urlscan.io logo urlscan.io
SecurityTrails logo

capegames4.xyz Open in urlscan Pro
173.214.240.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brain-shoping4.xyz/event_6dc797e6-9825-7618-e313-b3c1274bc65b_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0...
Effective URL: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNB...
Submission: On August 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is capegames4.xyz.
TLS certificate: Issued by E6 on July 21st 2024. Valid for: 3 months.
This is the only time capegames4.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13 173.214.240.15 15317 (SERVEREL-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
5 5 199.182.164.180 15317 (SERVEREL-AS)
3 9 104.19.130.76 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
2 6 104.19.133.76 13335 (CLOUDFLAR...)
22 6
13    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
brain-shoping4.xyz
freetrckr.com
patientsale5.xyz
capegames4.xyz
2    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.planetpush.net
xml.pushking.net
9    104.19.130.76 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
4    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    104.19.133.76 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
Apex Domain
Subdomains		 Transfer
15 mgid.com
c.mgid.com — Cisco Umbrella Rank: 5722
s-img.mgid.com — Cisco Umbrella Rank: 6986
60 KB
6 patientsale5.xyz
patientsale5.xyz
3 KB
4 capegames4.xyz
capegames4.xyz
3 KB
4 gstatic.com
fonts.gstatic.com
74 KB
3 planetpush.net
xml.planetpush.net — Cisco Umbrella Rank: 78746
2 KB
2 pushking.net
xml.pushking.net — Cisco Umbrella Rank: 48173
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 637579
694 B
1 brain-shoping4.xyz
brain-shoping4.xyz
129 B
22 9
Domain Requested by
10 s-img.mgid.com patientsale5.xyz
capegames4.xyz
6 patientsale5.xyz 3 redirects patientsale5.xyz
5 c.mgid.com 5 redirects
4 capegames4.xyz 2 redirects patientsale5.xyz
capegames4.xyz
4 fonts.gstatic.com fonts.googleapis.com
3 xml.planetpush.net 3 redirects
2 xml.pushking.net 2 redirects
2 fonts.googleapis.com patientsale5.xyz
capegames4.xyz
2 freetrckr.com 2 redirects
1 brain-shoping4.xyz 1 redirects
22 10

This site contains no links.

Subject Issuer Validity Valid
spectrumtop5.xyz
E5		 2024-07-11 -
2024-10-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
mgid.com
WE1		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
wordbazar4.xyz
E6		 2024-07-21 -
2024-10-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: A35AC4AC498A2894F73318289F106855
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

  1. https://brain-shoping4.xyz/event_6dc797e6-9825-7618-e313-b3c1274bc65b_5_0_2000?payload=JTdCJTIyaCUyMiUz... HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
  2. https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

73 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

6
IPs

2
Countries

139 kB
Transfer

169 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brain-shoping4.xyz/event_6dc797e6-9825-7618-e313-b3c1274bc65b_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctNGM2MWIwYjRkNzk3MjExZWIyOTQ0OTU3YWQwYjlkMjMtMzQ1MC0wLjAwMDEyNSUyMiU1RCU3RA%3D%3D&t=1724251282725&rnd=330306706&js=1...%20311%20...2ZThfc3FfYWxsX2ZyJTIyJTdE&if=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://brain-shoping4.xyz/event_6dc797e6-9825-7618-e313-b3c1274bc65b_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctNGM2MWIwYjRkNzk3MjExZWIyOTQ0OTU3YWQwYjlkMjMtMzQ1MC0wLjAwMDEyNSUyMiU1RCU3RA%3D%3D&t=1724251282725&rnd=330306706&js=1...%20311%20...2ZThfc3FfYWxsX2ZyJTIyJTdE&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_3821_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEOWExNDg3YzAxMGI5NTk3NjMxNDU2ODE1NmFlOGI0OWUlMjZybmQlM0QzOTUwNTg5OTU%3D&t=1724563776883&rnd=810502046&i=1 HTTP 302
  • https://xml.planetpush.net/icon?sid=9a1487c010b95976314568156ae8b49e&rnd=395058995 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|DLNUBiFAL7e_wnhDYYDb3GvHGudXIwA6Re4LAZ3ZF0z3WzZSGxFIrPzLrmoHziL3M-FHhQ-Uc8GuO2IRig2FcbGlE4-tMBDUUeKFJsMLMoo*&cid=1581047&f=1&h2=ZSbozZDe7QlOVo5ryfs2e-q18ay1tHJuj0tFAu9Zd77g6AyCO7SB7epyijTbmkvJ&rid=045cff48-62a3-11ef-82f3-c84bd68370b4&psid=1290615&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5OTMxOTEzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6TTNOQ3g1WHpJMU55OW9kSFJ3T2k4dmFXMW5hRzl6ZEhNdVkyOXRMM1F2TWpBeU5DMHdOaTh6TnpBMU5UQXZZVFkwTURWa1pHWTVaVEEzT0RkbU9EVmpaVE0yTVRFME1HUTFZamcwWkRrdWNHNW4ud2VicD92PTE3MjQ1NjM3NzYtUmxUczJqNjJBalNxd1NYWnl3UjVuQXhlSHB5S1ZUU1J1WFdqZFA4V2JGOA== HTTP 301
  • https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zNzA1NTAvYTY0MDVkZGY5ZTA3ODdmODVjZTM2MTE0MGQ1Yjg0ZDkucG5n.webp?v=1724563776-RlTs2j62AjSqwSXZywR5nAxeHpyKVTSRuXWjdP8WbF8
Request Chain 3
  • https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEMDk4OWYyMmE1ZWU5OThhYjU4YTU4NmM2NjliZWZkOTUlMjZybmQlM0QzOTUwNTg5OTU%3D&t=1724563776883&rnd=443203766&i=1 HTTP 302
  • https://xml.planetpush.net/icon?sid=0989f22a5ee998ab58a586c669befd95&rnd=395058995 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|DLNUBiFAL7e_wnhDYYDb3JICAN2AfSM4vc3wnNJ6kl7rxLIPCYjQEQsAHPmrc-xiM-FHhQ-Uc8GuO2IRig2FcQL98MFsFSX9dzxV751bppg*&cid=1423484&f=1&h2=ZSbozZDe7QlOVo5ryfs2e-qxXJah6IvQH99pg35Tyi1FbDsJVc01KbSzVeo-jeJ3&rid=045cc3a0-62a3-11ef-82f3-c84bd68370b4&psid=1290615&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5NDA3MDA1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1EUXZOVFV4T0RnNUx6UTVaVGhqT0dZd016bGxZelZpWldFNVpqYzVOak0xWlRkbE9UaGhOakptTG1wd1pXYy53ZWJwP3Y9MTcyNDU2Mzc3Ni1FdW9IOU1oSkpMWklTeWlXUmVSbkYtWTNWNkJZanljOVpNcmc3UHRlS1FB HTTP 301
  • https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563776-EuoH9MhJJLZISyiWReRnF-Y3V6BYjyc9ZMrg7PteKQA
Request Chain 4
  • https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_3918_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEOWFiNWJjZjA4ZDdmNDhmNWE2MzBiNDc1YjMzZTA5YzglMjZybmQlM0QzOTUwNTg5OTU%3D&t=1724563776883&rnd=653787267&i=1 HTTP 302
  • https://xml.planetpush.net/icon?sid=9ab5bcf08d7f48f5a630b475b33e09c8&rnd=395058995 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|DLNUBiFAL7e_wnhDYYDb3Bf2lcAnBbsL2j8ZDykGFtgLMDpkogzIrtyHSR07hqLCM-FHhQ-Uc8GuO2IRig2FcVJ2kKI8ieFCSoXJry6ebs0*&cid=1620373&f=1&h2=ZSbozZDe7QlOVo5ryfs2e7gTGZYFmDsIpq-nVPQU1D5x4fi2x9-QF8AfXjDe2WdT&rid=045ccbb9-62a3-11ef-8ff5-c84bd6836428&psid=1290615&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5NDA3MDA1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1EUXZOVFV4T0RnNUx6UTVaVGhqT0dZd016bGxZelZpWldFNVpqYzVOak0xWlRkbE9UaGhOakptTG1wd1pXYy53ZWJwP3Y9MTcyNDU2Mzc3Ni1FdW9IOU1oSkpMWklTeWlXUmVSbkYtWTNWNkJZanljOVpNcmc3UHRlS1FB HTTP 301
  • https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563776-EuoH9MhJJLZISyiWReRnF-Y3V6BYjyc9ZMrg7PteKQA
Request Chain 13
  • https://capegames4.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_101_3911_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGNlMDgwZWRjY2VhNmE4OWUyZWFlYmVlMmJhNmUyN2I4JTI2cm5kJTNEMjM2NTE4Mjg1&t=1724563779324&rnd=641624164&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=ce080edccea6a89e2eaebee2ba6e27b8&rnd=236518285 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|NOsHViuKNZF2Ba3d4lx6kRf2lcAnBbsL2j8ZDykGFtgLMDpkogzIrtyHSR07hqLCM-FHhQ-Uc8GuO2IRig2FcTfP-8Y_CLttjKc1834tFqc*&cid=1620373&f=1&h2=ZSbozZDe7QlOVo5ryfs2e-qxXJah6IvQH99pg35Tyi1FbDsJVc01KbSzVeo-jeJ3&rid=05d3a38b-62a3-11ef-9599-c84bd6826564&psid=891551&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5NDA3MDA1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1EUXZOVFV4T0RnNUx6UTVaVGhqT0dZd016bGxZelZpWldFNVpqYzVOak0xWlRkbE9UaGhOakptTG1wd1pXYy53ZWJwP3Y9MTcyNDU2Mzc3OC1IbXdlV1NtM2hXQ0JNV0FiaEZPb1Z5a2EzSVBhTFhfYkFITHk1RkFOQ1A4 HTTP 301
  • https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563778-HmweWSm3hWCBMWAbhFOoVyka3IPaLX_bAHLy5FANCP8
Request Chain 14
  • https://capegames4.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_101_3285_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGVlYjU0YzU3MDdmMDc2NTljZjEwN2ZkNjAwOGJmY2Y4JTI2cm5kJTNEMjM2NTE4Mjg1&t=1724563779324&rnd=26751296&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=eeb54c5707f07659cf107fd6008bfcf8&rnd=236518285 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|NOsHViuKNZF2Ba3d4lx6kd2aVDbJ-HxcTuTMzu7FQf7rxLIPCYjQEQsAHPmrc-xiM-FHhQ-Uc8GuO2IRig2FcYR_emAZoA9RzfFCqrq3Avg*&cid=1423484&f=1&h2=ZSbozZDe7QlOVo5ryfs2e4jH529SlqhGbp_BMCT1tuc3tmBZX-dcx33FYBn2WJBl&rid=05d3e710-62a3-11ef-9599-c84bd6826564&psid=891551&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE5OTMxOTEzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6TTNOQ3g1WHpJMU55OW9kSFJ3T2k4dmFXMW5hRzl6ZEhNdVkyOXRMM1F2TWpBeU5DMHdOaTh6TnpBMU5UQXZZVFkwTURWa1pHWTVaVEEzT0RkbU9EVmpaVE0yTVRFME1HUTFZamcwWkRrdWNHNW4ud2VicD92PTE3MjQ1NjM3NzgtTWlBdUdVNjdxU2NZVDFHNGJ4d1FRaDBuRlhWckpLM1BUNFMwcy1DY1phTQ== HTTP 301
  • https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zNzA1NTAvYTY0MDVkZGY5ZTA3ODdmODVjZTM2MTE0MGQ1Yjg0ZDkucG5n.webp?v=1724563778-MiAuGU67qScYT1G4bxwQQh0nFXVrJK3PT4S0s-CcZaM

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js
patientsale5.xyz/
Redirect Chain
  • https://brain-shoping4.xyz/event_6dc797e6-9825-7618-e313-b3c1274bc65b_5_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5jcGNtYXJ0LmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIzMzctNGM2MWIwYjRkNzk3MjExZWIyOTQ0OTU3YW...
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
230e5fb4eecc30cc39a661b56dc4b934bbac090a351950a3487bdb5735c88cb2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 25 Aug 2024 05:29:36 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Sun, 25 Aug 2024 05:29:36 GMT
location
https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 05:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Aug 2024 04:15:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Aug 2024 05:29:37 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zN...
s-img.mgid.com/g/19931913/328x328/-/
Redirect Chain
  • https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_3821_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEOWExNDg3YzAxMGI5NTk3NjMxNDU2ODE1NmFlOGI0OWU...
  • https://xml.planetpush.net/icon?sid=9a1487c010b95976314568156ae8b49e&rnd=395058995
  • https://c.mgid.com/c?pv=2&v=0|0|0|DLNUBiFAL7e_wnhDYYDb3GvHGudXIwA6Re4LAZ3ZF0z3WzZSGxFIrPzLrmoHziL3M-FHhQ-Uc8GuO2IRig2FcbGlE4-tMBDUUeKFJsMLMoo*&cid=1581047&f=1&h2=ZSbozZDe7QlOVo5ryfs2e-q18ay1tHJuj0t...
  • https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1N...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zNzA1NTAvYTY0MDVkZGY5ZTA3ODdmODVjZTM2MTE0MGQ1Yjg0ZDkucG5n.webp?v=1724563776-RlTs2j62AjSqwSXZywR5nAxeHpyKVTSRuXWjdP8WbF8
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6dbf70b549920775cc031bed3f5ea6c0898ed0c542423b3277cb9f03e1d3901
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
a82f3d5d-7bc3-4c81-adc5-f208d7c0c316
age
206931
alt-svc
h3=":443"; ma=86400
content-length
6698
last-modified
Thu, 22 Aug 2024 20:00:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f795c9b4972-MIA

Redirect headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
2ef8353f-a86e-4652-9d41-9570f777f3fd
server
cloudflare
location
https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zNzA1NTAvYTY0MDVkZGY5ZTA3ODdmODVjZTM2MTE0MGQ1Yjg0ZDkucG5n.webp?v=1724563776-RlTs2j62AjSqwSXZywR5nAxeHpyKVTSRuXWjdP8WbF8
cf-ray
8b892f78dc5a4972-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjO...
s-img.mgid.com/g/19407005/328x328/-/
Redirect Chain
  • https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEMDk4OWYyMmE1ZWU5OThhYjU4YTU4NmM2NjliZWZkOTU...
  • https://xml.planetpush.net/icon?sid=0989f22a5ee998ab58a586c669befd95&rnd=395058995
  • https://c.mgid.com/c?pv=2&v=0|0|0|DLNUBiFAL7e_wnhDYYDb3JICAN2AfSM4vc3wnNJ6kl7rxLIPCYjQEQsAHPmrc-xiM-FHhQ-Uc8GuO2IRig2FcQL98MFsFSX9dzxV751bppg*&cid=1423484&f=1&h2=ZSbozZDe7QlOVo5ryfs2e-qxXJah6IvQH99...
  • https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ...
7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563776-EuoH9MhJJLZISyiWReRnF-Y3V6BYjyc9ZMrg7PteKQA
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55451a576dc0dda6e92e95af2865bdfc7de26e8740ea62f1f673ae351c0666d4

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 20:00:45 GMT
x-mg-request-uuid
c4b422db-556d-4200-b8b9-84ab89a6181a
server
cloudflare
age
206932
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f795c9e4972-MIA
content-length
7318
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
9799de6d-4fce-4db2-9989-0fe4f82ce3b6
server
cloudflare
location
https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563776-EuoH9MhJJLZISyiWReRnF-Y3V6BYjyc9ZMrg7PteKQA
cf-ray
8b892f78dc584972-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjO...
s-img.mgid.com/g/19407005/328x328/-/
Redirect Chain
  • https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_3918_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEOWFiNWJjZjA4ZDdmNDhmNWE2MzBiNDc1YjMzZTA5Yzg...
  • https://xml.planetpush.net/icon?sid=9ab5bcf08d7f48f5a630b475b33e09c8&rnd=395058995
  • https://c.mgid.com/c?pv=2&v=0|0|0|DLNUBiFAL7e_wnhDYYDb3Bf2lcAnBbsL2j8ZDykGFtgLMDpkogzIrtyHSR07hqLCM-FHhQ-Uc8GuO2IRig2FcVJ2kKI8ieFCSoXJry6ebs0*&cid=1620373&f=1&h2=ZSbozZDe7QlOVo5ryfs2e7gTGZYFmDsIpq-...
  • https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563776-EuoH9MhJJLZISyiWReRnF-Y3V6BYjyc9ZMrg7PteKQA
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55451a576dc0dda6e92e95af2865bdfc7de26e8740ea62f1f673ae351c0666d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
c4b422db-556d-4200-b8b9-84ab89a6181a
age
206932
alt-svc
h3=":443"; ma=86400
content-length
7318
last-modified
Thu, 22 Aug 2024 20:00:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f795c9e4972-MIA

Redirect headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
d4ef1015-163c-4a12-b981-af4aa60c2101
server
cloudflare
location
https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563776-EuoH9MhJJLZISyiWReRnF-Y3V6BYjyc9ZMrg7PteKQA
cf-ray
8b892f78ec604972-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzQseV8yNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvM...
s-img.mgid.com/g/19931913/453x227/-/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19931913/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzQseV8yNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvMzcwNTUwL2E2NDA1ZGRmOWUwNzg3Zjg1Y2UzNjExNDBkNWI4NGQ5LnBuZw.webp?v=1724563776-p1nABrabH962xrWO0xSigahwisqTwDJ9wf0nk9nxCDY
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca39bd4399cd62c459afe0e1d99656153a87650a9cab54e2a241de25778b9de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
40501f14-0384-4bcf-9c62-6e7177692019
age
206932
alt-svc
h3=":443"; ma=86400
content-length
6310
last-modified
Thu, 22 Aug 2024 20:00:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f77fbe54972-MIA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA0LzU1MTg4OS80OWU4Y...
s-img.mgid.com/g/19407005/453x227/-/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19407005/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA0LzU1MTg4OS80OWU4YzhmMDM5ZWM1YmVhOWY3OTYzNWU3ZTk4YTYyZi5qcGVn.webp?v=1724563776-R_j7A2uIg2t0lyQF6JFp8iaQD_jqiwAMC0THq2YgV-0
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2799de36f9643393515cc5e29b206dc7f570850508a4562c37e614794ad7a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
ca28a1ad-69a2-48c6-aee7-d7663693d93c
age
206933
alt-svc
h3=":443"; ma=86400
content-length
7812
last-modified
Thu, 22 Aug 2024 20:00:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f77fbe64972-MIA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA0LzU1MTg4OS80OWU4Y...
s-img.mgid.com/g/19407005/453x227/-/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19407005/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA0LzU1MTg4OS80OWU4YzhmMDM5ZWM1YmVhOWY3OTYzNWU3ZTk4YTYyZi5qcGVn.webp?v=1724563776-R_j7A2uIg2t0lyQF6JFp8iaQD_jqiwAMC0THq2YgV-0
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2799de36f9643393515cc5e29b206dc7f570850508a4562c37e614794ad7a9

Request headers

Referer
https://patientsale5.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 20:00:44 GMT
x-mg-request-uuid
ca28a1ad-69a2-48c6-aee7-d7663693d93c
server
cloudflare
age
206933
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f77fbe64972-MIA
content-length
7812
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://patientsale5.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:46:33 GMT
x-content-type-options
nosniff
age
204184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Aug 2025 20:46:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://patientsale5.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:46:30 GMT
x-content-type-options
nosniff
age
204187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Aug 2025 20:46:30 GMT
favicon.ico
patientsale5.xyz/ 		548 B
245 B 		Other
General
Check archive.org
Download Go to
Full URL
https://patientsale5.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:37 GMT
content-encoding
gzip
server
nginx
content-type
text/html
event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_0_3001
patientsale5.xyz/ 		114 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtOWExNDg3YzAxMGI5NTk3NjMxNDU2ODE1NmFlOGI0OWUtMzgyMS0wLjAyMDA2JTIyJTJDJTIyODg2LTA5ODlmMjJhNWVlOTk4YWI1OGE1ODZjNjY5YmVmZDk1LTMyODYtMC4wMjEzOTglMjIlMkMlMjI4ODYtOWFiNWJjZjA4ZDdmNDhmNWE2MzBiNDc1YjMzZTA5YzgtMzkxOC0wLjAyMjA2NiUyMiU1RCU3RA%3D%3D&t=1724563776883&rnd=87873077&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_5ab6a519-9ca2-7ff2-aef2-603ddd6401ff_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
865d7493ad517d69d95e3ba08c3613c491ccad1236da138bdb94d9e1c1b64402

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:38 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js
capegames4.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: patientsale5.xyz
URL: https://patientsale5.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtOWExNDg3YzAxMGI5NTk3NjMxNDU2ODE1NmFlOGI0OWUtMzgyMS0wLjAyMDA2JTIyJTJDJTIyODg2LTA5ODlmMjJhNWVlOTk4YWI1OGE1ODZjNjY5YmVmZDk1LTMyODYtMC4wMjEzOTglMjIlMkMlMjI4ODYtOWFiNWJjZjA4ZDdmNDhmNWE2MzBiNDc1YjMzZTA5YzgtMzkxOC0wLjAyMjA2NiUyMiU1RCU3RA%3D%3D&t=1724563776883&rnd=87873077&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
3c53a3c9a49698164f40bff3314b17774d59f869f37758dc606ad535125d40fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 25 Aug 2024 05:29:39 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Sun, 25 Aug 2024 05:29:39 GMT
location
https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: capegames4.xyz
URL: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://capegames4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 05:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Aug 2024 04:09:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Aug 2024 05:29:39 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjO...
s-img.mgid.com/g/19407005/328x328/-/
Redirect Chain
  • https://capegames4.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_101_3911_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGNlMDgwZWRjY2VhNmE4OWUyZWFlYmVlMmJhNmUyN2I4JTI2c...
  • https://xml.pushking.net/icon?sid=ce080edccea6a89e2eaebee2ba6e27b8&rnd=236518285
  • https://c.mgid.com/c?pv=2&v=0|0|0|NOsHViuKNZF2Ba3d4lx6kRf2lcAnBbsL2j8ZDykGFtgLMDpkogzIrtyHSR07hqLCM-FHhQ-Uc8GuO2IRig2FcTfP-8Y_CLttjKc1834tFqc*&cid=1620373&f=1&h2=ZSbozZDe7QlOVo5ryfs2e-qxXJah6IvQH99...
  • https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563778-HmweWSm3hWCBMWAbhFOoVyka3IPaLX_bAHLy5FANCP8
Requested by
Host: capegames4.xyz
URL: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55451a576dc0dda6e92e95af2865bdfc7de26e8740ea62f1f673ae351c0666d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://capegames4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
c4b422db-556d-4200-b8b9-84ab89a6181a
age
206934
alt-svc
h3=":443"; ma=86400
content-length
7318
last-modified
Thu, 22 Aug 2024 20:00:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f884da6498c-MIA

Redirect headers

date
Sun, 25 Aug 2024 05:29:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
ac9c60b0-7993-4e36-ad14-3076a3ad2931
server
cloudflare
location
https://s-img.mgid.com/g/19407005/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDQvNTUxODg5LzQ5ZThjOGYwMzllYzViZWE5Zjc5NjM1ZTdlOThhNjJmLmpwZWc.webp?v=1724563778-HmweWSm3hWCBMWAbhFOoVyka3IPaLX_bAHLy5FANCP8
cf-ray
8b892f87dd48498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zN...
s-img.mgid.com/g/19931913/328x328/-/
Redirect Chain
  • https://capegames4.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_101_3285_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGVlYjU0YzU3MDdmMDc2NTljZjEwN2ZkNjAwOGJmY2Y4JTI2c...
  • https://xml.pushking.net/icon?sid=eeb54c5707f07659cf107fd6008bfcf8&rnd=236518285
  • https://c.mgid.com/c?pv=2&v=0|0|0|NOsHViuKNZF2Ba3d4lx6kd2aVDbJ-HxcTuTMzu7FQf7rxLIPCYjQEQsAHPmrc-xiM-FHhQ-Uc8GuO2IRig2FcYR_emAZoA9RzfFCqrq3Avg*&cid=1423484&f=1&h2=ZSbozZDe7QlOVo5ryfs2e4jH529SlqhGbp_...
  • https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1N...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zNzA1NTAvYTY0MDVkZGY5ZTA3ODdmODVjZTM2MTE0MGQ1Yjg0ZDkucG5n.webp?v=1724563778-MiAuGU67qScYT1G4bxwQQh0nFXVrJK3PT4S0s-CcZaM
Requested by
Host: capegames4.xyz
URL: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6dbf70b549920775cc031bed3f5ea6c0898ed0c542423b3277cb9f03e1d3901
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://capegames4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
a82f3d5d-7bc3-4c81-adc5-f208d7c0c316
age
206933
alt-svc
h3=":443"; ma=86400
content-length
6698
last-modified
Thu, 22 Aug 2024 20:00:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f884da2498c-MIA

Redirect headers

date
Sun, 25 Aug 2024 05:29:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
0df530b1-009a-407e-adb4-afb90ea121bd
server
cloudflare
location
https://s-img.mgid.com/g/19931913/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3NCx5XzI1Ny9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNi8zNzA1NTAvYTY0MDVkZGY5ZTA3ODdmODVjZTM2MTE0MGQ1Yjg0ZDkucG5n.webp?v=1724563778-MiAuGU67qScYT1G4bxwQQh0nFXVrJK3PT4S0s-CcZaM
cf-ray
8b892f87dd46498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA0LzU1MTg4OS80OWU4Y...
s-img.mgid.com/g/19407005/453x227/-/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19407005/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTA0LzU1MTg4OS80OWU4YzhmMDM5ZWM1YmVhOWY3OTYzNWU3ZTk4YTYyZi5qcGVn.webp?v=1724563778-fEC3K28MI3xiXBiYRnfWrkMPpzOtDZaDuGu4NQpJ9Xw
Requested by
Host: capegames4.xyz
URL: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2799de36f9643393515cc5e29b206dc7f570850508a4562c37e614794ad7a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://capegames4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
ca28a1ad-69a2-48c6-aee7-d7663693d93c
age
206935
alt-svc
h3=":443"; ma=86400
content-length
7812
last-modified
Thu, 22 Aug 2024 20:00:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f86ecbc498c-MIA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzQseV8yNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvM...
s-img.mgid.com/g/19931913/453x227/-/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/19931913/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzQseV8yNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDYvMzcwNTUwL2E2NDA1ZGRmOWUwNzg3Zjg1Y2UzNjExNDBkNWI4NGQ5LnBuZw.webp?v=1724563778-xLvszuhiXJosUs1VN7E_b9AY2TqiNIeC10MPT8Yx06Y
Requested by
Host: capegames4.xyz
URL: https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca39bd4399cd62c459afe0e1d99656153a87650a9cab54e2a241de25778b9de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://capegames4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
40501f14-0384-4bcf-9c62-6e7177692019
age
206934
alt-svc
h3=":443"; ma=86400
content-length
6310
last-modified
Thu, 22 Aug 2024 20:00:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8b892f86ecb8498c-MIA
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://capegames4.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:46:33 GMT
x-content-type-options
nosniff
age
204186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Aug 2025 20:46:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://capegames4.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 20:46:30 GMT
x-content-type-options
nosniff
age
204189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Aug 2025 20:46:30 GMT
favicon.ico
capegames4.xyz/ 		548 B
245 B 		Other
General
Check archive.org
Download Go to
Full URL
https://capegames4.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://capegames4.xyz/sw_c753ef26-dd0f-dfc8-a516-e69b50e54c86_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:29:39 GMT
content-encoding
gzip
server
nginx
content-type
text/html
event_d5b10249-a2a7-add4-5023-9876806ffa5e_101_0_3000
capegames4.xyz/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
capegames4.xyz
URL
https://capegames4.xyz/event_d5b10249-a2a7-add4-5023-9876806ffa5e_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LWNlMDgwZWRjY2VhNmE4OWUyZWFlYmVlMmJhNmUyN2I4LTM5MTEtMC4wMjE3MzIlMjIlMkMlMjI1MzQtZWViNTRjNTcwN2YwNzY1OWNmMTA3ZmQ2MDA4YmZjZjgtMzI4NS0wLjAyMTM5OCUyMiU1RCU3RA%3D%3D&t=1724563779324&rnd=513352285&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

1 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: jY.1XglXwX3rsuwQVSIE.gyerIqM_PnRQaGFU_Q7CGg-1724563777-1.0.1.1-zIn8_FFePX051UB5R_JJ8j1soqfXl8r1aeIWcJ3ct2o_390YTmlA45YaMGUjprW3H8DfnecofCn30_4FtJK9lg

2 Console Messages

Source Level URL
Text
network error URL: https://patientsale5.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://capegames4.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()