hellspin3.com Open in urlscan Pro
2606:4700:20::681a:a52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL:
https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_camp...
Submission: On May 02 via api (May 2nd 2024, 9:32:53 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 30 domains to perform 42 HTTP transactions. The main IP is 2606:4700:20::681a:a52, located in United States and belongs to CLOUDFLARENET, US. The main domain is hellspin3.com.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2024. Valid for: 3 months.

This is the only time hellspin3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 8	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3 3	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
5 6	2a00:1d26:c77... 2a00:1d26:c771::11	49544 (I3DNET) (I3DNET)
4 4	88.214.195.156 88.214.195.156	46636 (NATCOWEB) (NATCOWEB)
4	5.9.105.245 5.9.105.245	24940 (HETZNER-AS) (HETZNER-AS)
2 2	172.67.204.15 172.67.204.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	109.206.178.121 109.206.178.121	50245 (SERVEREL-AS) (SERVEREL-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	88.214.195.153 88.214.195.153	46636 (NATCOWEB) (NATCOWEB)
1 1	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.127.34.20 3.127.34.20	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:20:... 2606:4700:20::681a:a52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.41.153 104.18.41.153	() ()
1	65.9.66.99 65.9.66.99	() ()
3	104.16.160.145 104.16.160.145	() ()
1	2600:9000:244... 2600:9000:244f:bc00:11:fa7d:1740:21	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2008	() ()
1	34.160.158.95 34.160.158.95	() ()
1	2.19.96.75 2.19.96.75	() ()
1	2a02:26f0:350... 2a02:26f0:3500:4::b818:4d9e	() ()
42	15

8 173.214.240.15 (United States) 5 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

gamesprofessor2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freshnewsnow3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.182.164.180 (United States) 3 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.rexsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1d26:c771::11 (Newark, United States) 5 redirects

ASN49544 (I3DNET, NL)

us.skated.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.214.195.156 (United Kingdom) 4 redirects

ASN46636 (NATCOWEB, US)

track.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.9.105.245 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.105.9.5.clients.your-server.de

ads.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.204.15 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

icon-adc.realsh.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img-adc.realsh.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.178.121 (Amsterdam, Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: mx.pushsupreme.com

eu.xml.rexsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.195.153 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

track.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media.hellpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.34.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-34-20.eu-central-1.compute.amazonaws.com

mediahell.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:a52 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hellspin3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.153 (None, )

ASN- ()

casino.cur.a8r.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.99 (None, )

ASN- ()

cdn.seon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.160.145 (None, )

ASN- ()

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:244f:bc00:11:fa7d:1740:21 (None, )

ASN- ()

d16vnr1tync57h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.158.95 (None, )

ASN- ()

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.96.75 (None, )

ASN- ()

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:4::b818:4d9e (None, )

ASN- ()

ws-cdn001.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	trackingtraffo.com 5 redirects track.trackingtraffo.com — Cisco Umbrella Rank: 183521 ads.trackingtraffo.com — Cisco Umbrella Rank: 223674	160 KB
6	skated.co 5 redirects us.skated.co — Cisco Umbrella Rank: 47119	4 KB
5	hellspin3.com 1 redirects hellspin3.com platform.hellspin3.com Failed	242 KB
5	freshnewsnow3.xyz 2 redirects freshnewsnow3.xyz	3 KB
4	rexsrv.com 4 redirects xml.rexsrv.com — Cisco Umbrella Rank: 87402 eu.xml.rexsrv.com — Cisco Umbrella Rank: 285514	2 KB
3	onesignal.com cdn.onesignal.com onesignal.com	73 KB
3	gstatic.com fonts.gstatic.com	69 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
2	realsh.xyz 2 redirects icon-adc.realsh.xyz — Cisco Umbrella Rank: 198207 img-adc.realsh.xyz — Cisco Umbrella Rank: 383045	1 KB
2	freetrckr.com 2 redirects freetrckr.com — Cisco Umbrella Rank: 729711	616 B
1	akamaized.net ws-cdn001.akamaized.net	65 KB
1	livechatinc.com cdn.livechatinc.com api.livechatinc.com Failed	27 KB
1	aswpsdkus.com aswpsdkus.com	39 KB
1	googletagmanager.com www.googletagmanager.com	75 KB
1	cloudfront.net d16vnr1tync57h.cloudfront.net	32 KB
1	seon.io cdn.seon.io	109 KB
1	a8r.games casino.cur.a8r.games	2 KB
1	mediahell.world 1 redirects mediahell.world	181 B
1	hellpartners.com 1 redirects media.hellpartners.com	889 B
1	gamesprofessor2.xyz 1 redirects gamesprofessor2.xyz	120 B
0	taboola.com Failed trc.taboola.com Failed
0	tsyndicate.com Failed tsyndicate.com Failed
0	realsrv.com Failed syndication.realsrv.com Failed
0	pemsrv.com Failed s.pemsrv.com Failed
0	opoxv.com Failed s.opoxv.com Failed
0	magsrv.com Failed s.magsrv.com Failed
0	trafficjunky.net Failed ads.trafficjunky.net Failed
0	yandex.ru Failed mc.yandex.ru Failed
0	eskimi.com Failed dsp-media.eskimi.com Failed
0	sportradar.com Failed tm.ads.sportradar.com Failed
42	30

	Domain	Requested by
6	us.skated.co	5 redirects freshnewsnow3.xyz
5	hellspin3.com	1 redirects hellspin3.com
5	track.trackingtraffo.com	5 redirects www.googletagmanager.com
5	freshnewsnow3.xyz	2 redirects freshnewsnow3.xyz
4	ads.trackingtraffo.com	freshnewsnow3.xyz
3	fonts.gstatic.com	fonts.googleapis.com
3	xml.rexsrv.com	3 redirects
3	fonts.googleapis.com	freshnewsnow3.xyz hellspin3.com
2	cdn.onesignal.com	hellspin3.com cdn.onesignal.com
2	freetrckr.com	2 redirects
1	onesignal.com	cdn.onesignal.com
1	ws-cdn001.akamaized.net	hellspin3.com
1	cdn.livechatinc.com	hellspin3.com
1	aswpsdkus.com	hellspin3.com
1	www.googletagmanager.com	hellspin3.com www.googletagmanager.com
1	d16vnr1tync57h.cloudfront.net	hellspin3.com
1	cdn.seon.io	hellspin3.com
1	casino.cur.a8r.games	hellspin3.com
1	mediahell.world	1 redirects
1	media.hellpartners.com	1 redirects
1	img-adc.realsh.xyz	1 redirects
1	eu.xml.rexsrv.com	1 redirects
1	icon-adc.realsh.xyz	1 redirects
1	gamesprofessor2.xyz	1 redirects
0	trc.taboola.com Failed	hellspin3.com
0	tsyndicate.com Failed	hellspin3.com
0	syndication.realsrv.com Failed	hellspin3.com
0	s.pemsrv.com Failed	hellspin3.com
0	s.opoxv.com Failed	hellspin3.com
0	s.magsrv.com Failed	hellspin3.com
0	ads.trafficjunky.net Failed	hellspin3.com
0	mc.yandex.ru Failed	freshnewsnow3.xyz
0	dsp-media.eskimi.com Failed	freshnewsnow3.xyz
0	tm.ads.sportradar.com Failed	freshnewsnow3.xyz
0	api.livechatinc.com Failed	cdn.livechatinc.com
0	platform.hellspin3.com Failed	hellspin3.com
42	36

This site contains no links.

Subject Issuer	Validity	Valid
freshnewsnow3.xyz R3	`2024-03-15` - `2024-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.skated.co R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
hellspin3.com GTS CA 1P5	`2024-03-09` - `2024-06-07`	3 months	crt.sh
a8r.games Cloudflare Inc ECC CA-3	`2023-06-19` - `2024-06-18`	a year	crt.sh
*.seon.io Amazon RSA 2048 M02	`2023-07-07` - `2024-08-03`	a year	crt.sh
onesignal.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
aswpsdkus.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-09`	a year	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Frame ID: DD0FEFC5771E4A66CD900A801AD3E176
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymi... HTTP 307
https://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJT... Page URL
https://xml.rexsrv.com/click?s=1&tid=1496&sid=a3f156a1d7f1baf4b1551641e88d17b5&rnd=853262092 HTTP 302
https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0b... Page URL
https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0b... HTTP 302
https://track.trackingtraffo.com/push/c?auth=mz3uj39&c=N7Sp9Ys4F1RzHQ0RIIs671t1i_muq3inkTgtyx5ed0HMb-LH_o8BBC... HTTP 302
https://media.hellpartners.com/redirect.aspx?pid=35097&bid=1466&lpid=9&utm_source=u&utm_medium=u&utm_campai... HTTP 307
https://mediahell.world/?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm... HTTP 302
https://hellspin3.com/?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm... HTTP 302
https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&u... Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

42
Requests

57 %
HTTPS

38 %
IPv6

30
Domains

36
Subdomains

15
IPs

4
Countries

899 kB
Transfer

3458 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltlkzdyxmmi1yza4mtm4mwm2oteyodbhm2zmnzc1mde4lti2njutmc4wmdawmzclmjilmkmlmji1mzqtzgjjyznhyzkwzmqxnzlhzta5yti5mdi4...~311~...lng00bnlfz2x4x3vzjtiyjtde&if=1 HTTP 307
https://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltlkzdyxmmi1yza4mtm4mwm2oteyodbhm2zmnzc1mde4lti2njutmc4wmdawmzclmjilmkmlmji1mzqtzgjjyznhyzkwzmqxnzlhzta5yti5mdi4...~311~...lng00bnlfz2x4x3vzjtiyjtde&if=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.rexsrv.com/click?s=1&tid=1496&sid=a3f156a1d7f1baf4b1551641e88d17b5&rnd=853262092 HTTP 302
https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e Page URL
https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e&token=e4bb0dc73aa9af61b539b24af1c5ee5b&timezone=-120&iframe_test=false&webdriver_test=false HTTP 302
https://track.trackingtraffo.com/push/c?auth=mz3uj39&c=N7Sp9Ys4F1RzHQ0RIIs671t1i_muq3inkTgtyx5ed0HMb-LH_o8BBCRu8DSjkx7Mn-25ZmSSMVZEwQC86aC-xnUNTiTI2mknxkwvyqC9fHR6EroTjpiXXnNGBZry5kPKtIm4byaNb0xhkJVsHRpqyeNuhw1sV65eO6N08_emmhHLwStr_sv7MUNqMqXp90DMat9YssCrp8UJbi_dqvuKsk7QGyWRS1P0LMR8d1qg8Hs1sXIFw0u-htysfbG-_zwu8GYcGXV1_3qRWS06BL8-9ViG_piPwe6SahPFDU3NDjBO0qZG0REckYAwK8v2FbQYzNlhm2CUyKgoddgwfNm2nVzxw5sSQ3jchahokej7jCAEJ5qX1a2kWkO8Kc_Wzbs5CiZefBO1FyS60-TrYaIG_TdZKJzCPMBqWCQjEdDXPUWDkVr41w6zaCxAvUzwM-0fAo0dKOfeV9rLs5Rn-w_CCx0tIuLR49C1gbiST_exV7OnT7RbKeeZ4yeQCV5oUg-N6LRGzBflbKhCWj3JRWi829oBtGwG5TjtagkE1COuMoIpzhAn3dioG2FTwEO7hLbJ2mUyby-Jklw9KLrlwiZd1e51oyXmqjDeibVq6_IueZHVZK-usHq6-w HTTP 302
https://media.hellpartners.com/redirect.aspx?pid=35097&bid=1466&lpid=9&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid={clickid} HTTP 307
https://mediahell.world/?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid={clickid} HTTP 302
https://hellspin3.com/?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid={clickid} HTTP 302
https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltlkzdyxmmi1yza4mtm4mwm2oteyodbhm2zmnzc1mde4lti2njutmc4wmdawmzclmjilmkmlmji1mzqtzgjjyznhyzkwzmqxnzlhzta5yti5mdi4...~311~...lng00bnlfz2x4x3vzjtiyjtde&if=1 HTTP 307
https://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltlkzdyxmmi1yza4mtm4mwm2oteyodbhm2zmnzc1mde4lti2njutmc4wmdawmzclmjilmkmlmji1mzqtzgjjyznhyzkwzmqxnzlhzta5yti5mdi4...~311~...lng00bnlfz2x4x3vzjtiyjtde&if=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://freshnewsnow3.xyz/event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_3018_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RhM2YxNTZhMWQ3ZjFiYWY0YjE1NTE2NDFlODhkMTdiNSUyNnJuZCUzRDQ5ODcyMDg2NQ%3D%3D&t=1714685568470&rnd=217270190&i=1 HTTP 302
https://xml.rexsrv.com/icon?sid=a3f156a1d7f1baf4b1551641e88d17b5&rnd=498720865 HTTP 302
https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3DR8T7e-PzsSxee_Kz-ebCQlh21fYV4Dcggl1P3HZN-j4pczmXwg5Phh4UEeYRDRan9jZekKe4jtdc9qukArKIH697uSOnD0HVv_WF2qkaDsx5aQQ_YIVgPItYcVosiZbwN9Dc4IRP1T9tVqXNO4dLZiOM3-vrkODaLWrNZ0BIylH5Ackx51vViTl3tCTZALtisTPLPZ7lfMO146SgREUQA7j8pblyFD-QVk0OuiYuqTZFN3mhKik-UI1r03yBn8W1ni7CyQo4ArmpIjlKtV-6gJnqdI-X92DyVKqxp94YreGlSpNS1V7NSXYdr-K3kGnAUrzAgULZ-wnDheSAhPY46LIxJTWHiCAowEX9Dp7h6fS5KDWBqJfHL3M6lQj0M_cS_qdDwTAM37tpHAlvfa8CiPzjL9jb_9ACrQK9hGhfthNrvKoi34Oe1jNcmCUm0Wh0x7ZYH8mPNnJhfSwjp4CxT-rVyXrmTit4p_2qwG1O_WJfjaaAk-6YdgFtsjbi_OhIKHJg5KPcvBaI9ep623jOGJpeT88dCogeoBEIfiKQqUK4Dz2TgVhi6w HTTP 302
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=R8T7e-PzsSxee_Kz-ebCQlh21fYV4Dcggl1P3HZN-j4pczmXwg5Phh4UEeYRDRan9jZekKe4jtdc9qukArKIH697uSOnD0HVv_WF2qkaDsx5aQQ_YIVgPItYcVosiZbwN9Dc4IRP1T9tVqXNO4dLZiOM3-vrkODaLWrNZ0BIylH5Ackx51vViTl3tCTZALtisTPLPZ7lfMO146SgREUQA7j8pblyFD-QVk0OuiYuqTZFN3mhKik-UI1r03yBn8W1ni7CyQo4ArmpIjlKtV-6gJnqdI-X92DyVKqxp94YreGlSpNS1V7NSXYdr-K3kGnAUrzAgULZ-wnDheSAhPY46LIxJTWHiCAowEX9Dp7h6fS5KDWBqJfHL3M6lQj0M_cS_qdDwTAM37tpHAlvfa8CiPzjL9jb_9ACrQK9hGhfthNrvKoi34Oe1jNcmCUm0Wh0x7ZYH8mPNnJhfSwjp4CxT-rVyXrmTit4p_2qwG1O_WJfjaaAk-6YdgFtsjbi_OhIKHJg5KPcvBaI9ep623jOGJpeT88dCogeoBEIfiKQqUK4Dz2TgVhi6w HTTP 302
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg

Request Chain 3

https://freshnewsnow3.xyz/event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_3883_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QzNDA1NGYxZWFmZjFkNDNjNThkYzdlNTFkNjRiY2JhNiUyNnJuZCUzRDQ5ODcyMDg2NQ%3D%3D&t=1714685568470&rnd=531438130&i=1 HTTP 302
https://xml.rexsrv.com/icon?sid=34054f1eaff1d43c58dc7e51d64bcba6&rnd=498720865 HTTP 302
https://icon-adc.realsh.xyz/b2/c/i/icon?cid=5&did=e2JxRVM&eid=13659&nid=10004&sid=3285310833uPmrjvDX&ts=1714685567&ttl=3600&v=v5.11.8.1 HTTP 302
https://eu.xml.rexsrv.com/icon?sid=d111529003e8cd2eb221c26850093b17&rnd=296911198 HTTP 302
https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1714685567551-7-9605-1338968-fa77064f-71b4-d077-5439-5893a6442646&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3D4i2WcrRADjug34XvI1WCQnDZd2HEFSwp0mhj3WchCvteyrs478gl2JoiR5v9L8vI2kbeKtCQkaB1h9Pd97YFUIIbIWnSG2hkc-kM13bPiInW_TYdR6YcGJ_f0l5F-daBtoM9EBl1NsaW9udHfJaIPz53zfHLjn9LV9BMfIk2TdsUppogdYa5xwYWeN5eSVSLPBcqq3MzurQ7wO5joz_1TsPlAPb47rBS6ZuPsaUAZJs5u9mwiTY009HYnezKwSuJMrgBqTVcz6knW_rg1DKGo_qJ6Y_66UaAMntmLEJpLNiwBNnmXATaQfBeC3M6KELEXcKP3d7424eqwvOU2J02Cl1gLKKmyxm4s7AEQan8chPWUXDF4q9EW02wXrH5ZH-wiyPvTGcpw5iP46HgzjIgBTttAXabPlF2xA0RnFFw-tzd_gaUTKGpbn7G1Z_ZZu4ZSibOsEXp_IAJvsaSJzf7ZqhhJgn4cpM1DAFT9MHTypZWx3_74cVXcpBSeHueHmHKkDk7KLnz7PH5hkV4_P3exifbfFwMXdBOO-EKpZv8IaajTAbEtr7Bzg HTTP 302
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=4i2WcrRADjug34XvI1WCQnDZd2HEFSwp0mhj3WchCvteyrs478gl2JoiR5v9L8vI2kbeKtCQkaB1h9Pd97YFUIIbIWnSG2hkc-kM13bPiInW_TYdR6YcGJ_f0l5F-daBtoM9EBl1NsaW9udHfJaIPz53zfHLjn9LV9BMfIk2TdsUppogdYa5xwYWeN5eSVSLPBcqq3MzurQ7wO5joz_1TsPlAPb47rBS6ZuPsaUAZJs5u9mwiTY009HYnezKwSuJMrgBqTVcz6knW_rg1DKGo_qJ6Y_66UaAMntmLEJpLNiwBNnmXATaQfBeC3M6KELEXcKP3d7424eqwvOU2J02Cl1gLKKmyxm4s7AEQan8chPWUXDF4q9EW02wXrH5ZH-wiyPvTGcpw5iP46HgzjIgBTttAXabPlF2xA0RnFFw-tzd_gaUTKGpbn7G1Z_ZZu4ZSibOsEXp_IAJvsaSJzf7ZqhhJgn4cpM1DAFT9MHTypZWx3_74cVXcpBSeHueHmHKkDk7KLnz7PH5hkV4_P3exifbfFwMXdBOO-EKpZv8IaajTAbEtr7Bzg HTTP 302
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg

Request Chain 4

https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3D17MtcUEBuBinyXR7E6rfJmYoWroVpcokRRPi74G0vnc6paOxLdTXfYeNyYninboWEWXKG34ND6kex-MlezDNHyYEGVCQN6rQeifZawQroW_jd11FyLPNECteLHVvaqgNqBKE_1fLc6asEuitu16nX7RhLDe0Dv1Qo6qYLzXao4hfP5Oir06DTNtNTL2XfIcGCz7tX8FCP11Zex0IC0OD2faE0ckU8mhlN1HTC25gt2xtWK0pAuaHswcDji8_4r5EfInpRuxtmqpr7x1xvLflLnkxCDTRZiK0_3HvaYmytmSxBvuOIbxoQMR7sQ1GMvfqhq_RdqhkMf0oHqAnCh525Vd95gKAnqEVcbC0YETdsy_FZi5RMJ9tJ4v--WtlT1909zxiQNYuT4pBW2ynYvLimzH26uSehaojL5Su4lK1WqAB5VexOegVF6cRna57Z5ZLiJ1XWvnPQNxyCyAQCYq78O6sSxeHmXjrvuKEwZca4geJgLlbnOYIi4lKNWmpzGJrnSOZyBLbFHhxOV59O6NJT_LDGu2s0ejX18l4VEBkxeqX5mI6cxzu7g HTTP 302
https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=17MtcUEBuBinyXR7E6rfJmYoWroVpcokRRPi74G0vnc6paOxLdTXfYeNyYninboWEWXKG34ND6kex-MlezDNHyYEGVCQN6rQeifZawQroW_jd11FyLPNECteLHVvaqgNqBKE_1fLc6asEuitu16nX7RhLDe0Dv1Qo6qYLzXao4hfP5Oir06DTNtNTL2XfIcGCz7tX8FCP11Zex0IC0OD2faE0ckU8mhlN1HTC25gt2xtWK0pAuaHswcDji8_4r5EfInpRuxtmqpr7x1xvLflLnkxCDTRZiK0_3HvaYmytmSxBvuOIbxoQMR7sQ1GMvfqhq_RdqhkMf0oHqAnCh525Vd95gKAnqEVcbC0YETdsy_FZi5RMJ9tJ4v--WtlT1909zxiQNYuT4pBW2ynYvLimzH26uSehaojL5Su4lK1WqAB5VexOegVF6cRna57Z5ZLiJ1XWvnPQNxyCyAQCYq78O6sSxeHmXjrvuKEwZca4geJgLlbnOYIi4lKNWmpzGJrnSOZyBLbFHhxOV59O6NJT_LDGu2s0ejX18l4VEBkxeqX5mI6cxzu7g HTTP 302
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg

Request Chain 5

https://img-adc.realsh.xyz/b2/c/v/img?cid=5&did=e2JxRVM&eid=13659&nid=10004&sid=3285310833uPmrjvDX&ts=1714685567&ttl=3600&v=v5.11.8.1 HTTP 302
https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1714685567551-7-9605-1338968-fa77064f-71b4-d077-5439-5893a6442646&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3DThGPQF_5-4tdXuQwrj1JVX4mlUOYP8-eDqr2CYbZkNFq7AhpaGBhBEad-hP4Xft5NVN0-hXtSXre5T9G6cpvZYXu7Jj68adWxgxQiXofu-2Tg8vguvXs1rS3dqZTYmK5kQfkUQ1RAEOsU_F7RRsAHtnRX02H5ITu12pgkVCwW89hRz4pA3z2vChYyHIKRLUYes1qcVHjmN61ZxTF1q8dMCOyBMfXjK8M11wqJ8mI4ZiM5HHEUuRvcAOpS3UPbws9Oz9lsKdhjKGlCw_PXH2QBoo4kAjEPKVkCQbKSkxEwCEAFhUrHK86_bc_-fKhmwpFch8ZpuEGEnoK07ekFc1KpUOFYCgZ584rgql5H2x4prh_RqnTn80DHVhCnusFnXr9WmVN3UXq2xYfTIG_0TMg3tdJTR_m13xDb6yI1EyNRw2HVKhlfD9Uhphg0x7vXpXCQ9-Yr2tKAx4VSauxOJFAkUxeBzWMUNWJ_9IiJUH2p_EgaSsYqOyxQ9GiKN18xtt_QZoDmQUOKoKSWyFtd-sHFmf7ksUa1tslyclea6Eab0q_kB4vLXxz0g HTTP 302
https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=ThGPQF_5-4tdXuQwrj1JVX4mlUOYP8-eDqr2CYbZkNFq7AhpaGBhBEad-hP4Xft5NVN0-hXtSXre5T9G6cpvZYXu7Jj68adWxgxQiXofu-2Tg8vguvXs1rS3dqZTYmK5kQfkUQ1RAEOsU_F7RRsAHtnRX02H5ITu12pgkVCwW89hRz4pA3z2vChYyHIKRLUYes1qcVHjmN61ZxTF1q8dMCOyBMfXjK8M11wqJ8mI4ZiM5HHEUuRvcAOpS3UPbws9Oz9lsKdhjKGlCw_PXH2QBoo4kAjEPKVkCQbKSkxEwCEAFhUrHK86_bc_-fKhmwpFch8ZpuEGEnoK07ekFc1KpUOFYCgZ584rgql5H2x4prh_RqnTn80DHVhCnusFnXr9WmVN3UXq2xYfTIG_0TMg3tdJTR_m13xDb6yI1EyNRw2HVKhlfD9Uhphg0x7vXpXCQ9-Yr2tKAx4VSauxOJFAkUxeBzWMUNWJ_9IiJUH2p_EgaSsYqOyxQ9GiKN18xtt_QZoDmQUOKoKSWyFtd-sHFmf7ksUa1tslyclea6Eab0q_kB4vLXxz0g HTTP 302
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg

Request Chain 10

https://xml.rexsrv.com/click?s=1&tid=1496&sid=a3f156a1d7f1baf4b1551641e88d17b5&rnd=853262092 HTTP 302
https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
freshnewsnow3.xyz/
Redirect Chain

http://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltlkzdyxmmi1yza4mtm4mwm2oteyodbh...
https://gamesprofessor2.xyz/event_bdd444d8-99de-eb76-c437-ecab20887383_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltlkzdyxmmi1yza4mtm4mwm2oteyodb...
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
3 KB

555ms
177ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 9ae0a91117c4f1d6c3682c845189579697fa42d45f0eb890100176b882bb0c57

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 02 May 2024 21:32:48 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Thu, 02 May 2024 21:32:47 GMT
location: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 154ms
54ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://freshnewsnow3.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 21:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 20:37:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 21:32:48 GMT

GET
H/1.1

200
OK

1714626233257-WUdpbOag0v2j.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain

https://freshnewsnow3.xyz/event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_3018_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RhM2YxNTZhMWQ3ZjFiYWY0YjE1NTE2NDFlODhkMTdiNSUyNnJ...
https://xml.rexsrv.com/icon?sid=a3f156a1d7f1baf4b1551641e88d17b5&rnd=498720865
https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=R8T7e-PzsSxee_Kz-ebCQlh21fYV4Dcggl1P3HZN-j4pczmXwg5Phh4UEeYRDRan9jZekKe4jtdc9qukArKIH697uSOnD0HVv_WF2qkaDsx5aQQ_YIVgPItYcVosiZbwN9Dc4IRP1T9tV...
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg

51 KB
51 KB

132ms
64ms

Image
image/jpeg

5.9.105.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg
Requested by: Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: HTTP/1.1
Server: 5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.105.9.5.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 91ea120998252cd1799bc319c60ab14cabe216aeaf78ede0f2f0df0ae00f85a9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://freshnewsnow3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 02 May 2024 21:32:49 GMT
Last-Modified: Thu, 02 May 2024 05:03:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "66331eb9-caba"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51898

Redirect headers

Pragma: no-cache
Date: Thu, 02 May 2024 21:32:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

1714626233257-WUdpbOag0v2j.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain

https://freshnewsnow3.xyz/event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_3883_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QzNDA1NGYxZWFmZjFkNDNjNThkYzdlNTFkNjRiY2JhNiUyNnJ...
https://xml.rexsrv.com/icon?sid=34054f1eaff1d43c58dc7e51d64bcba6&rnd=498720865
https://icon-adc.realsh.xyz/b2/c/i/icon?cid=5&did=e2JxRVM&eid=13659&nid=10004&sid=3285310833uPmrjvDX&ts=1714685567&ttl=3600&v=v5.11.8.1
https://eu.xml.rexsrv.com/icon?sid=d111529003e8cd2eb221c26850093b17&rnd=296911198
https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1714685567551-7-9605-1338968-fa77064f-71b4-d077-5439-5893a6442646&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=4i2WcrRADjug34XvI1WCQnDZd2HEFSwp0mhj3WchCvteyrs478gl2JoiR5v9L8vI2kbeKtCQkaB1h9Pd97YFUIIbIWnSG2hkc-kM13bPiInW_TYdR6YcGJ_f0l5F-daBtoM9EBl1NsaW9...
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg

51 KB
0

11ms
11ms

Image
image/jpeg

5.9.105.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg
Requested by: Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: HTTP/1.1
Server: 5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.105.9.5.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 91ea120998252cd1799bc319c60ab14cabe216aeaf78ede0f2f0df0ae00f85a9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 02 May 2024 21:32:49 GMT
Last-Modified: Thu, 02 May 2024 05:03:53 GMT
Server: nginx/1.18.0 (Ubuntu)
Accept-Ranges: bytes
ETag: "66331eb9-caba"
Content-Length: 51898
Content-Type: image/jpeg

Redirect headers

Pragma: no-cache
Date: Thu, 02 May 2024 21:32:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233257-WUdpbOag0v2j.jpg
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

1714626233267-ILZ1XSVj99bv.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain

https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=17MtcUEBuBinyXR7E6rfJmYoWroVpcokRRPi74G0vnc6paOxLdTXfYeNyYninboWEWXKG34ND6kex-MlezDNHyYEGVCQN6rQeifZawQroW_jd11FyLPNECteLHVvaqgNqBKE_1fLc6asE...
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg

107 KB
107 KB

149ms
69ms

Image
image/jpeg

5.9.105.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg
Requested by: Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: HTTP/1.1
Server: 5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.105.9.5.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 36dd8f91f680ce0148ecbcaaaa6b4e3114741a50d23eb4ef45fe68b463fce777

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://freshnewsnow3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 02 May 2024 21:32:49 GMT
Last-Modified: Thu, 02 May 2024 05:03:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "66331eb9-1ac87"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109703

Redirect headers

Pragma: no-cache
Date: Thu, 02 May 2024 21:32:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

1714626233267-ILZ1XSVj99bv.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain

https://img-adc.realsh.xyz/b2/c/v/img?cid=5&did=e2JxRVM&eid=13659&nid=10004&sid=3285310833uPmrjvDX&ts=1714685567&ttl=3600&v=v5.11.8.1
https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1714685567551-7-9605-1338968-fa77064f-71b4-d077-5439-5893a6442646&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=ThGPQF_5-4tdXuQwrj1JVX4mlUOYP8-eDqr2CYbZkNFq7AhpaGBhBEad-hP4Xft5NVN0-hXtSXre5T9G6cpvZYXu7Jj68adWxgxQiXofu-2Tg8vguvXs1rS3dqZTYmK5kQfkUQ1RAEOsU...
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg

107 KB
0

136ms
136ms

Image
image/jpeg

5.9.105.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg
Requested by: Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: HTTP/1.1
Server: 5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.105.9.5.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 36dd8f91f680ce0148ecbcaaaa6b4e3114741a50d23eb4ef45fe68b463fce777

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 02 May 2024 21:32:49 GMT
Last-Modified: Thu, 02 May 2024 05:03:53 GMT
Server: nginx/1.18.0 (Ubuntu)
Accept-Ranges: bytes
ETag: "66331eb9-1ac87"
Content-Length: 109703
Content-Type: image/jpeg

Redirect headers

Pragma: no-cache
Date: Thu, 02 May 2024 21:32:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1714626233267-ILZ1XSVj99bv.jpg
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 168ms
57ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://freshnewsnow3.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 00:45:23 GMT
x-content-type-options: nosniff
age: 506845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 00:45:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 156ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://freshnewsnow3.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 201905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 13:27:43 GMT

GET
H2 404 favicon.ico
freshnewsnow3.xyz/ 13 B
259 B 177ms
177ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnewsnow3.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=UTF-8
pragma: no-cache
date: Thu, 02 May 2024 21:32:49 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_0_2998
freshnewsnow3.xyz/ 116 B
207 B 177ms
177ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnewsnow3.xyz/event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtYTNmMTU2YTFkN2YxYmFmNGIxNTUxNjQxZTg4ZDE3YjUtMzAxOC0wLjAyNjYzOCUyMiUyQyUyMjE0OTYtMzQwNTRmMWVhZmYxZDQzYzU4ZGM3ZTUxZDY0YmNiYTYtMzg4My0wLjAwMjI3NCUyMiU1RCU3RA%3D%3D&t=1714685568470&rnd=598098521&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://freshnewsnow3.xyz/?sid=f6e744d20f1d4f70226765a6262d4c6c_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:50 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

click Show response
us.skated.co/nty/postback/
Redirect Chain

https://xml.rexsrv.com/click?s=1&tid=1496&sid=a3f156a1d7f1baf4b1551641e88d17b5&rnd=853262092
https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e

2 KB
930 B

329ms
110ms

Document
text/html

2a00:1d26:c771::11
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e
Requested by: Host: freshnewsnow3.xyz
URL: https://freshnewsnow3.xyz/event_baf18b0b-12d8-5bf2-66eb-8f74143828dd_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtYTNmMTU2YTFkN2YxYmFmNGIxNTUxNjQxZTg4ZDE3YjUtMzAxOC0wLjAyNjYzOCUyMiUyQyUyMjE0OTYtMzQwNTRmMWVhZmYxZDQzYzU4ZGM3ZTUxZDY0YmNiYTYtMzg4My0wLjAwMjI3NCUyMiU1RCU3RA%3D%3D&t=1714685568470&rnd=598098521&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1d26:c771::11 Newark, United States, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 0f2b9d5d39dbd3524e8f7512617bd0e84b79102f2207274f1861d13567aa3ccf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://freshnewsnow3.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 21:32:51 GMT
server: openresty/1.21.4.1

Redirect headers

date: Thu, 02 May 2024 21:32:51 GMT
location: https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e
server: nginx

GET
H2

200

Primary Request de Show response
hellspin3.com/
Redirect Chain

https://us.skated.co/nty/postback/click?key=v2-1714685567446-7-9605-1338968-e600d1ed-d6a7-96a9-0bae-06d17d67b66e&token=e4bb0dc73aa9af61b539b24af1c5ee5b&timezone=-120&iframe_test=false&webdriver_tes...
https://track.trackingtraffo.com/push/c?auth=mz3uj39&c=N7Sp9Ys4F1RzHQ0RIIs671t1i_muq3inkTgtyx5ed0HMb-LH_o8BBCRu8DSjkx7Mn-25ZmSSMVZEwQC86aC-xnUNTiTI2mknxkwvyqC9fHR6EroTjpiXXnNGBZry5kPKtIm4byaNb0xhkJ...
https://media.hellpartners.com/redirect.aspx?pid=35097&bid=1466&lpid=9&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid={clickid}
https://mediahell.world/?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid={clickid}
https://hellspin3.com/?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid={clickid}
https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D

30 KB
10 KB

149ms
149ms

Document
text/html

2606:4700:20::681a:a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44fd7eb625683a39de4b7e54f52cd18590fecc037e369e91961d8bc8381118c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.skated.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 87db205f3f199116-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 21:32:53 GMT
expires: Thu, 02 May 2024 21:32:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9O5XXL0klRLD1HqIXvCjcJJoUANOblofy1VhKv%2BbejPd9lJ7faGdOB8CoFPApqy9roojRyswkXcbBx0uRMIEQf3hGmKPafkdWZ98V0PGJCaamQfCZ8blZmNH%2FwTZ5DSwwld7jtYdFDiBRlw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 87db205ebeb29116-FRA
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 21:32:52 GMT
location: /de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7WwhvlRGMoemLtu3WtQlS%2BD3PABFdekpKjlOgM8HYl1S31%2FMSyF2%2FQHGxiGJOB9SwIDq%2B971ANb7Sin2wsIOSlDM1en3pYEHmf0HwQGF6T08rc7QYohtzh%2FlxMGb8Xvs8MSG9d89mAW%2BBc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 157ms
56ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic

Requested by

Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 21:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 20:41:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 21:32:53 GMT

GET
H2 200 styles.0e39c7e558d38285.css
hellspin3.com/app/ 1 MB
184 KB 71ms
69ms Stylesheet
text/css 2606:4700:20::681a:a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellspin3.com/app/styles.0e39c7e558d38285.css
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fe72c489f4e8df768c26cb52dac6cf020ba0297b2ff3826104fcbc893169d15

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 05:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66289c9a-12cd73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SO7QOuQN3KyrbgdMRzpfsJHQm787tuA9lGaXJ3kVIOJd%2FR3oe0mYol9PP8aSluJjCQqJ82q2xa3nlA8aZ17TP1IjwiXasAqJVsgGfLZ33rfy7%2FdIpJRhp%2B9m0WWh6g8rqMimou3uAc%2FaV8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87db20604fff9116-FRA

GET
H2 200 sg.js Show response
casino.cur.a8r.games/public/ 8 KB
2 KB 199ms
30ms Script
text/javascript 104.18.41.153

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.cur.a8r.games/public/sg.js

Requested by

Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.153 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b5cc1833da315d0f93fb15fa5589b7b5e9f10965eaebb8cfca11c8847c4fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

a8r-request-id: e65bd46e-a9d0-4329-9532-ee91dabb8b46
date: Thu, 02 May 2024 21:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 May 2024 19:21:52 GMT
server: cloudflare
age: 2341
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 87db20614d602685-TXL
expires: Fri, 03 May 2024 01:32:53 GMT

GET
H2 200 agent.js Show response
cdn.seon.io/js/v4/ 310 KB
109 KB 203ms
34ms Script
application/javascript 65.9.66.99

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seon.io/js/v4/agent.js
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.99 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
content-encoding: gzip
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 21:29:38 GMT
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 195
x-amz-server-side-encryption: AES256
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: NIU9GjWmLS9SJZO8cAQpjVssn5-zA_LqRZYFian6Bi3-2nXlc3RTKg==

GET
H2 200 configuration.js Show response
hellspin3.com/ 3 KB
1 KB 99ms
98ms Script
text/javascript 2606:4700:20::681a:a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellspin3.com/configuration.js
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65bb95e1448ab51679313cfc23acee5040819f1ac26f9c3053f49685de2f081

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6iTzROP8MpIDowmu9AsLy2RpBjYY2Yp3Ycdw81LKL%2B0ryeJGsY0kKuPoesdxvLCNJKtf2P2dIbrPzUnr1So1oxspQ32XW2HVPy%2B0J8lJVwtrZ0sokB1RFv9%2BcB0q%2BgXgYeZ4Z78vXJK0psA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
cf-ray: 87db206048009116-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 84ms
46ms Script
application/javascript 104.16.160.145

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 669
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87db20620a23347c-WAW
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:32:53 GMT

GET
H2 200 firecorrect.svg
d16vnr1tync57h.cloudfront.net/site/upload/ 32 KB
32 KB 212ms
44ms Image
image/svg+xml 2600:9000:244f:bc00:11:fa7d:1740:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vnr1tync57h.cloudfront.net/site/upload/firecorrect.svg
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:bc00:11:fa7d:1740:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70e9f410bac4bc0174ed21f212c378022d937283ea58254aa692e6f40e274e34

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 19:10:50 GMT
via: 1.1 10138b7f7e9a868032a16788e533ba0e.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 11:59:34 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 8524
etag: "c3ecc73879f5664b1ec240bdeae1cf2f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 32743
x-amz-cf-id: gBJQ367XTkHKS2hfdww_XaSvndlfKfnmmGYOmNA13lsptLQ7Tyh_PA==

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
666 B 56ms
56ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@400;700;800&display=swap

Requested by

Host: hellspin3.com
URL: https://hellspin3.com/app/styles.0e39c7e558d38285.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f7a7dbe2c84415b09e933d59d04da80dec0669f22b0b2daa2c4ee9e83effa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 21:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 21:22:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 21:32:53 GMT

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
38 KB 151ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://hellspin3.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 17:34:43 GMT
x-content-type-options: nosniff
age: 273490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38268
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:13:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 17:34:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
75 KB 180ms
62ms Script
application/javascript 2a00:1450:4001:82f::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M59LLXL

Requested by

Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab77eec20564e97b6bc1c55a0c1341c69086e209feba53f916769cdaf942e319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76011
x-xss-protection: 0
last-modified: Thu, 02 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 21:32:53 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 216 KB
39 KB 153ms
35ms Script
text/javascript 34.160.158.95

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.158.95 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 743832d9257e2d160a5ac93e5f57eec7e07c1388b3b6857f9c2786c31c548223

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:28:23 GMT
content-encoding: gzip
age: 270
x-guploader-uploadid: ABPtcPr0a23RiyyG_5F9kab5junZ0Aa7ORppZ-OOy5YSwRLxGrFCk_hwDDEv8ZaQARrR36okQVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39519
last-modified: Wed, 22 Nov 2023 11:29:41 GMT
server: UploadServer
etag: "17a3e18678b0ac1f30fe24cd0b9fd610"
x-goog-generation: 1700652581164938
x-goog-hash: crc32c=CbIywA==, md5=F6PhhniwrB8w/iTNC5/WEA==
content-type: text/javascript
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 39519
accept-ranges: bytes
expires: Thu, 02 May 2024 21:33:23 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
27 KB 174ms
36ms Script
application/javascript 2.19.96.75

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.75 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 461392b213abc8c0a46c62dbbaa6ca6076c70ba70808b8187da16cb8680b0a3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8aBpNQU.HnYj4xT8vSeqvwU.DzHwjHJD
content-encoding: br
date: Thu, 02 May 2024 21:32:53 GMT
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 27502
last-modified: Tue, 30 Apr 2024 13:11:19 GMT
server: AmazonS3
etag: W/"52a78fcf72d0166547200e7d9d4fbd69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: 0AzBUgHljMruR0YH7h8v6yOHalNkWVANvFkKMmog-xPh5cb2aFOy8w==
expires: Fri, 03 May 2024 05:32:53 GMT

GET
H2 200 widgetloader Show response
ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/ 220 KB
65 KB 182ms
65ms Script
application/javascript 2a02:26f0:3500:4::b818:4d9e

General

Check archive.org

Show headers Download Go to

Full URL

https://ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader

Requested by

Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:4::b818:4d9e -, , ASN (),

Reverse DNS

Software

Resource Hash

9082bf6c4be433fdd2c66b50a1c62f41b9d77dfbe7918df6b95f0931c670a7a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
content-encoding: gzip
date: Thu, 02 May 2024 21:32:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
etag: "2eb3a41766d14bd61f3b1e4d0bf82479-05e302c9414379118b4dfdebe1a2dac5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
content-length: 66714

GET
H2 200 get Show response
hellspin3.com/api/translation/ 411 KB
46 KB 94ms
94ms XHR
application/json 2606:4700:20::681a:a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellspin3.com/api/translation/get?locale=de_AT
Requested by: Host: hellspin3.com
URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57cf50cadf9144df203b855ef94fb710bf0daa21cc0539b395f26a0d940d7051

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQlW1stexh3BG8QrbYKq8ktQuvojBZ9W1TJx6YB60hMyRUaGmdxdI2ImgBmoOD0LzNc0o0goOf96AHEYqO9VA57J%2BZQfXvIPx0WgQ65mm2%2BKPsIgzJcPnOO5nQqNDuzWsq6FWHfKoM9BYDw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 87db206219879116-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 54ms
54ms Script
application/javascript 104.16.160.145

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 669
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87db20625a81347c-WAW
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:32:53 GMT

GET configurations
platform.hellspin3.com/api/v2/ 0
0

GET
H3 200 web Show response
onesignal.com/api/v1/sync/07ec9e04-84f3-436f-983f-40bdd089ab55/ 3 KB
2 KB 54ms
53ms Script
text/javascript 104.16.160.145

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/07ec9e04-84f3-436f-983f-40bdd089ab55/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.160.145 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

76bf4dac620097b6b6d2887a452f203401d1311136b9f6882a109bc8b14768cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hellspin3.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 21:32:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2474
cf-polished: origSize=3360
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 65883496-2bd6-4621-80f7-25008734c27b
x-runtime: 0.030078
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"bd9310c1072f38aa9a907d5c56a08401"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 87db20632b45347c-WAW
access-control-allow-headers: SDK-Version
expires: Thu, 02 May 2024 22:32:53 GMT

GET get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET js
track.trackingtraffo.com/pixel/ 0
0

GET tag-manager.js
tm.ads.sportradar.com/dist/ 0
0

GET gtr.min.js
dsp-media.eskimi.com/assets/js/e/ 0
0

GET tag.js
mc.yandex.ru/metrika/ 0
0

GET rt
ads.trafficjunky.net/ 0
0

GET tag.php
s.magsrv.com/ 0
0

GET tag.php
s.opoxv.com/ 0
0

GET tag.php
s.pemsrv.com/ 0
0

GET tag.php
syndication.realsrv.com/ 0
0

GET 20fe8922-3082-4b10-8a7a-2279e97cbdf0
tsyndicate.com/api/v1/retargeting/set/ 0
0

GET unip
trc.taboola.com/1460267/log/3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform.hellspin3.com
URL: https://platform.hellspin3.com/api/v2/configurations

Domain: api.livechatinc.com
URL: https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9054575&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fhellspin3.com%2Fde%3Fshow%3Dregister%26btag%3D654481_7ad6e9f4751b4e669047db43299b20a1%26utm_source%3Du%26utm_medium%3Du%26utm_campaign%3DU_U_14_S5_O_F16_9%26subid%3D%257Bclickid%257D&channel_type=code&jsonp=__o50jgq87nw8

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ELE5VVG4DX&l=dataLayer&cx=c

Domain: track.trackingtraffo.com
URL: https://track.trackingtraffo.com/pixel/js?auth=886um7&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur={CURRENCY}&amount={DEPOSIT}

Domain: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAOI

Domain: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: ads.trafficjunky.net
URL: https://ads.trafficjunky.net/rt?action=list&type=add&id=notregistered&context=hellspin.com&cookiename=notregistered&age=500000&maxcookiecount=10

Domain: s.magsrv.com
URL: https://s.magsrv.com/tag.php?goal=331e4ee56c526f5bd5c5ad6c88fcb308;stackUid=20240502213253734299

Domain: s.opoxv.com
URL: https://s.opoxv.com/tag.php?goal=331e4ee56c526f5bd5c5ad6c88fcb308;stackUid=20240502213253734915

Domain: s.pemsrv.com
URL: https://s.pemsrv.com/tag.php?goal=331e4ee56c526f5bd5c5ad6c88fcb308;stackUid=20240502213253734594

Domain: syndication.realsrv.com
URL: https://syndication.realsrv.com/tag.php?goal=331e4ee56c526f5bd5c5ad6c88fcb308;stackUid=20240502213253734147

Domain: tsyndicate.com
URL: https://tsyndicate.com/api/v1/retargeting/set/20fe8922-3082-4b10-8a7a-2279e97cbdf0

Domain: trc.taboola.com
URL: https://trc.taboola.com/1460267/log/3/unip?item-url=https%3A%2F%2Fhellspin3.com%2Fde%3Fshow%3Dregister%26btag%3D654481_7ad6e9f4751b4e669047db43299b20a1%26utm_source%3Du%26utm_medium%3Du%26utm_campaign%3DU_U_14_S5_O_F16_9%26subid%3D%257Bclickid%257D&ref=https%3A%2F%2Fus.skated.co%2F&en=hellspin_notreg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
us.skated.co/nty/postback	1969-12-31 23:59:59	Name: platform_user_id Value: desktop:989cac957822c8a92d1391b389873352
us.skated.co/nty/postback	1970-01-21 05:04:02	Name: platform_user_id_3rd_party Value: desktop:989cac957822c8a92d1391b389873352
us.skated.co/nty/postback	1969-12-31 23:59:59	Name: platform_user_id_from_ssp Value: platform:0fa78ba90455ada2372a89435d7d74ef
us.skated.co/nty/postback	1970-01-21 05:04:02	Name: platform_user_id_from_ssp_3rd_party Value: platform:0fa78ba90455ada2372a89435d7d74ef
freshnewsnow3.xyz/	1969-12-31 23:59:59	Name: sid Value: kpjd44a4sb7sgrnq7gd7qp0pt7
.hellpartners.com/	1970-01-21 05:54:05	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a35097%2c%22BID%22%3a1466%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714685572680)%5c%2f%22%2c%22CookieTag%22%3a%22146635097e2%3a%3a110f%3ab%3a02b1%3a30a2C2024522132%22%7d%5d
.hellpartners.com/	1970-01-21 05:54:05	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22b762af30-f7b7-4e31-b523-9f1760be3ef7%7c0%22%7d%5d
hellspin3.com/	1969-12-31 23:59:59	Name: preferred-language Value: de
hellspin3.com/	1970-01-20 21:01:26	Name: btag Value: 654481_7ad6e9f4751b4e669047db43299b20a1
hellspin3.com/	1970-01-20 21:01:26	Name: subid Value: %7Bclickid%7D
hellspin3.com/	1970-01-20 21:01:26	Name: utm_campaign Value: U_U_14_S5_O_F16_9
hellspin3.com/	1970-01-20 21:01:26	Name: utm_medium Value: u
hellspin3.com/	1970-01-20 21:01:26	Name: utm_source Value: u

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://freshnewsnow3.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hellspin3.com/de?show=register&btag=654481_7ad6e9f4751b4e669047db43299b20a1&utm_source=u&utm_medium=u&utm_campaign=U_U_14_S5_O_F16_9&subid=%7Bclickid%7D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	Message: The script resource is behind a redirect, which is disallowed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.trackingtraffo.com
ads.trafficjunky.net
api.livechatinc.com
aswpsdkus.com
casino.cur.a8r.games
cdn.livechatinc.com
cdn.onesignal.com
cdn.seon.io
d16vnr1tync57h.cloudfront.net
dsp-media.eskimi.com
eu.xml.rexsrv.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
freshnewsnow3.xyz
gamesprofessor2.xyz
hellspin3.com
icon-adc.realsh.xyz
img-adc.realsh.xyz
mc.yandex.ru
media.hellpartners.com
mediahell.world
onesignal.com
platform.hellspin3.com
s.magsrv.com
s.opoxv.com
s.pemsrv.com
syndication.realsrv.com
tm.ads.sportradar.com
track.trackingtraffo.com
trc.taboola.com
tsyndicate.com
us.skated.co
ws-cdn001.akamaized.net
www.googletagmanager.com
xml.rexsrv.com
ads.trafficjunky.net
api.livechatinc.com
dsp-media.eskimi.com
mc.yandex.ru
platform.hellspin3.com
s.magsrv.com
s.opoxv.com
s.pemsrv.com
syndication.realsrv.com
tm.ads.sportradar.com
track.trackingtraffo.com
trc.taboola.com
tsyndicate.com
www.googletagmanager.com
104.16.160.145
104.18.41.153
109.206.178.121
172.67.204.15
173.214.240.15
199.182.164.180
2.19.96.75
2600:9000:244f:bc00:11:fa7d:1740:21
2606:4700:20::681a:a52
2620:1ec:46::45
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1d26:c771::11
2a02:26f0:3500:4::b818:4d9e
3.127.34.20
34.160.158.95
5.9.105.245
65.9.66.99
88.214.195.153
88.214.195.156
0f2b9d5d39dbd3524e8f7512617bd0e84b79102f2207274f1861d13567aa3ccf
2fe72c489f4e8df768c26cb52dac6cf020ba0297b2ff3826104fcbc893169d15
36dd8f91f680ce0148ecbcaaaa6b4e3114741a50d23eb4ef45fe68b463fce777
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
461392b213abc8c0a46c62dbbaa6ca6076c70ba70808b8187da16cb8680b0a3d
4f7a7dbe2c84415b09e933d59d04da80dec0669f22b0b2daa2c4ee9e83effa18
57cf50cadf9144df203b855ef94fb710bf0daa21cc0539b395f26a0d940d7051
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312
70e9f410bac4bc0174ed21f212c378022d937283ea58254aa692e6f40e274e34
743832d9257e2d160a5ac93e5f57eec7e07c1388b3b6857f9c2786c31c548223
76bf4dac620097b6b6d2887a452f203401d1311136b9f6882a109bc8b14768cc
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
9082bf6c4be433fdd2c66b50a1c62f41b9d77dfbe7918df6b95f0931c670a7a6
91ea120998252cd1799bc319c60ab14cabe216aeaf78ede0f2f0df0ae00f85a9
9ae0a91117c4f1d6c3682c845189579697fa42d45f0eb890100176b882bb0c57
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
ab77eec20564e97b6bc1c55a0c1341c69086e209feba53f916769cdaf942e319
b44fd7eb625683a39de4b7e54f52cd18590fecc037e369e91961d8bc8381118c
b6b5cc1833da315d0f93fb15fa5589b7b5e9f10965eaebb8cfca11c8847c4fd6
c65bb95e1448ab51679313cfc23acee5040819f1ac26f9c3053f49685de2f081
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

hellspin3.com Open in urlscan Pro 2606:4700:20::681a:a52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

57 %HTTPS

38 %IPv6

30 Domains

36 Subdomains

15 IPs

4 Countries

899 kBTransfer

3458 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hellspin3.com Open in urlscan Pro
2606:4700:20::681a:a52 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

57 %
HTTPS

38 %
IPv6

30
Domains

36
Subdomains

15
IPs

4
Countries

899 kB
Transfer

3458 kB
Size

13
Cookies

42 HTTP transactions
0 data transactions