news-shop2.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL:
https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNB...
Submission: On March 03 via api (March 3rd 2024, 12:15:37 am UTC) from US — Scanned from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 12 domains to perform 21 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is news-shop2.xyz.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.

This is the only time news-shop2.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18 22	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
5 5	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
4 4	178.63.248.55 178.63.248.55	24940 (HETZNER-AS) (HETZNER-AS)
10	46.4.15.55 46.4.15.55	24940 (HETZNER-AS) (HETZNER-AS)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1 1	178.63.248.54 178.63.248.54	24940 (HETZNER-AS) (HETZNER-AS)
21	5

22 173.214.240.15 (United States) 18 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

newssigns4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gamesmuse4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
news-shop2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.182.164.180 (United States) 5 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.pushking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.cpcmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.248.55 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: psh8.1push.io

g0-g3t-som3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wnt-some-push.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.4.15.55 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn11.1push.io

cdn4image.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.248.54 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: psh7.1push.io

g0-get-msg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	freetrckr.com 12 redirects freetrckr.com — Cisco Umbrella Rank: 785681	3 KB
10	cdn4image.com cdn4image.com — Cisco Umbrella Rank: 6530	163 KB
4	news-shop2.xyz 2 redirects news-shop2.xyz	3 KB
4	gstatic.com fonts.gstatic.com	62 KB
4	pushking.net 4 redirects xml.pushking.net — Cisco Umbrella Rank: 74799	2 KB
4	gamesmuse4.xyz 2 redirects gamesmuse4.xyz	3 KB
3	g0-g3t-som3.com 3 redirects g0-g3t-som3.com — Cisco Umbrella Rank: 12335	854 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
2	newssigns4.xyz 2 redirects newssigns4.xyz	607 B
1	g0-get-msg.net 1 redirects g0-get-msg.net — Cisco Umbrella Rank: 11408	284 B
1	wnt-some-push.net 1 redirects wnt-some-push.net — Cisco Umbrella Rank: 17590	285 B
1	cpcmart.com 1 redirects xml.cpcmart.com — Cisco Umbrella Rank: 811767	482 B
21	12

	Domain	Requested by
12	freetrckr.com	12 redirects news-shop2.xyz
10	cdn4image.com	gamesmuse4.xyz news-shop2.xyz
4	news-shop2.xyz	2 redirects gamesmuse4.xyz news-shop2.xyz
4	fonts.gstatic.com	fonts.googleapis.com
4	xml.pushking.net	4 redirects
4	gamesmuse4.xyz	2 redirects gamesmuse4.xyz
3	g0-g3t-som3.com	3 redirects
2	fonts.googleapis.com	gamesmuse4.xyz news-shop2.xyz
2	newssigns4.xyz	2 redirects
1	g0-get-msg.net	1 redirects
1	wnt-some-push.net	1 redirects
1	xml.cpcmart.com	1 redirects
21	12

This site contains no links.

Subject Issuer	Validity	Valid
gameslighting4.xyz R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cdn4image.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
goldnews2.xyz R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh

This page contains 1 frames:

Frame: https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
Frame ID: 27703534A0E8772FEF9A30E2169189B2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

http://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymi... HTTP 301
https://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

71 %
HTTPS

29 %
IPv6

12
Domains

12
Subdomains

5
IPs

2
Countries

232 kB
Transfer

247 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lti2ztyxm2i5ymvkotdiymuwmjjiy2u4yjblyjm5ztjlltywos0wljawodi5osuymiuyqyuymjuznc1kogi4mjnhmjexy2nkytbjm2ewyzazmje1yjy1o...~311~...5btgyx2fsbf9nyiuymiu3ra==&if=0 HTTP 301
https://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lti2ztyxm2i5ymvkotdiymuwmjjiy2u4yjblyjm5ztjlltywos0wljawodi5osuymiuyqyuymjuznc1kogi4mjnhmjexy2nkytbjm2ewyzazmje1yjy1o...~311~...5btgyx2fsbf9nyiuymiu3ra==&if=0 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lti2ztyxm2i5ymvkotdiymuwmjjiy2u4yjblyjm5ztjlltywos0wljawodi5osuymiuyqyuymjuznc1kogi4mjnhmjexy2nkytbjm2ewyzazmje1yjy1o...~311~...5btgyx2fsbf9nyiuymiu3ra==&if=0 HTTP 301
https://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lti2ztyxm2i5ymvkotdiymuwmjjiy2u4yjblyjm5ztjlltywos0wljawodi5osuymiuyqyuymjuznc1kogi4mjnhmjexy2nkytbjm2ewyzazmje1yjy1o...~311~...5btgyx2fsbf9nyiuymiu3ra==&if=0 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://gamesmuse4.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_1690_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDVmMDI2YjcxMzY5ZWZmODBkNGYxNThiOTQyMjg2MmE5JTI2cm5kJTNEMzU5MTQ0NDky&t=1709424931304&rnd=366181637&i=1 HTTP 302
https://xml.pushking.net/icon?sid=5f026b71369eff80d4f158b9422862a9&rnd=359144492 HTTP 302
https://g0-g3t-som3.com/icn/RSKnbzU_Iy6mYWa8aXja0K0j1BlGdmS2DCLEq4zkhNYiM0ZwdQDAXFwkbDMOM_7HBAq5O4QxaGiTKrZ9GO3fhFpJj_CAyvRIYpkmLrHqSfHETqUIjgKswwOiPNJdKuFUaHIQ4UaiSnYkme3NJEEFFLG05_SP7gvVoL8u1oHLZz6TPiF6gDnfe9nwDxPX7-m9mswEJDx8OS-14j9KPYqG7HEhdm2f843CNwb-wP9Pphq98DRZRHLWa2eVklhdtOn2tgMnXzzCCxvGZRQlqvTAWY-MzQQcZjWHkyzOnFwpr3XTykO-78Wxq3t3dm_ckLfs3mxoxqaTxaHzOZ1gQYub7d9BWawAfDKX7o6L4Y_WjmXNmqNLAD-QlWWQ1HhV0nXZ-J8JPLCOvqT_2Ol8dmGayTbDTsMu_Zonz3PHVqvhv9MWGFFZpRMviI3y0pUfro49VRvHi5RWMXKojzZO67MbE_WJ6ubsTDNX4dXoOY3AzsVsk8p1723kQw HTTP 301
https://cdn4image.com/creatives/654/423/192_0_1708497196980.webp

Request Chain 3

https://gamesmuse4.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_2177_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDA1NTY2Y2VkMDYzOWU5ZGFmZmVjYTY1YzY5ZjgzNWRkJTI2cm5kJTNEMzU5MTQ0NDky&t=1709424931304&rnd=926782057&i=1 HTTP 302
https://xml.pushking.net/icon?sid=05566ced0639e9daffeca65c69f835dd&rnd=359144492 HTTP 302
https://g0-g3t-som3.com/icn/ovXrPXU2VX68r2xKc65NqypLXdSrH7Nm1tAKRLaS6d8pwyZOIFnQ4G_cRrlgYJB6yBG1QQQVF4End1JBPJ_IQJmdHWztgMbNDYGh_-nXGoNT0BIB5_saD66Gjh--BtaawMmuJme4xwtCmJ-ClnngNe84r5HWJv_IasRuc7oKzON1qGszflUwUgfyk-cIkeC-h9-NA52oYQwLzQBz7UU1XlQQlCvz9HqURdKMTQvNLvCtg_vvsE5ftNKoYLYv-72OsF3bFAitw69v44-4btj3PWQNQWo3psng7RV35dpcHQ5Gv0_G9w9NiPAtgA0byQDumXQW4KTDxJUJqhwSMk9_tvU8IukMdaLY_8n81roDZaWxCMRh8cp7eoOS211zeoG-E4RC0iEeX7ZT6h4vpPzSjDdzB35xMHaNZRh6OtAX-g8e_jDo1DRBNHgmf5nozytFlqCWIDyeTFL1giLaiLDMr9NYuOI3g2jsftHCk4Fef_pkgD5EvsM4ztXlx4E HTTP 301
https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp

Request Chain 6

https://xml.cpcmart.com/icon?sid=2048630729232a3be0bf970d5e1c638d&rnd=58992712 HTTP 302
https://wnt-some-push.net/icn/xAkZvB3HWbNQmQmFcZ_YxWp0-AK2wFWsRd8zrDvWbniRIr36xCwFsLvqfrqF6hbUdYpKNAuuADZawNM9KEMlmwMx0Wr8jpqVyYxMtABAsQ3PqQFnsQbMtUAGPLHgXRaJqqad_3xiUn0VMMnIj-YV9vaIANEwzv1P879T26eGtL5tEiuAQ-S7s1vE3XStzSNgOM0LnQs1EDF9hB_XpuCfetWs44QkC35U0EWjlcfUsgJN0q-teXztnIvTRMr8Bq3-Xc7Wkb943fC1xaEEN5-pOGJsjqaU8Y-_89Z4wD06dzrndpZWQ7DmKAA3HkkrDrrsRyLWA8EYXYqrvcO0Se4fPkKddZ9EvfrwJ3qq2Q8NGRNMWUaco169jSHHgVQVQoK5Vmh4_M2kGsJhRfgai20oSphevYdG8y2Gwle_dcU702XOZI9SPttG1MEdIRb6k2PFgXu3yzdbNq3nFwDAsVqXFoa3h06118W4XqpsIURLXYRtntsGoIOtIksNUIc HTTP 301
https://cdn4image.com/creatives/652/603/192_1_1708184473477.webp

Request Chain 12

https://news-shop2.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_2177_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDk3OTE1YWY4YzM5NGIzMDI3M2E4YTAyM2I5NGIzMjQ2JTI2cm5kJTNENjM0NTMyMjU3&t=1709424935013&rnd=972310699&i=1 HTTP 302
https://xml.pushking.net/icon?sid=97915af8c394b30273a8a023b94b3246&rnd=634532257 HTTP 302
https://g0-get-msg.net/icn/wbo33Qi1QQJUjccQq6KmbfsRcmA3pEL1cxV2wFMHSLpu2eUFM0UR2QcEVPxFanMvr_BjcQM1FNOhWTpeYNeNOOQxoyrkVGHL_2k10MyoaM8kWgGC4vS1mhYkAOdjq7YWJ3xf76waJDDHhr29B-QsdIt5B1L-0aP8SG_x-D4cMsM6zLH_VbSZGj38c9lK91TbrRH2PES1kEPdfTbsdy2RvEx1pnLipxOqHkkpHj9yEU6j40LCS9HjKJP1QN0vnfu7ufqFTpkm6hNJ6NWOiM-S128cG2hrUZf66lg-bx78OpFx9Nkf7DB3gJ0Km5gIlWi7QWndrxt8qfU6kxrAfKJ077FK5uyFQTu-Lc7tj0sKKa0RCZCTQxFmzh5QVJChtbu6jvDFrxPFEgNK5C9Ubp5vnVGMDJI_K8DRWDl042TbLlAegiY2-b4zkaW0ljVzUAngd6nS3t-Eb3jhtN2bziEDcbib1qL620NSFsQ1XHbMm09AOX8YINpEcA HTTP 301
https://cdn4image.com/creatives/660/71/192_0_1709330943635.webp

Request Chain 13

https://news-shop2.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_1690_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGVmNTkzZDViY2U3NjRiMTQzOThmODZiZGM0MjhiNDU2JTI2cm5kJTNENjM0NTMyMjU3&t=1709424935013&rnd=663022666&i=1 HTTP 302
https://xml.pushking.net/icon?sid=ef593d5bce764b14398f86bdc428b456&rnd=634532257 HTTP 302
https://g0-g3t-som3.com/icn/UeoAzQS33mXCXnlsEskfdmcAcz3RWEs9rUrKNN9doVqO3TftBMfNAxsh8-JIcIoSQII6ht7tSoiaW5BgbevbMzOz5wWNgDxPFn7zk3oOl3kTnwmcWy-OgaXy-plxJQ3zLr2-JEFgi6-7sdaZD629Ds8o9OS0fbXmEf49wlQga7NGjDl3SkXEomnUJpFDO3JClxKdhXVXlLkAw3KCZk-jcVc0rq1PB_ZphAOkzdIXLe0jFCJRZCbY_7DaxJNK4rkBGhf6cYFhufkyh-iBYmxhGG7jO0oP5XnYd04VQERhIczZU88Mnh2npiNjItFBojGEODPxtBLw6ULGAu-kAleY7CBCy1sZA08Pt72PWVHLSf_tlAtX1s9YkRLuOH8U_xTLbSfUAKq_zCgcbeVvyoiGkDJ_pnsBDEStLQACeIVUOp6cJkfidoJ9TzeeosWbM2z0zu2ws3LUurBj0LodEZ3GIheb99E0FC8CS-HwOe5Jf_zDVpakkZjv8g HTTP 301
https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js Show response
gamesmuse4.xyz/
Redirect Chain

http://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lti2ztyxm2i5ymvkotdiymuwmjjiy2u4yjbly...
https://newssigns4.xyz/event_3873421d-36e2-15cd-9782-bced3e8e3ff7_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0lti2ztyxm2i5ymvkotdiymuwmjjiy2u4yjbl...
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
2 KB

349ms
117ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: f7897aa78534f412fb8aa40bcfd53b0e6fa0709d4400b771ecfba7e4f8909396

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 03 Mar 2024 00:15:31 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Sun, 03 Mar 2024 00:15:30 GMT
location: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 216ms
79ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gamesmuse4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 00:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 00:08:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 00:15:31 GMT

GET
H2

200

192_0_1708497196980.webp
cdn4image.com/creatives/654/423/
Redirect Chain

https://gamesmuse4.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_1690_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDVmMDI2YjcxMzY5ZWZmODBkNGYxNThiOTQyMjg2MmE5JTI2c...
https://xml.pushking.net/icon?sid=5f026b71369eff80d4f158b9422862a9&rnd=359144492
https://g0-g3t-som3.com/icn/RSKnbzU_Iy6mYWa8aXja0K0j1BlGdmS2DCLEq4zkhNYiM0ZwdQDAXFwkbDMOM_7HBAq5O4QxaGiTKrZ9GO3fhFpJj_CAyvRIYpkmLrHqSfHETqUIjgKswwOiPNJdKuFUaHIQ4UaiSnYkme3NJEEFFLG05_SP7gvVoL8u1oHLZ...
https://cdn4image.com/creatives/654/423/192_0_1708497196980.webp

17 KB
17 KB

155ms
155ms

Image
image/webp

46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/654/423/192_0_1708497196980.webp
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: 53efeadd16461585ab167cab634bd774d124e2c54ec4e84306655aecacbbfeb9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:32 GMT
last-modified: Wed, 21 Feb 2024 08:21:25 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 17042
expires: Mon, 04 Mar 2024 00:15:32 GMT

Redirect headers

location: https://cdn4image.com/creatives/654/423/192_0_1708497196980.webp
date: Sun, 03 Mar 2024 00:15:32 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: Angie
content-length: 0

GET
H2

200

192_0_1708497289258.webp
cdn4image.com/creatives/654/425/
Redirect Chain

https://gamesmuse4.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_2177_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDA1NTY2Y2VkMDYzOWU5ZGFmZmVjYTY1YzY5ZjgzNWRkJTI2c...
https://xml.pushking.net/icon?sid=05566ced0639e9daffeca65c69f835dd&rnd=359144492
https://g0-g3t-som3.com/icn/ovXrPXU2VX68r2xKc65NqypLXdSrH7Nm1tAKRLaS6d8pwyZOIFnQ4G_cRrlgYJB6yBG1QQQVF4End1JBPJ_IQJmdHWztgMbNDYGh_-nXGoNT0BIB5_saD66Gjh--BtaawMmuJme4xwtCmJ-ClnngNe84r5HWJv_IasRuc7oKz...
https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp

12 KB
12 KB

154ms
154ms

Image
image/webp

46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: 4f064baf8c5b59067ce93ae3805f37883f991f8aca6f468bf3d1982d1ceaf2bb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:32 GMT
last-modified: Wed, 21 Feb 2024 08:21:25 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 12526
expires: Mon, 04 Mar 2024 00:15:32 GMT

Redirect headers

location: https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp
date: Sun, 03 Mar 2024 00:15:32 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: Angie
content-length: 0

GET
H2 200 360_0_1708497196980.webp
cdn4image.com/creatives/654/423/ 28 KB
28 KB 484ms
155ms Image
image/webp 46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/654/423/360_0_1708497196980.webp
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: 360c093189f65b9e93c93e0e4f39406e2518e250441e97b764a6241df9ba9b1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gamesmuse4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:32 GMT
last-modified: Wed, 21 Feb 2024 08:21:25 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 28178
expires: Mon, 04 Mar 2024 00:15:32 GMT

GET
H2 200 360_0_1708497289258.webp
cdn4image.com/creatives/654/425/ 25 KB
25 KB 483ms
154ms Image
image/webp 46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/654/425/360_0_1708497289258.webp
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: ebdfd1cadf2b715b472323ba204da67c570ede273cca0598ec8c6acc11855763

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gamesmuse4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:32 GMT
last-modified: Wed, 21 Feb 2024 08:21:25 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 25290
expires: Mon, 04 Mar 2024 00:15:32 GMT

GET
H2

200

192_1_1708184473477.webp
cdn4image.com/creatives/652/603/
Redirect Chain

https://xml.cpcmart.com/icon?sid=2048630729232a3be0bf970d5e1c638d&rnd=58992712
https://wnt-some-push.net/icn/xAkZvB3HWbNQmQmFcZ_YxWp0-AK2wFWsRd8zrDvWbniRIr36xCwFsLvqfrqF6hbUdYpKNAuuADZawNM9KEMlmwMx0Wr8jpqVyYxMtABAsQ3PqQFnsQbMtUAGPLHgXRaJqqad_3xiUn0VMMnIj-YV9vaIANEwzv1P879T26e...
https://cdn4image.com/creatives/652/603/192_1_1708184473477.webp

7 KB
7 KB

154ms
154ms

Image
image/webp

46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/652/603/192_1_1708184473477.webp
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: c6dbcaeba0fff42c95ff6ff1d8beed6f5231194b9f6ceadcd80c34e3f7490409

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:32 GMT
last-modified: Sat, 17 Feb 2024 16:21:19 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 7410
expires: Mon, 04 Mar 2024 00:15:32 GMT

Redirect headers

location: https://cdn4image.com/creatives/652/603/192_1_1708184473477.webp
date: Sun, 03 Mar 2024 00:15:32 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: Angie
content-length: 0

GET
H2 200 360_1_1708184473477.webp
cdn4image.com/creatives/652/603/ 16 KB
16 KB 484ms
156ms Image
image/webp 46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/652/603/360_1_1708184473477.webp
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: 8d1824f2b06919bd9c86a46f3186e17459e59a08934e14f9c0b07e53b525c41c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gamesmuse4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:32 GMT
last-modified: Sat, 17 Feb 2024 16:21:19 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 16654
expires: Mon, 04 Mar 2024 00:15:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 218ms
82ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gamesmuse4.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 314582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 08:52:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 203ms
67ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gamesmuse4.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 314340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 08:56:32 GMT

GET
H2 200 event_386fe509-2ed3-af80-381e-80706ba275e9_101_0_2000
gamesmuse4.xyz/ 114 B
206 B 104ms
103ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesmuse4.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTVmMDI2YjcxMzY5ZWZmODBkNGYxNThiOTQyMjg2MmE5LTE2OTAtMC4wMDAzNzUlMjIlMkMlMjI1MzQtMDU1NjZjZWQwNjM5ZTlkYWZmZWNhNjVjNjlmODM1ZGQtMjE3Ny0wLjAwMDQ1JTIyJTVEJTdE&t=1709424931304&rnd=822896325&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/sw_3c745cff-e6cf-a93c-a0e8-981fd05c773e_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:34 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

Primary Request sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js Show response
news-shop2.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

316ms
100ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: gamesmuse4.xyz
URL: https://gamesmuse4.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTVmMDI2YjcxMzY5ZWZmODBkNGYxNThiOTQyMjg2MmE5LTE2OTAtMC4wMDAzNzUlMjIlMkMlMjI1MzQtMDU1NjZjZWQwNjM5ZTlkYWZmZWNhNjVjNjlmODM1ZGQtMjE3Ny0wLjAwMDQ1JTIyJTVEJTdE&t=1709424931304&rnd=822896325&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 09282ad22b13ecb0167e8ec030d650cf9a3810350d93e975ac820f19c614d9cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 03 Mar 2024 00:15:35 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Sun, 03 Mar 2024 00:15:34 GMT
location: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
854 B 81ms
80ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: news-shop2.xyz
URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news-shop2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 00:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 23:44:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 00:15:35 GMT

GET
H2

200

192_0_1709330943635.webp
cdn4image.com/creatives/660/71/
Redirect Chain

https://news-shop2.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_2177_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDk3OTE1YWY4YzM5NGIzMDI3M2E4YTAyM2I5NGIzMjQ2JTI2c...
https://xml.pushking.net/icon?sid=97915af8c394b30273a8a023b94b3246&rnd=634532257
https://g0-get-msg.net/icn/wbo33Qi1QQJUjccQq6KmbfsRcmA3pEL1cxV2wFMHSLpu2eUFM0UR2QcEVPxFanMvr_BjcQM1FNOhWTpeYNeNOOQxoyrkVGHL_2k10MyoaM8kWgGC4vS1mhYkAOdjq7YWJ3xf76waJDDHhr29B-QsdIt5B1L-0aP8SG_x-D4cMs...
https://cdn4image.com/creatives/660/71/192_0_1709330943635.webp

4 KB
4 KB

158ms
157ms

Image
image/webp

46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/660/71/192_0_1709330943635.webp
Requested by: Host: news-shop2.xyz
URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: b8776ed37638d98aea827a4c2bdd873a88050c92c3e4ab224a15ddc159dcaf6a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:35 GMT
last-modified: Fri, 01 Mar 2024 22:21:27 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 3952
expires: Mon, 04 Mar 2024 00:15:35 GMT

Redirect headers

location: https://cdn4image.com/creatives/660/71/192_0_1709330943635.webp
date: Sun, 03 Mar 2024 00:15:35 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: Angie
content-length: 0

GET
H2

200

192_0_1708497289258.webp
cdn4image.com/creatives/654/425/
Redirect Chain

https://news-shop2.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_1690_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGVmNTkzZDViY2U3NjRiMTQzOThmODZiZGM0MjhiNDU2JTI2c...
https://xml.pushking.net/icon?sid=ef593d5bce764b14398f86bdc428b456&rnd=634532257
https://g0-g3t-som3.com/icn/UeoAzQS33mXCXnlsEskfdmcAcz3RWEs9rUrKNN9doVqO3TftBMfNAxsh8-JIcIoSQII6ht7tSoiaW5BgbevbMzOz5wWNgDxPFn7zk3oOl3kTnwmcWy-OgaXy-plxJQ3zLr2-JEFgi6-7sdaZD629Ds8o9OS0fbXmEf49wlQga...
https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp

12 KB
12 KB

158ms
158ms

Image
image/webp

46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp
Requested by: Host: news-shop2.xyz
URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: 4f064baf8c5b59067ce93ae3805f37883f991f8aca6f468bf3d1982d1ceaf2bb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:35 GMT
last-modified: Wed, 21 Feb 2024 08:21:25 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 12526
expires: Mon, 04 Mar 2024 00:15:35 GMT

Redirect headers

location: https://cdn4image.com/creatives/654/425/192_0_1708497289258.webp
date: Sun, 03 Mar 2024 00:15:35 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: Angie
content-length: 0

GET
H2 200 360_0_1709330943635.webp
cdn4image.com/creatives/660/71/ 16 KB
16 KB 489ms
157ms Image
image/webp 46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/660/71/360_0_1709330943635.webp
Requested by: Host: news-shop2.xyz
URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: 885aee50aa706f296e2dff30063de50a8cf9593d7d9ad23e6fe0e821580bc20f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news-shop2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:35 GMT
last-modified: Fri, 01 Mar 2024 22:21:27 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 16204
expires: Mon, 04 Mar 2024 00:15:35 GMT

GET
H2 200 360_0_1708497289258.webp
cdn4image.com/creatives/654/425/ 25 KB
25 KB 489ms
158ms Image
image/webp 46.4.15.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/654/425/360_0_1708497289258.webp
Requested by: Host: news-shop2.xyz
URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.15.55 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn11.1push.io
Software: nginx /
Resource Hash: ebdfd1cadf2b715b472323ba204da67c570ede273cca0598ec8c6acc11855763

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news-shop2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:35 GMT
last-modified: Wed, 21 Feb 2024 08:21:25 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 25290
expires: Mon, 04 Mar 2024 00:15:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
44ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news-shop2.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 314585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 08:52:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 83ms
54ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news-shop2.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 314343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 08:56:32 GMT

GET
H2 200 event_386fe509-2ed3-af80-381e-80706ba275e9_101_0_3000
news-shop2.xyz/ 114 B
207 B 103ms
102ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news-shop2.xyz/event_386fe509-2ed3-af80-381e-80706ba275e9_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTk3OTE1YWY4YzM5NGIzMDI3M2E4YTAyM2I5NGIzMjQ2LTIxNzctMC4wMDA0OSUyMiUyQyUyMjUzNC1lZjU5M2Q1YmNlNzY0YjE0Mzk4Zjg2YmRjNDI4YjQ1Ni0xNjkwLTAuMDAwMzc1JTIyJTVEJTdE&t=1709424935013&rnd=437414027&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: news-shop2.xyz
URL: https://news-shop2.xyz/sw_8350aa0c-62e1-5dd9-8ed1-843e401b9b12_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:15:37 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET bid
freetrckr.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freetrckr.com
URL: https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4image.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
g0-g3t-som3.com
g0-get-msg.net
gamesmuse4.xyz
news-shop2.xyz
newssigns4.xyz
wnt-some-push.net
xml.cpcmart.com
xml.pushking.net
freetrckr.com
173.214.240.15
178.63.248.54
178.63.248.55
199.182.164.180
2607:f8b0:4006:80c::2003
2607:f8b0:4006:817::200a
46.4.15.55
09282ad22b13ecb0167e8ec030d650cf9a3810350d93e975ac820f19c614d9cc
360c093189f65b9e93c93e0e4f39406e2518e250441e97b764a6241df9ba9b1c
4f064baf8c5b59067ce93ae3805f37883f991f8aca6f468bf3d1982d1ceaf2bb
53efeadd16461585ab167cab634bd774d124e2c54ec4e84306655aecacbbfeb9
885aee50aa706f296e2dff30063de50a8cf9593d7d9ad23e6fe0e821580bc20f
8d1824f2b06919bd9c86a46f3186e17459e59a08934e14f9c0b07e53b525c41c
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
b8776ed37638d98aea827a4c2bdd873a88050c92c3e4ab224a15ddc159dcaf6a
c6dbcaeba0fff42c95ff6ff1d8beed6f5231194b9f6ceadcd80c34e3f7490409
ebdfd1cadf2b715b472323ba204da67c570ede273cca0598ec8c6acc11855763
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7897aa78534f412fb8aa40bcfd53b0e6fa0709d4400b771ecfba7e4f8909396

news-shop2.xyz Open in urlscan Pro 173.214.240.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

71 %HTTPS

29 %IPv6

12 Domains

12 Subdomains

5 IPs

2 Countries

232 kBTransfer

247 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

news-shop2.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

71 %
HTTPS

29 %
IPv6

12
Domains

12
Subdomains

5
IPs

2
Countries

232 kB
Transfer

247 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions