p.npcad.com Open in urlscan Pro
54.205.43.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news-xecoti.com/tds.php?sid=8057642&p1=tc_2998&fullscreen=1&domain=news-xecoti.com
Effective URL:
http://p.npcad.com/go/89517/482729
Submission: On January 21 via manual (January 21st 2023, 2:22:25 pm UTC) from CA — Scanned from GB

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 32 HTTP transactions. The main IP is 54.205.43.136, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is p.npcad.com.

This is the only time p.npcad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.108.117.25 193.108.117.25	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
30	149.7.16.233 149.7.16.233	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
2 2	34.107.199.247 34.107.199.247	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.205.43.136 54.205.43.136	14618 (AMAZON-AES) (AMAZON-AES)
1	168.119.90.21 168.119.90.21	24940 (HETZNER-AS) (HETZNER-AS)
32	3

1 193.108.117.25 (Frankfurt am Main, Germany) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 25-117-108-193.clients.gthost.com

news-xecoti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 149.7.16.233 (London, United Kingdom)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 233-16-7-149.clients.gthost.com

news-xecoti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.news-xecoti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.news-xecoti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.news-xecoti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.news-xecoti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.199.247 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com

www.cmjdj2smns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.c9ikptk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.43.136 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-43-136.compute-1.amazonaws.com

p.npcad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.90.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.90.119.168.clients.your-server.de

adeumssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	news-xecoti.com 1 redirects news-xecoti.com 1.news-xecoti.com 2.news-xecoti.com 3.news-xecoti.com 4.news-xecoti.com	172 KB
2	npcad.com 1 redirects p.npcad.com	676 B
1	adeumssp.com adeumssp.com — Cisco Umbrella Rank: 74775
1	c9ikptk.com 1 redirects www.c9ikptk.com	294 B
1	cmjdj2smns.com 1 redirects www.cmjdj2smns.com — Cisco Umbrella Rank: 420382	398 B
32	5

	Domain	Requested by
7	news-xecoti.com	1 redirects news-xecoti.com
6	4.news-xecoti.com	3.news-xecoti.com 4.news-xecoti.com
6	3.news-xecoti.com	2.news-xecoti.com 3.news-xecoti.com
6	2.news-xecoti.com	1.news-xecoti.com 2.news-xecoti.com
6	1.news-xecoti.com	news-xecoti.com 1.news-xecoti.com
2	p.npcad.com	1 redirects 4.news-xecoti.com
1	adeumssp.com	p.npcad.com
1	www.c9ikptk.com	1 redirects
1	www.cmjdj2smns.com	1 redirects
32	9

This site contains no links.

Subject Issuer	Validity	Valid
news-xecoti.com ZeroSSL ECC Domain Secure Site CA	`2022-12-26` - `2023-03-26`	3 months	crt.sh
adeumssp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh

This page contains 1 frames:

Frame: https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click
Frame ID: 2AEBF84227D008EB06D16C70A601C289
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://news-xecoti.com/tds.php?sid=8057642&p1=tc_2998&fullscreen=1&domain=news-xecoti.com HTTP 302
https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://www.cmjdj2smns.com/34PTSD/PS824/?sub1=zer HTTP 302
https://www.c9ikptk.com/34PTSD/BP658/?__rpt=0&__po=15&__ptid=8524606690fa4330bd93ff396e07df47&__rpa=... HTTP 302
http://p.npcad.com/go/89517/482729 Page URL

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

3
IPs

3
Countries

173 kB
Transfer

176 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news-xecoti.com/tds.php?sid=8057642&p1=tc_2998&fullscreen=1&domain=news-xecoti.com HTTP 302
https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Page URL
https://www.cmjdj2smns.com/34PTSD/PS824/?sub1=zer HTTP 302
https://www.c9ikptk.com/34PTSD/BP658/?__rpt=0&__po=15&__ptid=8524606690fa4330bd93ff396e07df47&__rpa=0&__rc=1&sub1=zer&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
http://p.npcad.com/go/89517/482729 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://news-xecoti.com/tds.php?sid=8057642&p1=tc_2998&fullscreen=1&domain=news-xecoti.com HTTP 302
https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=

Request Chain 30

http://p.npcad.com/ad/ad?p=89517&w=482729&t=20bc27ded2be6a80&r=&vw=1600&vh=1200 HTTP 303
https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
news-xecoti.com/lands/16/
Redirect Chain

http://news-xecoti.com/tds.php?sid=8057642&p1=tc_2998&fullscreen=1&domain=news-xecoti.com
https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=

3 KB
2 KB

209ms
70ms

Document
text/html

149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 349d97766d48b7d0fddec93ec046e62756df490a9dc49fc57493e9c300739fb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 14:22:10 GMT
pragma: no-cache
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 21 Jan 2023 14:22:10 GMT
Location: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 revopush.js Show response
news-xecoti.com/ 10 KB
10 KB 69ms
67ms Script
application/javascript 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://news-xecoti.com/revopush.js?v=4
Requested by: Host: news-xecoti.com
URL: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:10 GMT
last-modified: Thu, 15 Dec 2022 09:31:18 GMT
server: nginx
etag: "639ae966-26e2"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 man.png
news-xecoti.com/lands/16/ 10 KB
11 KB 135ms
134ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-xecoti.com/lands/16/man.png
Requested by: Host: news-xecoti.com
URL: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:10 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-295f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10591
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
news-xecoti.com/lands/16/ 1 KB
1 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-xecoti.com/lands/16/logo.png
Requested by: Host: news-xecoti.com
URL: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:10 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-425"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1061
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bot.png
news-xecoti.com/lands/16/ 11 KB
11 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news-xecoti.com/lands/16/bot.png
Requested by: Host: news-xecoti.com
URL: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:10 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-2b23"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 traffback.php
news-xecoti.com/ 79 B
221 B 69ms
69ms Fetch
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://news-xecoti.com/traffback.php?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=&land=16
Requested by: Host: news-xecoti.com
URL: https://news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 14:22:10 GMT
cache-control: no-cache, must-revalidate
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
1.news-xecoti.com/lands/16/ 3 KB
2 KB 134ms
70ms Document
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Requested by: Host: news-xecoti.com
URL: https://news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 613f387e9795ed17cc64e431bc868a1d6f838a3c77af74f2110e8a6b31ffde3b

Request headers

Referer: https://news-xecoti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 14:22:10 GMT
pragma: no-cache
server: nginx

GET
H2 200 revopush.js Show response
1.news-xecoti.com/ 10 KB
10 KB 68ms
67ms Script
application/javascript 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://1.news-xecoti.com/revopush.js?v=4
Requested by: Host: 1.news-xecoti.com
URL: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Thu, 15 Dec 2022 09:31:18 GMT
server: nginx
etag: "639ae966-26e2"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 man.png
1.news-xecoti.com/lands/16/ 10 KB
11 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1.news-xecoti.com/lands/16/man.png
Requested by: Host: 1.news-xecoti.com
URL: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-295f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10591
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
1.news-xecoti.com/lands/16/ 1 KB
1 KB 68ms
67ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1.news-xecoti.com/lands/16/logo.png
Requested by: Host: 1.news-xecoti.com
URL: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-425"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1061
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bot.png
1.news-xecoti.com/lands/16/ 11 KB
11 KB 68ms
67ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1.news-xecoti.com/lands/16/bot.png
Requested by: Host: 1.news-xecoti.com
URL: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-2b23"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 traffback.php
1.news-xecoti.com/ 79 B
221 B 68ms
68ms Fetch
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://1.news-xecoti.com/traffback.php?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=&land=16
Requested by: Host: 1.news-xecoti.com
URL: https://1.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 14:22:11 GMT
cache-control: no-cache, must-revalidate
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
2.news-xecoti.com/lands/16/ 3 KB
2 KB 85ms
70ms Document
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Requested by: Host: 1.news-xecoti.com
URL: https://1.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: f187407fdf181d2c485bc94a8bc8ef625b3c1bd4e9eb9885da63944884305a85

Request headers

Referer: https://1.news-xecoti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 14:22:11 GMT
pragma: no-cache
server: nginx

GET
H2 200 revopush.js Show response
2.news-xecoti.com/ 10 KB
10 KB 68ms
67ms Script
application/javascript 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://2.news-xecoti.com/revopush.js?v=4
Requested by: Host: 2.news-xecoti.com
URL: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Thu, 15 Dec 2022 09:31:18 GMT
server: nginx
etag: "639ae966-26e2"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 man.png
2.news-xecoti.com/lands/16/ 10 KB
11 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2.news-xecoti.com/lands/16/man.png
Requested by: Host: 2.news-xecoti.com
URL: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-295f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10591
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
2.news-xecoti.com/lands/16/ 1 KB
1 KB 68ms
67ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2.news-xecoti.com/lands/16/logo.png
Requested by: Host: 2.news-xecoti.com
URL: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-425"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1061
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bot.png
2.news-xecoti.com/lands/16/ 11 KB
11 KB 68ms
67ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2.news-xecoti.com/lands/16/bot.png
Requested by: Host: 2.news-xecoti.com
URL: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-2b23"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 traffback.php
2.news-xecoti.com/ 79 B
221 B 70ms
69ms Fetch
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://2.news-xecoti.com/traffback.php?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=&land=16
Requested by: Host: 2.news-xecoti.com
URL: https://2.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 14:22:11 GMT
cache-control: no-cache, must-revalidate
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
3.news-xecoti.com/lands/16/ 3 KB
2 KB 108ms
70ms Document
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Requested by: Host: 2.news-xecoti.com
URL: https://2.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 61a7d5c0bf66c5ee60569b56d4754676a2fd1c0b520adc76a87063c770de1aa6

Request headers

Referer: https://2.news-xecoti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 14:22:11 GMT
pragma: no-cache
server: nginx

GET
H2 200 revopush.js Show response
3.news-xecoti.com/ 10 KB
10 KB 68ms
67ms Script
application/javascript 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://3.news-xecoti.com/revopush.js?v=4
Requested by: Host: 3.news-xecoti.com
URL: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Thu, 15 Dec 2022 09:31:18 GMT
server: nginx
etag: "639ae966-26e2"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 man.png
3.news-xecoti.com/lands/16/ 10 KB
11 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.news-xecoti.com/lands/16/man.png
Requested by: Host: 3.news-xecoti.com
URL: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-295f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10591
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
3.news-xecoti.com/lands/16/ 1 KB
1 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.news-xecoti.com/lands/16/logo.png
Requested by: Host: 3.news-xecoti.com
URL: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-425"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1061
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bot.png
3.news-xecoti.com/lands/16/ 11 KB
11 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.news-xecoti.com/lands/16/bot.png
Requested by: Host: 3.news-xecoti.com
URL: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:11 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-2b23"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 traffback.php
3.news-xecoti.com/ 79 B
221 B 68ms
68ms Fetch
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://3.news-xecoti.com/traffback.php?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=&land=16
Requested by: Host: 3.news-xecoti.com
URL: https://3.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 14:22:11 GMT
cache-control: no-cache, must-revalidate
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
4.news-xecoti.com/lands/16/ 3 KB
2 KB 109ms
70ms Document
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Requested by: Host: 3.news-xecoti.com
URL: https://3.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 47b7384cd078abe24e59530dbce30d7cd150467e685644d25117cf142f8c897e

Request headers

Referer: https://3.news-xecoti.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 14:22:12 GMT
pragma: no-cache
server: nginx

GET
H2 200 revopush.js Show response
4.news-xecoti.com/ 10 KB
10 KB 68ms
67ms Script
application/javascript 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://4.news-xecoti.com/revopush.js?v=4
Requested by: Host: 4.news-xecoti.com
URL: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:12 GMT
last-modified: Thu, 15 Dec 2022 09:31:18 GMT
server: nginx
etag: "639ae966-26e2"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 man.png
4.news-xecoti.com/lands/16/ 10 KB
11 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.news-xecoti.com/lands/16/man.png
Requested by: Host: 4.news-xecoti.com
URL: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:12 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-295f"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10591
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
4.news-xecoti.com/lands/16/ 1 KB
1 KB 68ms
68ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.news-xecoti.com/lands/16/logo.png
Requested by: Host: 4.news-xecoti.com
URL: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:12 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-425"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1061
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bot.png
4.news-xecoti.com/lands/16/ 11 KB
11 KB 136ms
136ms Image
image/png 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.news-xecoti.com/lands/16/bot.png
Requested by: Host: 4.news-xecoti.com
URL: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 14:22:12 GMT
last-modified: Mon, 16 Sep 2019 12:08:48 GMT
server: nginx
etag: "5d7f7b50-2b23"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11043
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 traffback.php
4.news-xecoti.com/ 49 B
199 B 68ms
68ms Fetch
text/html 149.7.16.233
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://4.news-xecoti.com/traffback.php?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=&land=16
Requested by: Host: 4.news-xecoti.com
URL: https://4.news-xecoti.com/revopush.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.7.16.233 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 233-16-7-149.clients.gthost.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 14:22:12 GMT
cache-control: no-cache, must-revalidate
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request 482729 Show response
p.npcad.com/go/89517/
Redirect Chain

https://www.cmjdj2smns.com/34PTSD/PS824/?sub1=zer
https://www.c9ikptk.com/34PTSD/BP658/?__rpt=0&__po=15&__ptid=8524606690fa4330bd93ff396e07df47&__rpa=0&__rc=1&sub1=zer&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
http://p.npcad.com/go/89517/482729

425 B
458 B

335ms
119ms

Document
text/html

54.205.43.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://p.npcad.com/go/89517/482729
Requested by: Host: 4.news-xecoti.com
URL: https://4.news-xecoti.com/revopush.js?v=4
Protocol: HTTP/1.1
Server: 54.205.43.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-43-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 71cc64d54fd3c59506810e7112f2adbab0bc26a6c9bef8c3cdc3e64d5a4628ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 270
Content-Type: text/html
Date: Sat, 21 Jan 2023 14:22:13 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
content-type: text/html; charset=utf-8
date: Sat, 21 Jan 2023 14:22:12 GMT
location: http://p.npcad.com/go/89517/482729
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 764413a1-0d4f-4a9c-9a3b-2fd13d681525

GET
H2

204

smart
adeumssp.com/
Redirect Chain

http://p.npcad.com/ad/ad?p=89517&w=482729&t=20bc27ded2be6a80&r=&vw=1600&vh=1200
https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click

0
0

190ms
62ms

Document
text/plain

168.119.90.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click

Requested by

Host: p.npcad.com
URL: http://p.npcad.com/go/89517/482729

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.90.21 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.21.90.119.168.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://p.npcad.com/go/89517/482729
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sat, 21 Jan 2023 14:22:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 21 Jan 2023 14:22:13 GMT
Location: https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click
Server: nginx

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| x number| y

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news-xecoti.com/	1970-01-20 09:05:14	Name: clickdata Value: ODA1NzY0Mnw6fDE2fDp8dGNfMjk5OHw6fHw6fHw6fA%3D%3D
1.news-xecoti.com/	1970-01-20 09:05:14	Name: clickdata Value: ODA1NzY0Mnw6fDE2fDp8dGNfMjk5OHw6fHw6fHw6fA%3D%3D
2.news-xecoti.com/	1970-01-20 09:05:14	Name: clickdata Value: ODA1NzY0Mnw6fDE2fDp8dGNfMjk5OHw6fHw6fHw6fA%3D%3D
3.news-xecoti.com/	1970-01-20 09:05:14	Name: clickdata Value: ODA1NzY0Mnw6fDE2fDp8dGNfMjk5OHw6fHw6fHw6fA%3D%3D
4.news-xecoti.com/	1970-01-20 09:05:14	Name: clickdata Value: ODA1NzY0Mnw6fDE2fDp8dGNfMjk5OHw6fHw6fHw6fA%3D%3D
www.cmjdj2smns.com/	1970-01-20 09:25:20	Name: uniqueClick_PS824 Value: 6b5f2e25-4853-4653-a4bf-24ea6b821315:1674310932
www.c9ikptk.com/	1970-01-20 09:15:15	Name: uniqueClick_BP658 Value: 547e924d-87f7-4be2-8bae-e60e182345b5:1674310932
www.c9ikptk.com/	1970-01-20 11:14:46	Name: transaction_id Value: e632d04bb4b040009b9c1c6381c697ca

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://1.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://2.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://3.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://4.news-xecoti.com/lands/16/?site=8057642&sub1=tc_2998&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.news-xecoti.com
2.news-xecoti.com
3.news-xecoti.com
4.news-xecoti.com
adeumssp.com
news-xecoti.com
p.npcad.com
www.c9ikptk.com
www.cmjdj2smns.com
149.7.16.233
168.119.90.21
193.108.117.25
34.107.199.247
54.205.43.136
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
349d97766d48b7d0fddec93ec046e62756df490a9dc49fc57493e9c300739fb3
47b7384cd078abe24e59530dbce30d7cd150467e685644d25117cf142f8c897e
613f387e9795ed17cc64e431bc868a1d6f838a3c77af74f2110e8a6b31ffde3b
61a7d5c0bf66c5ee60569b56d4754676a2fd1c0b520adc76a87063c770de1aa6
71cc64d54fd3c59506810e7112f2adbab0bc26a6c9bef8c3cdc3e64d5a4628ac
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f187407fdf181d2c485bc94a8bc8ef625b3c1bd4e9eb9885da63944884305a85

p.npcad.com Open in urlscan Pro 54.205.43.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

32 Requests

97 %HTTPS

0 %IPv6

5 Domains

9 Subdomains

3 IPs

3 Countries

173 kBTransfer

176 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

p.npcad.com Open in urlscan Pro
54.205.43.136 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

3
IPs

3
Countries

173 kB
Transfer

176 kB
Size

8
Cookies

32 HTTP transactions
0 data transactions