5 redirects
5	freetrckr.com	5 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	xml.pushking.net	4 redirects
4	c.adskeeper.com	home-awayh4.xyz synergynews5.xyz
4	home-awayh4.xyz	1 redirects home-awayh4.xyz
3	s-img.adskeeper.com	home-awayh4.xyz synergynews5.xyz
3	profileshopsale4.xyz	3 redirects
2	clck.adskeeper.com	synergynews5.xyz clck.adskeeper.com
2	fonts.googleapis.com	home-awayh4.xyz synergynews5.xyz
1	www.gstatic.com	www.google.com
1	static.hotjar.com	clck.adskeeper.com
1	cdn.mgid.com	clck.adskeeper.com
1	a.mgid.com	clck.adskeeper.com
1	cdn.adskeeper.com	clck.adskeeper.com
1	www.google.com	clck.adskeeper.com
1	xml.cpcmart.com	1 redirects
1	xml.ppctraffic.co	1 redirects
1	shopsalesonic4.xyz	1 redirects
0	script.hotjar.com Failed	static.hotjar.com
0	ipds.adrta.com Failed	clck.adskeeper.com
39	24

This site contains no links.

Subject Issuer	Validity	Valid
jenitravels4.xyz E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
adskeeper.com WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh
mgid.com WE1	`2024-07-07` - `2024-10-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
spectrumtop5.xyz E5	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv
Frame ID: 30D17CF3F79D86EBAABC68E33F6C66A9
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

https://shopsalesonic4.xyz/event_9b6e2fa6-b0a0-e3af-d97c-4b81a176a048_101_0_3000?payload=JTdCJTIyaCUyMi... HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJT... Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://xml.planetpush.net/click?s=1&tid=886&sid=0f13df72f676f077558c306fe9a9c11b&rnd=47115445 HTTP 302
https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhV... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

39
Requests

69 %
HTTPS

75 %
IPv6

16
Domains

24
Subdomains

12
IPs

1
Countries

450 kB
Transfer

914 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://shopsalesonic4.xyz/event_9b6e2fa6-b0a0-e3af-d97c-4b81a176a048_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTY1ZmFhYzU5MDliMmRmYzk5MDRlM2IxYjBmYmJiZDA4LTMzMDMtMC4wMDA1MDQlMjIlMkMlMjI1MzQtZWUxNTg3YjVmNmIyOWUzNmE5MjZkODg5Z...%20312%20...4ZTQ2NTdfYWxsX3VhJTIyJTdE&if=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.planetpush.net/click?s=1&tid=886&sid=0f13df72f676f077558c306fe9a9c11b&rnd=47115445 HTTP 302
https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://shopsalesonic4.xyz/event_9b6e2fa6-b0a0-e3af-d97c-4b81a176a048_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTY1ZmFhYzU5MDliMmRmYzk5MDRlM2IxYjBmYmJiZDA4LTMzMDMtMC4wMDA1MDQlMjIlMkMlMjI1MzQtZWUxNTg3YjVmNmIyOWUzNmE5MjZkODg5Z...%20312%20...4ZTQ2NTdfYWxsX3VhJTIyJTdE&if=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://home-awayh4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_6_3467_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0QzYTdjNmIxYTJhZWFlNjlmMzdmOTIwNjY4YTJlZTBlZSUyNnJuZCUzRDUwMjE3NTU3OQ%3D%3D&t=1724592809836&rnd=953343695&i=1 HTTP 302
https://xml.ppctraffic.co/icon?sid=3a7c6b1a2aeae69f37f920668a2ee0ee&rnd=502175579 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH87VRZdiqoZrdeGbLREeFuGoFnIjysGsoJ5r12IEA2FdCM-_N3sSmDR4P6wyYzYhmwuP-v0kccjyXl_F9_n0Ft3Y*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFE6zgSSb5LCSlrfAeAkq0cATnAWH4Wqc8Fa0oGbkOKw6&rid=9d4b6e32-62e6-11ef-86da-c84bd68370b4&psid=614878

Request Chain 3

https://profileshopsale4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGJjYzk2NzU5MzhhZjM1MjNiMDQyYTIwOGEzZWU5ZWE3JTI2cm5kJTNEMTE3OTQ3MTIx&t=1724592809836&rnd=805769388&i=1 HTTP 302
https://xml.pushking.net/icon?sid=bcc9675938af3523b042a208a3ee9ea7&rnd=117947121 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH80urDkAWuUhvsmUc_hOgwSLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7NxCxtzHXdA-WAweEvCeBqA*&cid=1423484&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEklaQupdlYO96GoHnAC22gmtIhPU7y3&rid=9d4caef4-62e6-11ef-86da-c84bd68370b4&psid=891672&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMDUzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzI0NTkyODA5LTctWWlNSlp0bXdHUmRyRUZNNkNtTUlTa21DdEJKYVBtekttM1hac0Y3UFU= HTTP 301
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592809-7-YiMJZtmwGRdrEFM6CmMISkmCtBJaPmzKm3XZsF7PU

Request Chain 4

https://profileshopsale4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_101_3412_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDJmZGMwNzQ0NjNjMTYxMjI2ZWIzYzY4MjkxMzAyNjYyJTI2cm5kJTNEMTE3OTQ3MTIx&t=1724592809836&rnd=489821944&i=1 HTTP 302
https://xml.pushking.net/icon?sid=2fdc074463c161226eb3c68291302662&rnd=117947121 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH83vdbCLYtyMfr4uYKBf6k0aIW3zeRfGwM3YIRwFlov9CM-_N3sSmDR4P6wyYzYhmwpHoME4v1CvPwIQQ9tW2jSM*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFDVI6ynKkDva4U-zgmf-Guw4e_kr2gv3sOlxDoboVhU6&rid=9d4c754b-62e6-11ef-86da-c84bd68370b4&psid=18916721

Request Chain 5

https://profileshopsale4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_101_3911_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDA0MTYxNWEyMDkyZWJmYjVjNjkwNWE1ZmE5NWI5NmNkJTI2cm5kJTNEMTE3OTQ3MTIx&t=1724592809836&rnd=999801075&i=1 HTTP 302
https://xml.pushking.net/icon?sid=041615a2092ebfb5c6905a5fa95b96cd&rnd=117947121 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH84ahqcCY-6FYI9wf4gQAoLLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7CC9LiNJlDp2orGwc6n2aOA*&cid=1620373&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEklaQupdlYO96GoHnAC22gmtIhPU7y3&rid=9d4c767c-62e6-11ef-9353-c84bd6836428&psid=891672&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMDUzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzI0NTkyODA5LTctWWlNSlp0bXdHUmRyRUZNNkNtTUlTa21DdEJKYVBtekttM1hac0Y3UFU= HTTP 301
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592809-7-YiMJZtmwGRdrEFM6CmMISkmCtBJaPmzKm3XZsF7PU

Request Chain 8

https://xml.pushking.net/icon?sid=6e929ceb92882291c4001b90442cd5b9&rnd=117947121 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH875LdapyfK9e-pimj7_nnQNXFJTRRIRO0SORr0b7POHRM-_N3sSmDR4P6wyYzYhmwtBgyvZRwdipHGrQLTB1gG4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFGRXm3RFhOcFRFlGxgDft7Oqz2dsEpAH6P28qE8Ate5C&rid=9d4c7680-62e6-11ef-86da-c84bd68370b4&psid=891672

Request Chain 10

https://xml.cpcmart.com/icon?sid=30943f2d142e7a9586634bf977f8a146&rnd=392604355 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH88dKlBPR-y4HZvibm_DO1nxHa8TVGVu-ZJWNx5Hw9dcxM-_N3sSmDR4P6wyYzYhmwk_69MRWwGQPmUWgBbpPITs*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5oouga10KWTSXy2JOb87Ef9qpxdS71v&rid=9d4b98d4-62e6-11ef-86da-c84bd68370b4&psid=513788

Request Chain 16

https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 18

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_2513_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEZGY1ODNjNjAwNjkyYzkzN2E2MDBlY2Y1MGY4ZjkwYjAlMjZybmQlM0Q4MzgzNjg5OTU%3D&t=1724592812821&rnd=822794117&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=df583c600692c937a600ecf50f8f90b0&rnd=838368995 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WJ0S4oCNK7_QihH97vMzA7XpNI3wzmLowIZ8DSGauqqdM-_N3sSmDR4P6wyYzYhmwnYjVT7NjGlvy3pM8t2BzJ4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5oouga10KWTSXy2JOb87Ef9qpxdS71v&rid=9f116450-62e6-11ef-a30e-c84bd68370c0&psid=1290661

Request Chain 19

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_3918_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNENDMyMmI5OGI1NzgwODE4ZGFjMjc4YjhkNDllMDU0MjMlMjZybmQlM0Q4MzgzNjg5OTU%3D&t=1724592812821&rnd=875291174&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=4322b98b5780818dac278b8d49e05423&rnd=838368995 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WIahqcCY-6FYI9wf4gQAoLLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7NK7O7cAZRuYOvjS0LzqHb0*&cid=1620373&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEklaQupdlYO96GoHnAC22gmtIhPU7y3&rid=9f11768e-62e6-11ef-a30e-c84bd68370c0&psid=1290661&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMDUzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzI0NTkyODEyLUFxQ3pZS0RIVWVuMDg1VUhqcjNENEt2VjROekFUaE52SkpIdFhQMmw3SFk= HTTP 301
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592812-AqCzYKDHUen085UHjr3D4KvV4NzAThNvJJHtXP2l7HY

Request Chain 20

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEMzNmMWVkNzBhNzdiZmIyNWIyNDAxMzIxMzlkZTg2ZDAlMjZybmQlM0Q4MzgzNjg5OTU%3D&t=1724592812821&rnd=161778344&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=33f1ed70a77bfb25b240132139de86d0&rnd=838368995 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WEurDkAWuUhvsmUc_hOgwSLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7OfdgHutHOJ6JLrgn7NLTZs*&cid=1423484&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEklaQupdlYO96GoHnAC22gmtIhPU7y3&rid=9f116d1f-62e6-11ef-9353-c84bd6836428&psid=1290661&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMDUzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzI0NTkyODEyLUFxQ3pZS0RIVWVuMDg1VUhqcjNENEt2VjROekFUaE52SkpIdFhQMmw3SFk= HTTP 301
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592812-AqCzYKDHUen085UHjr3D4KvV4NzAThNvJJHtXP2l7HY

Request Chain 21

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_3414_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEMGYxM2RmNzJmNjc2ZjA3NzU1OGMzMDZmZTlhOWMxMWIlMjZybmQlM0Q4MzgzNjg5OTU%3D&t=1724592812821&rnd=281396569&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=0f13df72f676f077558c306fe9a9c11b&rnd=838368995 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&psid=112906611

Request Chain 36

https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=20373995&publisherId=57829089&siteId=901170&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv&kv3=-&kv4=-&kv5=112906611&kv6=afrd_click_Atrz&kv7=817388&kv11=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&kv12=9f1175f2-62e6-11ef-9353-c84bd6836428&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36 HTTP 302
https://ipds.adrta.com/i?__x=HEMFIJIFNFCNHBEBLMJGNHHFNQJHIEPONMIAGLGLLNIPGLGIIBHJNJKMIKNIILLKMGKIGBIMHIJQIMHNHJF@PKJLOLMFJMKKIHFHLHNBFNJJKNGPHKILGAE@HBE&clid=mgid&paid=mgid&avid=-&caid=-&plid=20373995&publisherId=57829089&siteId=901170&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv&kv3=-&kv4=-&kv5=112906611&kv6=afrd_click_Atrz&kv7=817388&kv11=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&kv12=9f1175f2-62e6-11ef-9353-c84bd6836428&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js Show response
home-awayh4.xyz/
Redirect Chain

https://shopsalesonic4.xyz/event_9b6e2fa6-b0a0-e3af-d97c-4b81a176a048_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTY1ZmFhYzU5MDliMmRmYzk5MDRlM2Ix...
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

8 KB
3 KB

415ms
158ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 48c2337e54e2c204104a16e6a8c491b9ab8e46d5601319cd8c939831939e6628

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 25 Aug 2024 13:33:29 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Sun, 25 Aug 2024 13:33:29 GMT
location: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 148ms
45ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 13:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 12:20:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 13:33:30 GMT

GET
H3

200

c
c.adskeeper.com/
Redirect Chain

https://home-awayh4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_6_3467_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0QzYTdjNmIxYTJhZWFlNjlmMzdmOTIwNjY4YTJlZTBlZSUyNn...
https://xml.ppctraffic.co/icon?sid=3a7c6b1a2aeae69f37f920668a2ee0ee&rnd=502175579
https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH87VRZdiqoZrdeGbLREeFuGoFnIjysGsoJ5r12IEA2FdCM-_N3sSmDR4P6wyYzYhmwuP-v0kccjyXl_F9_n0Ft3Y*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFE6zgSSb5L...

43 B
230 B

43ms
40ms

Image
image/gif

2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH87VRZdiqoZrdeGbLREeFuGoFnIjysGsoJ5r12IEA2FdCM-_N3sSmDR4P6wyYzYhmwuP-v0kccjyXl_F9_n0Ft3Y*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFE6zgSSb5LCSlrfAeAkq0cATnAWH4Wqc8Fa0oGbkOKw6&rid=9d4b6e32-62e6-11ef-86da-c84bd68370b4&psid=614878

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: c2debb30-4d83-4775-b04a-62738cec012a
server: cloudflare
content-type: image/gif
cf-ray: 8b8bf449fe3432c8-PHL
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH87VRZdiqoZrdeGbLREeFuGoFnIjysGsoJ5r12IEA2FdCM-_N3sSmDR4P6wyYzYhmwuP-v0kccjyXl_F9_n0Ft3Y*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFE6zgSSb5LCSlrfAeAkq0cATnAWH4Wqc8Fa0oGbkOKw6&rid=9d4b6e32-62e6-11ef-86da-c84bd68370b4&psid=614878
date: Sun, 25 Aug 2024 13:33:30 GMT
server: nginx

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY...
s-img.mgid.com/g/18013053/328x328/-/
Redirect Chain

https://profileshopsale4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGJjYzk2NzU5MzhhZjM1MjNiMDQyYTIwOGEzZWU5ZWE...
https://xml.pushking.net/icon?sid=bcc9675938af3523b042a208a3ee9ea7&rnd=117947121
https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH80urDkAWuUhvsmUc_hOgwSLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7NxCxtzHXdA-WAweEvCeBqA*&cid=1423484&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEk...
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
8 KB

35ms
33ms

Image
image/webp

2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592809-7-YiMJZtmwGRdrEFM6CmMISkmCtBJaPmzKm3XZsF7PU

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: f91a1943-753f-4dcb-a74e-256624b065e4
age: 4577984
alt-svc: h3=":443"; ma=86400
content-length: 7784
last-modified: Sun, 28 Apr 2024 14:18:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf44a2ecf17a9-EWR

Redirect headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 28e89c4b-573d-49f0-a68b-d75f44a82442
server: cloudflare
location: https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592809-7-YiMJZtmwGRdrEFM6CmMISkmCtBJaPmzKm3XZsF7PU
cf-ray: 8b8bf449deaa17a9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

c
c.adskeeper.com/
Redirect Chain

https://profileshopsale4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_101_3412_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDJmZGMwNzQ0NjNjMTYxMjI2ZWIzYzY4MjkxMzAyNjY...
https://xml.pushking.net/icon?sid=2fdc074463c161226eb3c68291302662&rnd=117947121
https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH83vdbCLYtyMfr4uYKBf6k0aIW3zeRfGwM3YIRwFlov9CM-_N3sSmDR4P6wyYzYhmwpHoME4v1CvPwIQQ9tW2jSM*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFDVI6ynKkD...

43 B
230 B

46ms
46ms

Image
image/gif

2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH83vdbCLYtyMfr4uYKBf6k0aIW3zeRfGwM3YIRwFlov9CM-_N3sSmDR4P6wyYzYhmwpHoME4v1CvPwIQQ9tW2jSM*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFDVI6ynKkDva4U-zgmf-Guw4e_kr2gv3sOlxDoboVhU6&rid=9d4c754b-62e6-11ef-86da-c84bd68370b4&psid=18916721

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 074bc5b0-cc38-4fe8-a93c-0c53c8815d8b
server: cloudflare
content-type: image/gif
cf-ray: 8b8bf44a0e6a32c8-PHL
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH83vdbCLYtyMfr4uYKBf6k0aIW3zeRfGwM3YIRwFlov9CM-_N3sSmDR4P6wyYzYhmwpHoME4v1CvPwIQQ9tW2jSM*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFDVI6ynKkDva4U-zgmf-Guw4e_kr2gv3sOlxDoboVhU6&rid=9d4c754b-62e6-11ef-86da-c84bd68370b4&psid=18916721
date: Sun, 25 Aug 2024 13:33:30 GMT
server: nginx

GET
H3

200

https://profileshopsale4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_101_3911_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDA0MTYxNWEyMDkyZWJmYjVjNjkwNWE1ZmE5NWI5NmN...
https://xml.pushking.net/icon?sid=041615a2092ebfb5c6905a5fa95b96cd&rnd=117947121
https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH84ahqcCY-6FYI9wf4gQAoLLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7CC9LiNJlDp2orGwc6n2aOA*&cid=1620373&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEk...
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
0

1ms
1ms

Image
image/webp

2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592809-7-YiMJZtmwGRdrEFM6CmMISkmCtBJaPmzKm3XZsF7PU
Requested by: Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Server: 2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Apr 2024 14:18:05 GMT
x-mg-request-uuid: f91a1943-753f-4dcb-a74e-256624b065e4
server: cloudflare
age: 4577984
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf44a2ecf17a9-EWR
content-length: 7784
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 59a42d4d-69ea-4a51-808a-a5f69cd0bee8
server: cloudflare
location: https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592809-7-YiMJZtmwGRdrEFM6CmMISkmCtBJaPmzKm3XZsF7PU
cf-ray: 8b8bf44a2ed117a9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvMzY2OTA0L2Y0OGRjZ...
s-img.adskeeper.com/g/20374083/200x200/-/ 11 KB
11 KB 126ms
34ms Image
image/webp 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/20374083/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvMzY2OTA0L2Y0OGRjZThkNzgxZDY1OGEwOGZlNDQ2Zjg4ZWU3MjI2LnBuZw.webp?v=1724592809-aBEaVPj_aDlL1mvGngzTX20_4ufh_A565dz33R-7PMc
Requested by: Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d13f40cab09695fcbf213e89ab3fed51b7c1f123272735aa5e1cf6fc4b942ef

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 21:24:36 GMT
x-mg-request-uuid: 723fd932-6ac5-4a13-ad0c-1ac55cafedb3
server: cloudflare
age: 418075
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf4479a7e32c8-PHL
content-length: 10796
alt-svc: h3=":443"; ma=86400

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1Lzc0MjE2NS9hZDhjZ...
s-img.mgid.com/g/18013053/453x227/-/ 6 KB
7 KB 130ms
39ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013053/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1Lzc0MjE2NS9hZDhjZmNlNmRiYjliNzdiNGM0MGZhMTBjY2JjMjc4Ny5qcGc.webp?v=1724592809--1rj-n4I1AztagG1qp56CV63aaCgyTv5YZtW-dODIZc

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800db8a499e397c94dd9e1c1f079c7009573cab652be72fcb060f08be9d66a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 0cc750f2-3114-40c8-aa67-48e8b56a51d1
age: 7428217
alt-svc: h3=":443"; ma=86400
content-length: 6424
last-modified: Thu, 11 Apr 2024 23:42:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf4479d7317a9-EWR

GET
H3

200

c
c.mgid.com/
Redirect Chain

https://xml.pushking.net/icon?sid=6e929ceb92882291c4001b90442cd5b9&rnd=117947121
https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH875LdapyfK9e-pimj7_nnQNXFJTRRIRO0SORr0b7POHRM-_N3sSmDR4P6wyYzYhmwtBgyvZRwdipHGrQLTB1gG4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFGRXm3RFhOcFRFl...

43 B
230 B

72ms
49ms

Image
image/gif

2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH875LdapyfK9e-pimj7_nnQNXFJTRRIRO0SORr0b7POHRM-_N3sSmDR4P6wyYzYhmwtBgyvZRwdipHGrQLTB1gG4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFGRXm3RFhOcFRFlGxgDft7Oqz2dsEpAH6P28qE8Ate5C&rid=9d4c7680-62e6-11ef-86da-c84bd68370b4&psid=891672

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: ab5d1c12-4501-4dc7-84d6-70c7c22fafd3
server: cloudflare
content-type: image/gif
cf-ray: 8b8bf449cea217a9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.mgid.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH875LdapyfK9e-pimj7_nnQNXFJTRRIRO0SORr0b7POHRM-_N3sSmDR4P6wyYzYhmwtBgyvZRwdipHGrQLTB1gG4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFGRXm3RFhOcFRFlGxgDft7Oqz2dsEpAH6P28qE8Ate5C&rid=9d4c7680-62e6-11ef-86da-c84bd68370b4&psid=891672
date: Sun, 25 Aug 2024 13:33:30 GMT
server: nginx

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvMTcyM...
s-img.mgid.com/g/20374019/492x277/-/ 11 KB
12 KB 134ms
44ms Image
image/webp 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/20374019/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvMTcyMjZiNDhmZmFmYTZiMjBhNTU4NTM3NjQxYTQ0NTUucG5n.webp?v=1724592809-gsdIbpLc6zcOx1DbOjlfy35RBZlBhrgC77IKXdqQjRU

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc496947a797b91f80b244f83b1eef9258315ae43ad95d20623187851fea907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 450d95c1-d8e3-44b3-b96b-0a6a72cc24b3
age: 1094928
alt-svc: h3=":443"; ma=86400
content-length: 11528
last-modified: Mon, 12 Aug 2024 21:24:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf4479d7517a9-EWR

GET
H3

200

c
c.adskeeper.com/
Redirect Chain

https://xml.cpcmart.com/icon?sid=30943f2d142e7a9586634bf977f8a146&rnd=392604355
https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH88dKlBPR-y4HZvibm_DO1nxHa8TVGVu-ZJWNx5Hw9dcxM-_N3sSmDR4P6wyYzYhmwk_69MRWwGQPmUWgBbpPITs*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55...

43 B
230 B

60ms
53ms

Image
image/gif

2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH88dKlBPR-y4HZvibm_DO1nxHa8TVGVu-ZJWNx5Hw9dcxM-_N3sSmDR4P6wyYzYhmwk_69MRWwGQPmUWgBbpPITs*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5oouga10KWTSXy2JOb87Ef9qpxdS71v&rid=9d4b98d4-62e6-11ef-86da-c84bd68370b4&psid=513788

Requested by

Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8a722199-62ab-4d80-becc-1adcde98d52d
server: cloudflare
content-type: image/gif
cf-ray: 8b8bf449add232c8-PHL
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.adskeeper.com/c?pv=2&v=0|0|0|VCsfwEmnv11GjiS8EWaH88dKlBPR-y4HZvibm_DO1nxHa8TVGVu-ZJWNx5Hw9dcxM-_N3sSmDR4P6wyYzYhmwk_69MRWwGQPmUWgBbpPITs*&cid=1449137&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5oouga10KWTSXy2JOb87Ef9qpxdS71v&rid=9d4b98d4-62e6-11ef-86da-c84bd68370b4&psid=513788
date: Sun, 25 Aug 2024 13:33:30 GMT
server: nginx

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvMzY2OTA0L2JmMTZjY...
s-img.adskeeper.com/g/20374086/200x200/-/ 6 KB
7 KB 125ms
36ms Image
image/webp 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/20374086/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvMzY2OTA0L2JmMTZjYmM2NWJjOTRkYTM3ZDIxNTAyNzZmYjYwNWQwLmpwZWc.webp?v=1724592809-j4RkzPPvCyt50XJGjb7lxzh4zKeqQJeNlx7vit3L6qU
Requested by: Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88948a499380ce272f4920244b8fedfaec8ad36f4d40b1e4cb0e5441e8cb965

Request headers

Referer: https://home-awayh4.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 21:24:56 GMT
x-mg-request-uuid: 4183017c-7282-4e82-96eb-0e8a42ea166b
server: cloudflare
age: 418244
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf4479a8132c8-PHL
content-length: 6478
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 143ms
51ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://home-awayh4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 20:46:33 GMT
x-content-type-options: nosniff
age: 233217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 20:46:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 142ms
50ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://home-awayh4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 20:46:30 GMT
x-content-type-options: nosniff
age: 233220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 20:46:30 GMT

GET
H2 404 favicon.ico
home-awayh4.xyz/ 548 B
245 B 84ms
82ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://home-awayh4.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:30 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_6_0_2000
home-awayh4.xyz/ 114 B
206 B 101ms
76ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://home-awayh4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_6_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wcGN0cmFmZmljLmNvJTIyJTJDJTIydSUyMiUzQSU1QiUyMjMzOC0zYTdjNmIxYTJhZWFlNjlmMzdmOTIwNjY4YTJlZTBlZS0zNDY3LTAuMDAwMDc3JTIyJTVEJTdE&t=1724592809836&rnd=702860658&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/sw_86e1e8e5-bc25-e4fb-582f-aafbdaeda1df_6_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:31 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js Show response
synergynews5.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

8 KB
3 KB

401ms
167ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: home-awayh4.xyz
URL: https://home-awayh4.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_6_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wcGN0cmFmZmljLmNvJTIyJTJDJTIydSUyMiUzQSU1QiUyMjMzOC0zYTdjNmIxYTJhZWFlNjlmMzdmOTIwNjY4YTJlZTBlZS0zNDY3LTAuMDAwMDc3JTIyJTVEJTdE&t=1724592809836&rnd=702860658&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 08d0f5e32c3eb0dfa101c464376779cdd4efd5b316b825b4188eec7461872769

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 25 Aug 2024 13:33:32 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Sun, 25 Aug 2024 13:33:32 GMT
location: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 135ms
53ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 13:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 12:19:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 13:33:33 GMT

GET
H3

200

c
c.mgid.com/
Redirect Chain

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_2513_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEZGY1ODNjNjAwNjkyYzkzN2E2MDBlY2Y1MGY4ZjkwYjA...
https://xml.planetpush.net/icon?sid=df583c600692c937a600ecf50f8f90b0&rnd=838368995
https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WJ0S4oCNK7_QihH97vMzA7XpNI3wzmLowIZ8DSGauqqdM-_N3sSmDR4P6wyYzYhmwnYjVT7NjGlvy3pM8t2BzJ4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5o...

43 B
231 B

46ms
42ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WJ0S4oCNK7_QihH97vMzA7XpNI3wzmLowIZ8DSGauqqdM-_N3sSmDR4P6wyYzYhmwnYjVT7NjGlvy3pM8t2BzJ4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5oouga10KWTSXy2JOb87Ef9qpxdS71v&rid=9f116450-62e6-11ef-a30e-c84bd68370c0&psid=1290661

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0a18b36d-899a-4518-807d-1b6b606bc45e
server: cloudflare
content-type: image/gif
cf-ray: 8b8bf45ca895c427-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WJ0S4oCNK7_QihH97vMzA7XpNI3wzmLowIZ8DSGauqqdM-_N3sSmDR4P6wyYzYhmwnYjVT7NjGlvy3pM8t2BzJ4*&cid=1414831&f=1&h2=d9lnKn9ApkL2CGEc8NuYFB_1D0cb55fiB5oouga10KWTSXy2JOb87Ef9qpxdS71v&rid=9f116450-62e6-11ef-a30e-c84bd68370c0&psid=1290661
date: Sun, 25 Aug 2024 13:33:33 GMT
server: nginx

GET
H3

200

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_3918_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNENDMyMmI5OGI1NzgwODE4ZGFjMjc4YjhkNDllMDU0MjM...
https://xml.planetpush.net/icon?sid=4322b98b5780818dac278b8d49e05423&rnd=838368995
https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WIahqcCY-6FYI9wf4gQAoLLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7NK7O7cAZRuYOvjS0LzqHb0*&cid=1620373&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEk...
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
0

29ms
29ms

Image
image/webp

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592812-AqCzYKDHUen085UHjr3D4KvV4NzAThNvJJHtXP2l7HY
Requested by: Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Server: 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Apr 2024 14:18:05 GMT
x-mg-request-uuid: f91a1943-753f-4dcb-a74e-256624b065e4
server: cloudflare
age: 4577987
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf45cf8ccc427-EWR
content-length: 7784
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 241df4b3-9d48-4a9f-984d-4658ace94a67
server: cloudflare
location: https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592812-AqCzYKDHUen085UHjr3D4KvV4NzAThNvJJHtXP2l7HY
cf-ray: 8b8bf45cb89dc427-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEMzNmMWVkNzBhNzdiZmIyNWIyNDAxMzIxMzlkZTg2ZDA...
https://xml.planetpush.net/icon?sid=33f1ed70a77bfb25b240132139de86d0&rnd=838368995
https://c.mgid.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WEurDkAWuUhvsmUc_hOgwSLQmyaD5fIPxTpNTsjDmkVvwkjzShpcrtmsP3xXfuMC7OfdgHutHOJ6JLrgn7NLTZs*&cid=1423484&f=1&h2=d9lnKn9ApkL2CGEc8NuYFA9kwfAvWXUlsEk...
https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
8 KB

32ms
31ms

Image
image/webp

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: f91a1943-753f-4dcb-a74e-256624b065e4
age: 4577987
alt-svc: h3=":443"; ma=86400
content-length: 7784
last-modified: Sun, 28 Apr 2024 14:18:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf45cf8ccc427-EWR

Redirect headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: efb2f15c-09e4-4ed0-a463-2669bc4f5340
server: cloudflare
location: https://s-img.mgid.com/g/18013053/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1724592812-AqCzYKDHUen085UHjr3D4KvV4NzAThNvJJHtXP2l7HY
cf-ray: 8b8bf45ca897c427-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

c
c.adskeeper.com/
Redirect Chain

https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_3414_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEMGYxM2RmNzJmNjc2ZjA3NzU1OGMzMDZmZTlhOWMxMWI...
https://xml.planetpush.net/icon?sid=0f13df72f676f077558c306fe9a9c11b&rnd=838368995
https://c.adskeeper.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkN...

43 B
231 B

38ms
35ms

Image
image/gif

2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&psid=112906611

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0b64a994-503e-4022-ad5e-e813dc377042
server: cloudflare
content-type: image/gif
cf-ray: 8b8bf45ca89432d2-PHL
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.adskeeper.com/c?pv=2&v=0|0|0|bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&cid=1497339&f=1&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&psid=112906611
date: Sun, 25 Aug 2024 13:33:33 GMT
server: nginx

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMTQzNCx5XzgwNy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wN...
s-img.mgid.com/g/20373999/492x277/-/ 16 KB
17 KB 113ms
40ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/20373999/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMTQzNCx5XzgwNy9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zNjY5MDQvNTJlNWZlOTM2NGVjYjEwMmJmMzlkYzM4MmM2MGFlZTUucG5n.webp?v=1724592812-fYwNFww5g3vOBFbmi5ZqHkLRHBQkVvfznC233uPUULw

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4637fe6fe084a6ee6d35fce1ba2ed9558dc92f5b433229273d534187d500eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: dd418026-a22e-4b6b-909a-45d5b471248b
age: 1094922
alt-svc: h3=":443"; ma=86400
content-length: 16664
last-modified: Mon, 12 Aug 2024 21:24:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf45acf19c427-EWR

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1Lzc0MjE2NS9hZDhjZ...
s-img.mgid.com/g/18013053/453x227/-/ 6 KB
7 KB 110ms
39ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800db8a499e397c94dd9e1c1f079c7009573cab652be72fcb060f08be9d66a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 0cc750f2-3114-40c8-aa67-48e8b56a51d1
age: 7428220
alt-svc: h3=":443"; ma=86400
content-length: 6424
last-modified: Thu, 11 Apr 2024 23:42:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf45acf17c427-EWR

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM4Myx5XzI4OC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zN...
s-img.adskeeper.com/g/20373995/200x200/-/ 9 KB
10 KB 115ms
44ms Image
image/webp 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/20373995/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM4Myx5XzI4OC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8zNjY5MDQvZDc5N2NmODY0MWRkMzJjNzhiYjQzNGI5MTFmMDQzNmEucG5n.webp?v=1724592812-m5Gh-OkdMrokTXMbiywyWkNLqRSBfrCXoFHNC_eL-IM
Requested by: Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c12ae756fb817d0abb72d6e28328223db0fc8027f54819d8a72278120d40b3a

Request headers

Referer: https://synergynews5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 21:24:37 GMT
x-mg-request-uuid: 868cf5ee-4b33-4cb2-bfbd-2c9e246c029a
server: cloudflare
age: 414275
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8b8bf45ace1632d2-PHL
content-length: 9468
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 121ms
30ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://synergynews5.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 20:46:33 GMT
x-content-type-options: nosniff
age: 233220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 20:46:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 119ms
29ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://synergynews5.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 20:46:30 GMT
x-content-type-options: nosniff
age: 233223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Aug 2025 20:46:30 GMT

GET
H2 404 favicon.ico
synergynews5.xyz/ 548 B
246 B 86ms
84ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://synergynews5.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:33 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_0_3001
synergynews5.xyz/ 118 B
209 B 87ms
86ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtZGY1ODNjNjAwNjkyYzkzN2E2MDBlY2Y1MGY4ZjkwYjAtMjUxMy0wLjAwMDMzMSUyMiUyQyUyMjg4Ni00MzIyYjk4YjU3ODA4MThkYWMyNzhiOGQ0OWUwNTQyMy0zOTE4LTAuMDAyNjgxJTIyJTJDJTIyODg2LTMzZjFlZDcwYTc3YmZiMjViMjQwMTMyMTM5ZGU4NmQwLTMyODYtMC4wMDI2MDElMjIlMkMlMjI4ODYtMGYxM2RmNzJmNjc2ZjA3NzU1OGMzMDZmZTlhOWMxMWItMzQxNC0wLjAwMDMzNiUyMiU1RCU3RA%3D%3D&t=1724592812821&rnd=726111078&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: synergynews5.xyz
URL: https://synergynews5.xyz/sw_59eb8233-1883-b5ab-3c58-e53a5a9fa0e3_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:34 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H3

200

Primary Request 1 Show response
clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/
Redirect Chain

https://xml.planetpush.net/click?s=1&tid=886&sid=0f13df72f676f077558c306fe9a9c11b&rnd=47115445
https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175...

20 KB
6 KB

243ms
159ms

Document
text/html

2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv

Requested by

Host: synergynews5.xyz
URL: https://synergynews5.xyz/event_9c35cb7c-1ce1-4b7a-8d38-368cd1c5cdd8_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtZGY1ODNjNjAwNjkyYzkzN2E2MDBlY2Y1MGY4ZjkwYjAtMjUxMy0wLjAwMDMzMSUyMiUyQyUyMjg4Ni00MzIyYjk4YjU3ODA4MThkYWMyNzhiOGQ0OWUwNTQyMy0zOTE4LTAuMDAyNjgxJTIyJTJDJTIyODg2LTMzZjFlZDcwYTc3YmZiMjViMjQwMTMyMTM5ZGU4NmQwLTMyODYtMC4wMDI2MDElMjIlMkMlMjI4ODYtMGYxM2RmNzJmNjc2ZjA3NzU1OGMzMDZmZTlhOWMxMWItMzQxNC0wLjAwMDMzNiUyMiU1RCU3RA%3D%3D&t=1724592812821&rnd=726111078&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d9949d17f753b115c0fcecf08cf442409d32146b7bc478e3b1efb8106547bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8b8bf469ed1232b3-PHL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 13:33:35 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
strict-transport-security: max-age=15768000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex

Redirect headers

date: Sun, 25 Aug 2024 13:33:35 GMT
location: https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv
server: nginx

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
977 B 173ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha

Requested by

Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

2febfeebd65f3cc743cc06ebd239d4198e8acddbcd3f81652fbf78ff07582086

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.adskeeper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 25 Aug 2024 13:33:35 GMT

GET
H2 200 img.png
cdn.adskeeper.com/images/tranzit/ 68 B
606 B 167ms
67ms Image
image/png 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.com/images/tranzit/img.png
Requested by: Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://clck.adskeeper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:35 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: N8BDE7R4K3V7ZV88
age: 1034
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 68
x-amz-id-2: g8xUvG4EsdQdXZaiLJTMM+Tbe1+W3xgX2i8zUbwpxjOBQSeKo9GcWlJGQAGxpx0TQlwS1Lb4XMQ=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 24 Mar 2022 17:14:24 GMT
x-amz-meta-s3cmd-attrs: atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root
server: cloudflare
etag: "91e42db1c66c0b276abf6234dc50b2eb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8b8bf46bbf594cae-PHL
expires: Sun, 25 Aug 2024 17:33:35 GMT

GET
H3 200 dojo-other.js Show response
clck.adskeeper.com/build/ 68 KB
28 KB 152ms
151ms Script
application/javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.adskeeper.com/build/dojo-other.js?t=5e74f43d942ecff6c149fa568cac193b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817fdd07145b90aeb3e73f412216ba2006ddcad6922289d13ed12944d6eed339

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:36 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 12:35:27 GMT
server: cloudflare
etag: W/"66c5df0f-110bf"
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b8bf46baff832b3-PHL
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 touchpoints-sensor.js Show response
a.mgid.com/ 3 KB
1 KB 150ms
51ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/touchpoints-sensor.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98c4f22c9c8dc6a974276ebf08497fdf1b5d12d581f9a29c83a22ff8801170f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.adskeeper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-mg-request-uuid: 450b76bd-a70d-4e9b-bd90-3c9f21f4a082
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8b8bf46ba8c7c481-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 frpt.js Show response
cdn.mgid.com/js/ 74 KB
27 KB 116ms
37ms Script
application/javascript 2606:4700:1::6813:814c

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/js/frpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:814c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

be90000f4c5643fe4fe88c15ececa719088c7ff20dc07574c7bf62b8ec6008c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://clck.adskeeper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:33:36 GMT
x-amz-version-id: DNw2AZI35o0F7fvE7AxRGxzlMR0J.Xeo
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4AP58BK8WHKMS5EQ
age: 5270
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gjjzxv6T0wRzO1TwLo5Inhm4fBDIyL8nN6e1jyDAZKYJpd02LznzJbwbuhMQLYjR2ywKT0UBkr4=
cf-bgj: minify
last-modified: Wed, 24 Jul 2024 06:10:20 GMT
x-amz-meta-s3cmd-attrs: atime:1721801412/ctime:1721801412/gid:0/gname:root/md5:0b3ae0119e27c38282a49abcf0d4241e/mode:33188/mtime:1721801261/uid:0/uname:root
server: cloudflare
etag: W/"0b3ae0119e27c38282a49abcf0d4241e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 8b8bf46c199dc459-EWR
expires: Mon, 26 Aug 2024 13:33:36 GMT

GET
H2 200 hotjar-2590724.js
static.hotjar.com/c/ 11 KB
5 KB 264ms
120ms Script
application/javascript 108.138.106.101

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2590724.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.adskeeper.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 13:33:36 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/8694bc456edf1e7a016c51c603c88a71
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MyeFFekZszc8qb_dZHn8P8uTqT5w-uc8e_HItqPCHpWJLwhDFIBIQA==

GET
H2 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 538 KB
213 KB 172ms
51ms Script
text/javascript 2607:f8b0:4006:806::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.adskeeper.com/
Origin: https://clck.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 10:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217366
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Aug 2025 10:39:15 GMT

GET

i
ipds.adrta.com/
Redirect Chain

https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=20373995&publisherId=57829089&siteId=901170&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=...
https://ipds.adrta.com/i?__x=HEMFIJIFNFCNHBEBLMJGNHHFNQJHIEPONMIAGLGLLNIPGLGIIBHJNJKMIKNIILLKMGKIGBIMHIJQIMHNHJF@PKJLOLMFJMKKIHFHLHNBFNJJKNGPHKILGAE@HBE&clid=mgid&paid=mgid&avid=-&caid=-&plid=20373...

0
0

GET modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipds.adrta.com
URL: https://ipds.adrta.com/i?__x=HEMFIJIFNFCNHBEBLMJGNHHFNQJHIEPONMIAGLGLLNIPGLGIIBHJNJKMIKNIILLKMGKIGBIMHIJQIMHNHJF@PKJLOLMFJMKKIHFHLHNBFNJJKNGPHKILGAE@HBE&clid=mgid&paid=mgid&avid=-&caid=-&plid=20373995&publisherId=57829089&siteId=901170&kv1=492x328&kv2=https://clck.adskeeper.com/ghits/20373995/i/57829089/2/src/112906611/pp/1/1?h=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&rid=9f1175f2-62e6-11ef-9353-c84bd6836428&tt=Direct&att=3&pubsrcid=112906611&cpm=1&abd=1&ct=1&st=-240&h2=d9lnKn9ApkL2CGEc8NuYFAg89KkVkNIho88yDy3B9pj_vbI0sMtAKLh6HyIM_WCv&kv3=-&kv4=-&kv5=112906611&kv6=afrd_click_Atrz&kv7=817388&kv11=bZjC2Xd5pNXygxtwoD79WMvhVM0hjuLew8A-q5y1u6gjpy0XPJqFebwX_E8UK73ZM-_N3sSmDR4P6wyYzYhmwsve5SIgyAB0dSYeopNDYSs*&kv12=9f1175f2-62e6-11ef-9353-c84bd6836428&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36

Domain: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mgid.com/	1970-01-20 23:03:14	Name: __cf_bm Value: XIH0j_6_vgWQVbeB0Wqlw14BvTTr126mIfzNvQXLJrs-1724592810-1.0.1.1-IuY79vQKwIRPoSxTW7BCzfoK84h.jCK.GeehxCF0jwgVJOShpj1qINVuJ99hr.B3NQkmdbrfGdIf6jSeZHqclg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://home-awayh4.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://synergynews5.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
c.adskeeper.com
c.mgid.com
cdn.adskeeper.com
cdn.mgid.com
clck.adskeeper.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
home-awayh4.xyz
ipds.adrta.com
profileshopsale4.xyz
s-img.adskeeper.com
s-img.mgid.com
script.hotjar.com
shopsalesonic4.xyz
static.hotjar.com
synergynews5.xyz
www.google.com
www.gstatic.com
xml.cpcmart.com
xml.planetpush.net
xml.ppctraffic.co
xml.pushking.net
ipds.adrta.com
script.hotjar.com
108.138.106.101
173.214.240.15
199.182.164.180
2606:4700:1::6813:814c
2606:4700:1::6813:824c
2606:4700:1::6813:854c
2606:4700:4400::6812:2396
2606:4700:4400::ac40:986a
2607:f8b0:4006:806::2003
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::200a
08d0f5e32c3eb0dfa101c464376779cdd4efd5b316b825b4188eec7461872769
0d13f40cab09695fcbf213e89ab3fed51b7c1f123272735aa5e1cf6fc4b942ef
1c12ae756fb817d0abb72d6e28328223db0fc8027f54819d8a72278120d40b3a
2febfeebd65f3cc743cc06ebd239d4198e8acddbcd3f81652fbf78ff07582086
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
48c2337e54e2c204104a16e6a8c491b9ab8e46d5601319cd8c939831939e6628
5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
79d9949d17f753b115c0fcecf08cf442409d32146b7bc478e3b1efb8106547bd
800db8a499e397c94dd9e1c1f079c7009573cab652be72fcb060f08be9d66a9b
817fdd07145b90aeb3e73f412216ba2006ddcad6922289d13ed12944d6eed339
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9cc496947a797b91f80b244f83b1eef9258315ae43ad95d20623187851fea907
a98c4f22c9c8dc6a974276ebf08497fdf1b5d12d581f9a29c83a22ff8801170f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
be90000f4c5643fe4fe88c15ececa719088c7ff20dc07574c7bf62b8ec6008c7
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d88948a499380ce272f4920244b8fedfaec8ad36f4d40b1e4cb0e5441e8cb965
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e4637fe6fe084a6ee6d35fce1ba2ed9558dc92f5b433229273d534187d500eff

clck.adskeeper.com Open in urlscan Pro 2606:4700:4400::ac40:986a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

69 %HTTPS

75 %IPv6

16 Domains

24 Subdomains

12 IPs

1 Countries

450 kBTransfer

914 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

clck.adskeeper.com Open in urlscan Pro
2606:4700:4400::ac40:986a Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

69 %
HTTPS

75 %
IPv6

16
Domains

24
Subdomains

12
IPs

1
Countries

450 kB
Transfer

914 kB
Size

1
Cookies

39 HTTP transactions
0 data transactions