urlscan.io logo urlscan.io
SecurityTrails logo

thenewscasts.com Open in urlscan Pro
104.21.56.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thenewscasts.com/view/c09
Effective URL: https://thenewscasts.com/view/c09
Submission: On June 01 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 104.21.56.204, located in and belongs to CLOUDFLARENET, US. The main domain is thenewscasts.com.
TLS certificate: Issued by GTS CA 1P5 on April 11th 2023. Valid for: 3 months.
This is the only time thenewscasts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.21.56.204 13335 (CLOUDFLAR...)
1 172.217.16.202 15169 (GOOGLE)
1 69.16.175.10 20446 (STACKPATH...)
4 52.222.206.69 16509 (AMAZON-02)
1 23.109.248.183 7979 (SERVERS-COM)
3 172.217.18.99 15169 (GOOGLE)
4 172.64.132.29 13335 (CLOUDFLAR...)
5 52.222.236.125 16509 (AMAZON-02)
5 188.114.97.3 13335 (CLOUDFLAR...)
1 157.240.252.35 32934 (FACEBOOK)
4 6 172.217.18.13 15169 (GOOGLE)
30 11
4    104.21.56.204 (None, )

ASN13335 (CLOUDFLARENET, US)
thenewscasts.com
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
fonts.googleapis.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
4    52.222.206.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-69.fra56.r.cloudfront.net
d3tozt7si7bmf7.cloudfront.net
1    23.109.248.183 (Netherlands)

ASN7979 (SERVERS-COM, US)
duscleouphes.com
3    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net
fonts.gstatic.com
4    172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
5    52.222.236.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-125.fra56.r.cloudfront.net
adthereissome.info
5    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ranopportunityt.com
1    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
6    172.217.18.13 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f13.1e100.net
accounts.google.com
Apex Domain
Subdomains		 Transfer
6 google.com
accounts.google.com — Cisco Umbrella Rank: 33
3 KB
5 ranopportunityt.com
ranopportunityt.com
2 KB
5 adthereissome.info
adthereissome.info
6 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 27873
202 KB
4 cloudfront.net
d3tozt7si7bmf7.cloudfront.net
115 KB
4 thenewscasts.com
thenewscasts.com
5 KB
3 gstatic.com
fonts.gstatic.com
32 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 duscleouphes.com
duscleouphes.com
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
30 11
Domain Requested by
6 accounts.google.com 4 redirects thenewscasts.com
5 ranopportunityt.com thenewscasts.com
5 adthereissome.info d3tozt7si7bmf7.cloudfront.net
4 pogothere.xyz d3tozt7si7bmf7.cloudfront.net
4 d3tozt7si7bmf7.cloudfront.net thenewscasts.com
adthereissome.info
4 thenewscasts.com 1 redirects thenewscasts.com
3 fonts.gstatic.com fonts.googleapis.com
1 www.facebook.com thenewscasts.com
1 duscleouphes.com thenewscasts.com
1 code.jquery.com thenewscasts.com
1 fonts.googleapis.com thenewscasts.com
30 11

This site contains links to these domains. Also see Links.

Domain
www.win-rar.com
www.7-zip.org
download-new.utorrent.com
www.elby.ch
www.file4.net
www.mrpcgamer.co
Subject Issuer Validity Valid
*.thenewscasts.com
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
duscleouphes.com
R3		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
adthereissome.info
Amazon RSA 2048 M01		 2023-05-05 -
2024-06-02		 a year crt.sh
ranopportunityt.com
GTS CA 1P5		 2023-05-30 -
2023-08-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-10 -
2023-06-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://thenewscasts.com/view/c09
Frame ID: 73F67DA084629AA75031F097DCC0E331
Requests: 24 HTTP requests in this frame

Frame: https://adthereissome.info/QnAydncjElEbSCNNUFACMBwPU0UEVQAwE3EEXQwDdQNbQRUvFgVYFC4fRxIRMB9cAlksFUZTRQQ9ViEidyVcNyABHFFGIzU1fy4gezpjMCIMKmcwIwZAXU8/JSZrEA0lI30RTjA5WTwyCBgKGzQqNms1LxMTdDcDJxIDLyYBQUIAJhQ9dy4jAD5jIzkMOVpOEhU1RRg2AzVzIA1yOXYnOiQ6SjA+ATZrGTAQG3ghPyYzf0c2GileID8UIncaMBADcCAeFzRnMBQIIHMkJhQHXhwmBARkPjAHCWcwFAg6YB0VFwcDRSY4FHM1RQs5Y0cyExQCPDEANR8dHgoycyUvBjFQPjUHE2syLQMmVUNPE0B8NzRwOms+EHM+Yg4PEyYBBkQTG2c8IgYbZCMxITp8JCIVNF4sQBQlViAgKB9xMRAqE1ZGPjgmcx4fGhtkOjMFInokRzE5azMtEyZFHR8HIn8zJDgEZCQODz1rIxMgJlVPRwAlWiNRKANdGAd/NlgUOCgiQkRGAQ
Frame ID: D33DB17562407BCDD88432843027B850
Requests: 2 HTTP requests in this frame

Frame: https://adthereissome.info/SkxFZlgrLiYLZytxJ0AtOCB4Q2oMaXcgPHk4KhwsfT8sUTonKnJIOyYjMAI+OCMrEnYkKTFDagwmEzNpfhsAVmoDJBxDaggvLCMzAgsTVgESfQwEEBg2DxEreQU8MC8PISoCHgsNESMJHyQkES8jBxIOYRImFBUXMzwDADEtewkNDjotPzcoDSETUzswJwwoIRAjCidoJQMRJzIMNQRXFXg/CykAC3gMAREyBRENKxIbKioBDQIMAABzIB83YDIFPyMxDjUxCQJ5fBIqHyIiIzM0JRV3MDcZNDUJAnl8FSsLBCYgMGk4CHYkfXgKFiUafRUSNDwrInVWCBthIlYTCQUqITIHJwwxMAEEKw41LyAfFD15DmBUHhkEBAsIHicTKB8iIgEKaTsqEQ0zDzZ0CQJ5fCM2C35pdyQRJgp8AGofOQAlNyMDBg48KysxDT4POHcAAD54EQthb34DA2syBycLMCQqFBVtATYUQ2oMCR1XfXgKAFUwBi53KDUvfXESOw0dYwwrJSI1WzJ4HAQrMwMEMQ
Frame ID: 95C405CC5C5B4AE08B5B36CE62A4DBDF
Requests: 2 HTTP requests in this frame

Frame: https://adthereissome.info/NFVxYTlVNxIMBlVoE0dMRjlMRAtycEMnXQchHhtNAyYYVltZM0ZPWlg6BAVfRjofFRdaMAVEC3IHK1FzQwwcFnx4B0UkbEwYAyd/DQMkD3NxAydUe38UPC94XDFUU399OQJVcUMHNyVqfQY9JQlFGjQkC3cyKzNvBgQSIE59FBdQYHwUFjMcBhMgNGh6FAgjd2I+HjJwBGUhIEEEJzkgDXoEHyALYmU7OWMEHyIze3UnOQZgcBA1J29hEwYrd1gDIDl/biwpDXN+AzAjb2ETBjByTGAkNnx+LTwKXVEDCxF+Yj4nIlpxFDUpe1cgNzNsfhciCmNyPh03e3F4JzNuBDkJM1JQMCdTVlYWGQZyeDknMHUEHwYweAATNSJdYgA3Fnh+LTwreARgHzBVfQU1G3hSEQYNelcRKzVhYgcCMHxMDyQ5b3cBN1BvUBMnMGF2BBsnXnkwNQxddx83DWxQA0Qzbl8QQjVveXMbElZaJUwzAGAtN1RWeiAfLHFg
Frame ID: 2A4E038595B04FD8048C1DD512122F71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

View

Page URL History Show full URLs

  1. http://thenewscasts.com/view/c09 HTTP 301
    https://thenewscasts.com/view/c09 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

393 kB
Transfer

702 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thenewscasts.com/view/c09 HTTP 301
    https://thenewscasts.com/view/c09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFtlEOkIKMTI5NLhPr4KSxORL_kMhb6-D_Cj1DLogecQz8XpsS1ZUYWmxe4dT5HfeiDQTUQOA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S873063156%3A1685603185811164&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPuwz8XyNCVV3QcCunKCYzfqtvs0yL98SWFxcm99TZEs57nqPTcJ_TM_oLRbPSH8vfsLKMg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 20
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGj7D4RwJwqd8RPriVoFQ0kppQb8GUx4-R59G26-Fkf4msNiCOrDFbkJTiq3NxITFqGPuv9Wg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S722103789%3A1685603185832404&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGed4AucW0CFLnKFti8Q2_rt1TflzYUxrW1tS7mA9Ok2FgMGL6v8iC6E363HNT3l7jY7jPL9A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c09
thenewscasts.com/view/
Redirect Chain
  • http://thenewscasts.com/view/c09
  • https://thenewscasts.com/view/c09
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be542247a2485c0f31a4bbf06b7b300920e6d18c10a7dd458cda88427a9a29e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate public
cf-cache-status
DYNAMIC
cf-ray
7d059d220cad34d9-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Jun 2023 07:06:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUj8pVJEFbSyEByyd1JwqvOlHSAdJrqjYTGu%2BU4XQFuCuX4imVPMLGXRAYdqIPr2lBNctHQwSiUIk4OTgzZNvUp1ZMDMvJHy8SqAbfzLj83KUjKkHQte9nQmQVyqweNBAYf6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7d059d2169e83497-WAW
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 01 Jun 2023 07:06:24 GMT
Expires
Thu, 01 Jun 2023 08:06:24 GMT
Location
https://thenewscasts.com/view/c09
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88hFMr3OcLpLEJmNWJDYpwuQYg98jXFJGxL1til8rha8ezpc5%2FKggbfRgLxWolsMPFxHlwcFcUC%2FQgaiYuzB77xNkoYOUDJc6SnZ1XVuyWFVYAqMYST9rpQTJMiclTXzQhpZ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
b98aa59a245a275e35990bd0a6c61170035753a73425b6ba83fb4cb350398b83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 06:48:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jun 2023 07:06:25 GMT
stylesheet.css
thenewscasts.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thenewscasts.com/stylesheet.css
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480f0d837c7f90d9268e26c091ea45ccc45b66301abc3bc9d27e3be1533f11bf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/view/c09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 11:20:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1364636
etag
W/"637618f7-1dda"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GspAf1rUfRqu8SCJkq%2FPNPG2Cgh4XP7w7AF1%2FqjXUq%2BUiElZas%2BaI6zUBcrPx4iotBBYRVpZ4Zo32ZlEKLg4KWDJ5rhQNdkad4YJVGPAwNi4vbbGH4UtcQ0L%2BTjk6FoDwvCb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7d059d22dd8434d9-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 15 Jun 2023 12:02:29 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1685603185.dop011.wa1.t,1685603185.cds205.wa1.hn,1685603185.cds009.wa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
script.js
thenewscasts.com/ 		1 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thenewscasts.com/script.js
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.56.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b3cf067ca63a1f9e32ae3d27cf706b01f79ce1091f570d6f1e77f83bbfdb1f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/view/c09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 11:20:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
541034
etag
W/"637618f5-55f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mv6fh5w4Nd%2FHhqcZuGonFXp%2BsJXGfWqGnSm%2F0nmufaFGhuflkbbijQ%2BGp5tiVPFXTeg3lRRvjsSmzJxvSIHWooVhJGqL7wnrKe%2F7ymfwk7Yo9dJNAF1WsqyTzC3F4LbMFCHF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
7d059d22dd8534d9-WAW
alt-svc
h3=":443"; ma=86400
expires
Sun, 25 Jun 2023 00:49:11 GMT
/
d3tozt7si7bmf7.cloudfront.net/ 		348 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-69.fra56.r.cloudfront.net
Software
/
Resource Hash
66764b40dfa37f71120d6c0aca760776de7fc2fe27efbbadcf5270cd76ca7335

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
gzip
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
115237
x-amz-cf-id
mEvphZvPll-AUoPF3OzNi9AuVo389m9nXiDmdmNZvb5nnK58jnG10w==
55182
duscleouphes.com/tMTwjPDKFpnosZukI/ 		5 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duscleouphes.com/tMTwjPDKFpnosZukI/55182
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.248.183 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 07:06:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://thenewscasts.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thenewscasts.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
396130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 17:04:15 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thenewscasts.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 18:01:47 GMT
x-content-type-options
nosniff
age
392678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 18:01:47 GMT
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3441
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 01 Jun 2023 06:09:04 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://thenewscasts.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jf8E%2FwZlf4e%2FNHdLns0WY8LuyuBOMhDlWWycIBt7pxILOspgcA2O2j%2BxcAT0%2FaQ0YnJb69zLC%2BCvn7wb3whxI8SEZ4qsXIuYsot1WvD%2FqXqfGfrr0olqvfuxgCEndTur"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7d059d25d847bfcd-WAW
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
353 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a153dbde0ac2e20e48d37a740d96521265e2a429b6ff5ed3a70d838200f07b98

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbzzMWMViX%2FoD97pflitUkY87n2FCRYhp5Rm0%2FYtUd%2FULi19RjjjjdCzMj5CSwsdw6GJD6opsAHUbXXOjVLA3RYEbB5QRYK3DrFCHx%2Bd7MN81Yj3%2Bw6WbCNpRsVTafHv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://thenewscasts.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7d059d25d849bfcd-WAW
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
adthereissome.info/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adthereissome.info/utx?cb=G1hs3QiWxhfI&top=thenewscasts.com&tid=950471
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 07:06:25 GMT
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://thenewscasts.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
ULYJZLZvacjIE5MWGDSRZzfL6PbQbYA00WlpKozHkSHpiTwaB87wIQ==
NlgUOCgiQkRGAQ
adthereissome.info/QnAydncjElEbSCNNUFACMBwPU0UEVQAwE3EEXQwDdQNbQRUvFgVYFC4fRxIRMB9cAlksFUZTRQQ9ViEidyVcNyABHFFGIzU1fy4gezpjMCIMKmcwIwZAXU8/JSZrEA0lI30RTjA5WTwyCBgKGzQqNms1LxMTdDcDJxIDLyYBQUIAJhQ9dy... Frame D33D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adthereissome.info/QnAydncjElEbSCNNUFACMBwPU0UEVQAwE3EEXQwDdQNbQRUvFgVYFC4fRxIRMB9cAlksFUZTRQQ9ViEidyVcNyABHFFGIzU1fy4gezpjMCIMKmcwIwZAXU8/JSZrEA0lI30RTjA5WTwyCBgKGzQqNms1LxMTdDcDJxIDLyYBQUIAJhQ9dy4jAD5jIzkMOVpOEhU1RRg2AzVzIA1yOXYnOiQ6SjA+ATZrGTAQG3ghPyYzf0c2GileID8UIncaMBADcCAeFzRnMBQIIHMkJhQHXhwmBARkPjAHCWcwFAg6YB0VFwcDRSY4FHM1RQs5Y0cyExQCPDEANR8dHgoycyUvBjFQPjUHE2syLQMmVUNPE0B8NzRwOms+EHM+Yg4PEyYBBkQTG2c8IgYbZCMxITp8JCIVNF4sQBQlViAgKB9xMRAqE1ZGPjgmcx4fGhtkOjMFInokRzE5azMtEyZFHR8HIn8zJDgEZCQODz1rIxMgJlVPRwAlWiNRKANdGAd/NlgUOCgiQkRGAQ
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e014182ddc2de096c70030aac5b43330ebf9602cf9e2942640cf653cfded77a9

Request headers

Referer
https://thenewscasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1234
content-type
text/html
date
Thu, 01 Jun 2023 07:06:25 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-id
UjM-hFKhVtpsYsO28-guZKbLPblh1j1L5va_S9yDY4MapQ7WAEUvRg==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3441
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 01 Jun 2023 06:09:04 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://thenewscasts.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4bYsGMItZUxkTSrxtk0jOF16squ8cnei1dm3y6vgL34rMoTt5GXyRkmEUq%2Brd8R%2FgkCY3NusHy74ZRhVtC%2F4kK1pwZJiupzgIw7D8DzEXMHw5C2SZ56UqTpMojAV8sV"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7d059d25d84abfcd-WAW
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f20c3075ced8bedf36c31acaf5f05832bc0e0d28476aae4dfa0ea9cddf02df6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0znxOUUBbKntyAJb0kgHa4x9Gd%2BM%2Fz4fli1V91D8U%2Fz%2BUAVyUOdG1PDeAxYWrMrRMrln0386gOtCvA%2F2eBKQFGOITY%2Fg%2FIztlsFN5O%2FKPdtpfAuztwfz96cIldWhJDv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://thenewscasts.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7d059d25d84bbfcd-WAW
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
adthereissome.info/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adthereissome.info/utx?cb=oGXoXuTnwizV&top=thenewscasts.com&tid=940049
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 07:06:25 GMT
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://thenewscasts.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
Ri9ICjxE9CkGmm4RQY1zHTQVY3BNgqcl8EddkcCR2HL0JkB6iy5jew==
CykAC3gMAREyBRENKxIbKioBDQIMAABzIB83YDIFPyMxDjUxCQJ5fBIqHyIiIzM0JRV3MDcZNDUJAnl8FSsLBCYgMGk4CHYkfXgKFiUafRUSNDwrInVWCBthIlYTCQUqITIHJwwxMAEEKw41LyAfFD15DmBUHhkEBAsIHicTKB8iIgEKaTsqEQ0zDzZ0CQJ5fCM2C...
adthereissome.info/SkxFZlgrLiYLZytxJ0AtOCB4Q2oMaXcgPHk4KhwsfT8sUTonKnJIOyYjMAI+OCMrEnYkKTFDagwmEzNpfhsAVmoDJBxDaggvLCMzAgsTVgESfQwEEBg2DxEreQU8MC8PISoCHgsNESMJHyQkES8jBxIOYRImFBUXMzwDADEtewkNDjotPz... Frame 95C4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adthereissome.info/SkxFZlgrLiYLZytxJ0AtOCB4Q2oMaXcgPHk4KhwsfT8sUTonKnJIOyYjMAI+OCMrEnYkKTFDagwmEzNpfhsAVmoDJBxDaggvLCMzAgsTVgESfQwEEBg2DxEreQU8MC8PISoCHgsNESMJHyQkES8jBxIOYRImFBUXMzwDADEtewkNDjotPzcoDSETUzswJwwoIRAjCidoJQMRJzIMNQRXFXg/CykAC3gMAREyBRENKxIbKioBDQIMAABzIB83YDIFPyMxDjUxCQJ5fBIqHyIiIzM0JRV3MDcZNDUJAnl8FSsLBCYgMGk4CHYkfXgKFiUafRUSNDwrInVWCBthIlYTCQUqITIHJwwxMAEEKw41LyAfFD15DmBUHhkEBAsIHicTKB8iIgEKaTsqEQ0zDzZ0CQJ5fCM2C35pdyQRJgp8AGofOQAlNyMDBg48KysxDT4POHcAAD54EQthb34DA2syBycLMCQqFBVtATYUQ2oMCR1XfXgKAFUwBi53KDUvfXESOw0dYwwrJSI1WzJ4HAQrMwMEMQ
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
6b1f41f12ebf6fb227dc5f9528b5901eb23dc9ebcea83b79cbb12412e7d3fcff

Request headers

Referer
https://thenewscasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1231
content-type
text/html
date
Thu, 01 Jun 2023 07:06:25 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-id
PTJXDZjiKXQWW8xPbyq33RKryi1hUIV7_zY3LbxIEY8pezTEHpHvBg==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
biwpDXN+AzAjb2ETBjByTGAkNnx+LTwKXVEDCxF+Yj4nIlpxFDUpe1cgNzNsfhciCmNyPh03e3F4JzNuBDkJM1JQMCdTVlYWGQZyeDknMHUEHwYweAATNSJdYgA3Fnh+LTwreARgHzBVfQU1G3hSEQYNelcRKzVhYgcCMHxMDyQ5b3cBN1BvUBMnMGF2BBsnXnkwN...
adthereissome.info/NFVxYTlVNxIMBlVoE0dMRjlMRAtycEMnXQchHhtNAyYYVltZM0ZPWlg6BAVfRjofFRdaMAVEC3IHK1FzQwwcFnx4B0UkbEwYAyd/DQMkD3NxAydUe38UPC94XDFUU399OQJVcUMHNyVqfQY9JQlFGjQkC3cyKzNvBgQSIE59FBdQYHwUFj... Frame 2A4E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adthereissome.info/NFVxYTlVNxIMBlVoE0dMRjlMRAtycEMnXQchHhtNAyYYVltZM0ZPWlg6BAVfRjofFRdaMAVEC3IHK1FzQwwcFnx4B0UkbEwYAyd/DQMkD3NxAydUe38UPC94XDFUU399OQJVcUMHNyVqfQY9JQlFGjQkC3cyKzNvBgQSIE59FBdQYHwUFjMcBhMgNGh6FAgjd2I+HjJwBGUhIEEEJzkgDXoEHyALYmU7OWMEHyIze3UnOQZgcBA1J29hEwYrd1gDIDl/biwpDXN+AzAjb2ETBjByTGAkNnx+LTwKXVEDCxF+Yj4nIlpxFDUpe1cgNzNsfhciCmNyPh03e3F4JzNuBDkJM1JQMCdTVlYWGQZyeDknMHUEHwYweAATNSJdYgA3Fnh+LTwreARgHzBVfQU1G3hSEQYNelcRKzVhYgcCMHxMDyQ5b3cBN1BvUBMnMGF2BBsnXnkwNQxddx83DWxQA0Qzbl8QQjVveXMbElZaJUwzAGAtN1RWeiAfLHFg
Requested by
Host: d3tozt7si7bmf7.cloudfront.net
URL: https://d3tozt7si7bmf7.cloudfront.net/?tzotd=950471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-125.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
b7ade62db073257f0eee0078170d8e4a4b040878ef5280f7c9f7a84ec352dccd

Request headers

Referer
https://thenewscasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1218
content-type
text/html
date
Thu, 01 Jun 2023 07:06:25 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-id
oUy5hg4Jh2kEU04eEqzUtLDBYpeH2DwLqWHsAE_D0zzwumv9-CXZKw==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
OExtN3EXcw5ETGwLWUAUfwpZYAZQATsEHVsNXQIiXBo0cyIJAUtDGFxxVAJBDHtcEQFRKFAGV0s4DEMES3FcERhWKgIKV05xXBlCDGJeBV8KahgKQB44HVYWBX1LRwVMIFAGRwB5WwdCCXRYAkEI
ranopportunityt.com/ 		0
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/OExtN3EXcw5ETGwLWUAUfwpZYAZQATsEHVsNXQIiXBo0cyIJAUtDGFxxVAJBDHtcEQFRKFAGV0s4DEMES3FcERhWKgIKV05xXBlCDGJeBV8KahgKQB44HVYWBX1LRwVMIFAGRwB5WwdCCXRYAkEI
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZweyaPzELrJNy0dHdJbCmN2hxc9hu%2B%2BILPLEy5sIUJu%2F8w%2Bk16Pigyu7cNRDHWft5gnV8zMjKgqYSpdgM0OINNItyiAI3ZcpZSDfptIn6kEhe5GRIcSfOJeTmuLNea8wpDTPetw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d059d2668b03491-WAW
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFtlEOkIKMTI5NLhPr4KSxORL_kMhb6-D_Cj1DLogecQz8XpsS1ZUYWmxe...
  • https://accounts.google.com/v3/signin/identifier?dsh=S873063156%3A1685603185811164&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPuwz8XyNCVV3QcCunKCYzfqtvs0yL98SWFxcm99TZEs...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S873063156%3A1685603185811164&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPuwz8XyNCVV3QcCunKCYzfqtvs0yL98SWFxcm99TZEs57nqPTcJ_TM_oLRbPSH8vfsLKMg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Server
172.217.18.13 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Thu, 01 Jun 2023 07:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-ky4Uowfg1EwBjZBSkk0V9A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S873063156%3A1685603185811164&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPuwz8XyNCVV3QcCunKCYzfqtvs0yL98SWFxcm99TZEs57nqPTcJ_TM_oLRbPSH8vfsLKMg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGj7D4RwJwqd8RPriVoFQ0kppQb8GUx4-R59G26-Fkf4msNiCOrDFb...
  • https://accounts.google.com/v3/signin/identifier?dsh=S722103789%3A1685603185832404&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGed4AucW0CFLnKFti8Q2_rt1TflzYUxrW1tS7mA9Ok2F...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S722103789%3A1685603185832404&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGed4AucW0CFLnKFti8Q2_rt1TflzYUxrW1tS7mA9Ok2FgMGL6v8iC6E363HNT3l7jY7jPL9A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H3
Server
172.217.18.13 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Thu, 01 Jun 2023 07:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jFVPu27WIYEDL8rjs5A4-g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S722103789%3A1685603185832404&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGed4AucW0CFLnKFti8Q2_rt1TflzYUxrW1tS7mA9Ok2FgMGL6v8iC6E363HNT3l7jY7jPL9A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
dXNzU2laTBAgVBA3IQokGBc+EQQwPyUWWTYRIjc9JhQlNCgjR1UnABFOSmdZRUdKdRkcF05iTwYHEiccBk5CdQAbFRxuTwNOQn1aQV1AYUdHVQZuWFMHAzIOSEJVIx0BH05iX01GRWNaREtGZl1D
ranopportunityt.com/ 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/dXNzU2laTBAgVBA3IQokGBc+EQQwPyUWWTYRIjc9JhQlNCgjR1UnABFOSmdZRUdKdRkcF05iTwYHEiccBk5CdQAbFRxuTwNOQn1aQV1AYUdHVQZuWFMHAzIOSEJVIx0BH05iX01GRWNaREtGZl1D
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1AhgaaaUnFnezGBr9NhSCJ4Itc34Z7Yn4KskGbnPDtZD1Eeo1eg2K0NRaj0cbRMmz6j9ckQ9UGb1Ldc7YeCC5W1ztuOMFp113GwXF9oVQKkrEwJdynW%2F23UMQupXga9trUuoYVW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d059d2668b43491-WAW
alt-svc
h3=":443"; ma=86400
dHlwPiYEdmE5NwJReToZFGZ+BzASah4YGCEOAVlBcQQKSgEsVwVdSWNATA0FMEAFXVcsXV4DTGNFBV1fdR0KQkJjRgVdVzFDWQtMdBVIGAUpDglaSXAFCF9AfQYNW0M
ranopportunityt.com/RTM4bHFqDFsfTCZdejk/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/RTM4bHFqDFsfTCZdejk/dHlwPiYEdmE5NwJReToZFGZ+BzASah4YGCEOAVlBcQQKSgEsVwVdSWNATA0FMEAFXVcsXV4DTGNFBV1fdR0KQkJjRgVdVzFDWQtMdBVIGAUpDglaSXAFCF9AfQYNW0M
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv4J8o%2BCpTcwnzadHmuf5V3kOsUcCKj9aTGkjs9HA3ujhLkq8Oh9RmBNPMZS38832rEEMU65yQH12YB%2BW2i4FrnxMw9c%2FvhhVhSnOjhT5gsPPxJf80aOfvRn3w59soPV9fDPxp%2FZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d059d2668b53491-WAW
alt-svc
h3=":443"; ma=86400
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thenewscasts.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 20:39:35 GMT
x-content-type-options
nosniff
age
124010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 20:39:35 GMT
QUQNAyBNVkoSI00PAx0rHA4NQnA2V0JXZ0JSRBArHgYDEDFVUFwJNlVQXFZyXlJJVABVUFwQKx5UWEJxMkdeVzpGVkVCcEADHBcuFRUJBSkZFklVBE-VRW0lxRkdeV2obChgKLlVQL0JwQA4FDCdVUFwAJxMJA05nQlIPDzAfDwlCcDZTXVRsQExZUXVCTF1VdFVQ...
d3tozt7si7bmf7.cloudfront.net/RZ0JwYmwELR4EUxMrFF9VUnJEVV5BKAMNAhd/Ils4HwRFDSISLD0qOEE2CgZRV2QcAwIAf1YHAgR/ Frame 2A4E 		201 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tozt7si7bmf7.cloudfront.net/RZ0JwYmwELR4EUxMrFF9VUnJEVV5BKAMNAhd/Ils4HwRFDSISLD0qOEE2CgZRV2QcAwIAf1YHAgR/QUQNAyBNVkoSI00PAx0rHA4NQnA2V0JXZ0JSRBArHgYDEDFVUFwJNlVQXFZyXlJJVABVUFwQKx5UWEJxMkdeVzpGVkVCcEADHBcuFRUJBSkZFklVBE-VRW0lxRkdeV2obChgKLlVQL0JwQA4FDCdVUFwAJxMJA05nQlIPDzAfDwlCcDZTXVRsQExZUXVCTF1VdFVQXBQjFgMeDmdCJFlUdV5RWkE3TVM
Requested by
Host: adthereissome.info
URL: https://adthereissome.info/NFVxYTlVNxIMBlVoE0dMRjlMRAtycEMnXQchHhtNAyYYVltZM0ZPWlg6BAVfRjofFRdaMAVEC3IHK1FzQwwcFnx4B0UkbEwYAyd/DQMkD3NxAydUe38UPC94XDFUU399OQJVcUMHNyVqfQY9JQlFGjQkC3cyKzNvBgQSIE59FBdQYHwUFjMcBhMgNGh6FAgjd2I+HjJwBGUhIEEEJzkgDXoEHyALYmU7OWMEHyIze3UnOQZgcBA1J29hEwYrd1gDIDl/biwpDXN+AzAjb2ETBjByTGAkNnx+LTwKXVEDCxF+Yj4nIlpxFDUpe1cgNzNsfhciCmNyPh03e3F4JzNuBDkJM1JQMCdTVlYWGQZyeDknMHUEHwYweAATNSJdYgA3Fnh+LTwreARgHzBVfQU1G3hSEQYNelcRKzVhYgcCMHxMDyQ5b3cBN1BvUBMnMGF2BBsnXnkwNQxddx83DWxQA0Qzbl8QQjVveXMbElZaJUwzAGAtN1RWeiAfLHFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-69.fra56.r.cloudfront.net
Software
/
Resource Hash
98b29929cc04f80b0840e828dafd2255ebf0596e2fee1e9ae8692485b9c897bd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://adthereissome.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
gzip
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
196
x-amz-cf-id
ExzoeD8NDZVepTjTpZ6xHLACO4mZEPzBcz3LhCJYS2m5Of0tg_4Rbg==
MdWU5UnAWClc0TwEMXW9JQFUNZUFTD0o9HgVYfzgSOg9rIkJEJh8mChFYCXQcFAteb1YQC1pvQVMEXTBNQUNNIh8eWEwnAAEAVz0IDQMfJxFICFYoGRkJWHdCM1AXYlVHVRElGRsBViUDUFcJPARQVwljQFtVHGEyUFcJJRkbUw13QzdAC2IIQ1EQd0JFBE-kiHBA...
d3tozt7si7bmf7.cloudfront.net/ Frame D33D 		670 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tozt7si7bmf7.cloudfront.net/MdWU5UnAWClc0TwEMXW9JQFUNZUFTD0o9HgVYfzgSOg9rIkJEJh8mChFYCXQcFAteb1YQC1pvQVMEXTBNQUNNIh8eWEwnAAEAVz0IDQMfJxFICFYoGRkJWHdCM1AXYlVHVRElGRsBViUDUFcJPARQVwljQFtVHGEyUFcJJRkbUw13QzdAC2IIQ1EQd0JFBE-kiHBASXDAbHBEcYDZAVg58Q0NAC2JYHg1NPxxQV3p3QkUJUDkVUFcJNRUWDlZ7VUdVWjoCGghcd0IzVAhhXkVLDGRHR0sIYEZQVwkhERMESztVRyMMYUdbVg90BUhU
Requested by
Host: adthereissome.info
URL: https://adthereissome.info/QnAydncjElEbSCNNUFACMBwPU0UEVQAwE3EEXQwDdQNbQRUvFgVYFC4fRxIRMB9cAlksFUZTRQQ9ViEidyVcNyABHFFGIzU1fy4gezpjMCIMKmcwIwZAXU8/JSZrEA0lI30RTjA5WTwyCBgKGzQqNms1LxMTdDcDJxIDLyYBQUIAJhQ9dy4jAD5jIzkMOVpOEhU1RRg2AzVzIA1yOXYnOiQ6SjA+ATZrGTAQG3ghPyYzf0c2GileID8UIncaMBADcCAeFzRnMBQIIHMkJhQHXhwmBARkPjAHCWcwFAg6YB0VFwcDRSY4FHM1RQs5Y0cyExQCPDEANR8dHgoycyUvBjFQPjUHE2syLQMmVUNPE0B8NzRwOms+EHM+Yg4PEyYBBkQTG2c8IgYbZCMxITp8JCIVNF4sQBQlViAgKB9xMRAqE1ZGPjgmcx4fGhtkOjMFInokRzE5azMtEyZFHR8HIn8zJDgEZCQODz1rIxMgJlVPRwAlWiNRKANdGAd/NlgUOCgiQkRGAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-69.fra56.r.cloudfront.net
Software
/
Resource Hash
e845395d471039ccd586c418f3b59c0c7f2e54988a08dcc535fcd16131dfd203

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://adthereissome.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
gzip
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
486
x-amz-cf-id
3rAo1RRxzYgKKXh49c1IywC_RXTBoUA6BcakZC_iWe2Sxe54HNeczQ==
E3hLb2Nme14tcGQ
d3tozt7si7bmf7.cloudfront.net/jVU14WE02IhY+ciEkHGV0YX1IbHRzJws3IyVwEmodFAATEQUhawwiKWh9XjQsOypFfig7LkVpazQpGmV5czkINyZoOA0oOTAjFyA1M2sNOXA4IgIxITksXWoLYGNIfX9lZQ8xIzEiDytoZ30WLGhnfUloY2VoSxpoZ30PMS... Frame 95C4 		673 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tozt7si7bmf7.cloudfront.net/jVU14WE02IhY+ciEkHGV0YX1IbHRzJws3IyVwEmodFAATEQUhawwiKWh9XjQsOypFfig7LkVpazQpGmV5czkINyZoOA0oOTAjFyA1M2sNOXA4IgIxITksXWoLYGNIfX9lZQ8xIzEiDytoZ30WLGhnfUloY2VoSxpoZ30PMSNjeV1rD3B/SCB7YWRdan00PQ-g0KCIoGjMkIWhKHnhmelZre3B/SHAmPTkVNGhnDl1qfTkkEz1oZ30fPS4+IlF9f2UuECoiOChdagtkfEt2fXt4Tm9/e3xKbmhnfQs5KzQ/EX1/E3hLb2Nme14tcGQ
Requested by
Host: adthereissome.info
URL: https://adthereissome.info/SkxFZlgrLiYLZytxJ0AtOCB4Q2oMaXcgPHk4KhwsfT8sUTonKnJIOyYjMAI+OCMrEnYkKTFDagwmEzNpfhsAVmoDJBxDaggvLCMzAgsTVgESfQwEEBg2DxEreQU8MC8PISoCHgsNESMJHyQkES8jBxIOYRImFBUXMzwDADEtewkNDjotPzcoDSETUzswJwwoIRAjCidoJQMRJzIMNQRXFXg/CykAC3gMAREyBRENKxIbKioBDQIMAABzIB83YDIFPyMxDjUxCQJ5fBIqHyIiIzM0JRV3MDcZNDUJAnl8FSsLBCYgMGk4CHYkfXgKFiUafRUSNDwrInVWCBthIlYTCQUqITIHJwwxMAEEKw41LyAfFD15DmBUHhkEBAsIHicTKB8iIgEKaTsqEQ0zDzZ0CQJ5fCM2C35pdyQRJgp8AGofOQAlNyMDBg48KysxDT4POHcAAD54EQthb34DA2syBycLMCQqFBVtATYUQ2oMCR1XfXgKAFUwBi53KDUvfXESOw0dYwwrJSI1WzJ4HAQrMwMEMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-69.fra56.r.cloudfront.net
Software
/
Resource Hash
dbb1b161bca3d0945f35b21adb48f29ef5575676cf87fbaa7b26330e9c0fc03e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://adthereissome.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:25 GMT
content-encoding
gzip
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
499
x-amz-cf-id
-cvCyq1856xnj8J0d5FdpLIpF310NLTF1azO0mECSgLPW3dB-7fiyg==
VWV3cEd6WhQDejYhHx0TAQ0yNBFgUDMbEh4zLwMLBjQ1JiEyClEELjFYTkV3YVJGVjc8AUpBYSYRFgQyJlhEQHdkQx4eITpYR0B3ZEMBTXZ7VkNedGdLRVYyaFFPQ3NhVEFFdmZVRUhyZEMDACYyWEZWNyERG012Y11CRndmVE9FfmZS
ranopportunityt.com/ 		0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/VWV3cEd6WhQDejYhHx0TAQ0yNBFgUDMbEh4zLwMLBjQ1JiEyClEELjFYTkV3YVJGVjc8AUpBYSYRFgQyJlhEQHdkQx4eITpYR0B3ZEMBTXZ7VkNedGdLRVYyaFFPQ3NhVEFFdmZVRUhyZEMDACYyWEZWNyERG012Y11CRndmVE9FfmZS
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:06:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTS1StIaD9wivAdAg1%2Blb%2FaY0m6g%2BEy6%2FDPbv4SEi1DGSziUb%2BudlqA8WfZbQmuXXyheOof%2Flr%2BYknyFjiHBrSMbIHmXkltxuVCoKwKLJUhh5YPABCkKoDZq3vY%2FACDoeBVITVJN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7d059d282a443491-WAW
alt-svc
h3=":443"; ma=86400
popunder.gif
ranopportunityt.com/ 		35 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/popunder.gif
Requested by
Host: thenewscasts.com
URL: https://thenewscasts.com/view/c09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://thenewscasts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Thu, 01 Jun 2023 07:06:25 GMT
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 15:06:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
143984
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isYO3HLfuNclQIw0HnL16vVqgm8DEVblvhyQ4P4%2BMhQPdv2KkdnvbEgWguzCT%2Bp7F0iIG%2FlxEiwYtv9PGzJSxLswInTxuYmY2gsZLtUiKbp42WmopsR4UR%2F2xgg9N9XakweT%2FLyx"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7d059d287aaa3491-WAW
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| timeNoZone function| copy_to_clipboard number| LAST_CORRECT_EVENT_TIME object| utr_950471 number| userTrackingInterval number| _2908915816 object| utr_940049 number| _3002979061 number| iinf

4 Cookies

Domain/Path Name / Value
thenewscasts.com/ Name: PHPSESSID
Value: 039u7ob75v82dpc6qokbvrmff0
duscleouphes.com/ Name: GL_UI4
Value: eJw9jVtOhEAURHkz6oBWwgJcAgiY8dO4iPkk%2Fbgw7UD3pGkh7t6OiX7VSeVUKgiCqHpEuGUJ4i%2FW45leT7XkXT%2F2p5F3ouv6thUjI9nVvKWXN9ypdXCMz%2BQSHNaFWTe4LcFxIk1WiUEYSQWevPXXXLXZdYKUW6ZlgXTxxlwg59bsK9kqRqLZQsg%2BLtb4TBf2aSzipmk9K%2B05rBGZtYrLe%2BRnpaUflkdETV2WWYCH28zcaOwyKJmFSCfLJCF8x0EwR5Ox38glrVdnboCZ5fDv%2F%2F7Ge1Mjk7Qp4c%2BNu5D9AZQoTrg%3D
duscleouphes.com/ Name: GL_GI10
Value: eJxNjkFrwkAUhOPGrgatZcC%2FYSBUEu9eteTW47IkT1mo%2B8Lu0zb%2BeqOW0tvMB98wSZKo5QLKdXgtqjIvq3xT5sV7hfRIDFXvMG%2F47CX0xtsTQdf8ZX0LHejo2EMVa8ye2TTcEl7q3eofe0iTvb3yxVmMGyc99KcN0X4ju7enlQ3WL01dHM58kHSBhRpZDTXzJCZ2RC2yLYeOgxXC4o8%2BRnSKqYtm0H56PcKbuBNd2ZPhwyGSaIXRRasbNpVIPw%3D%3D
pogothere.xyz/ Name: csu
Value: 483441651302851@1@1685603185

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S873063156%3A1685603185811164&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFVPuwz8XyNCVV3QcCunKCYzfqtvs0yL98SWFxcm99TZEs57nqPTcJ_TM_oLRbPSH8vfsLKMg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S722103789%3A1685603185832404&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGed4AucW0CFLnKFti8Q2_rt1TflzYUxrW1tS7mA9Ok2FgMGL6v8iC6E363HNT3l7jY7jPL9A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adthereissome.info
code.jquery.com
d3tozt7si7bmf7.cloudfront.net
duscleouphes.com
fonts.googleapis.com
fonts.gstatic.com
pogothere.xyz
ranopportunityt.com
thenewscasts.com
www.facebook.com
104.21.56.204
157.240.252.35
172.217.16.202
172.217.18.13
172.217.18.99
172.64.132.29
188.114.97.3
23.109.248.183
52.222.206.69
52.222.236.125
69.16.175.10
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f20c3075ced8bedf36c31acaf5f05832bc0e0d28476aae4dfa0ea9cddf02df6
480f0d837c7f90d9268e26c091ea45ccc45b66301abc3bc9d27e3be1533f11bf
66764b40dfa37f71120d6c0aca760776de7fc2fe27efbbadcf5270cd76ca7335
6b1f41f12ebf6fb227dc5f9528b5901eb23dc9ebcea83b79cbb12412e7d3fcff
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
98b29929cc04f80b0840e828dafd2255ebf0596e2fee1e9ae8692485b9c897bd
9be542247a2485c0f31a4bbf06b7b300920e6d18c10a7dd458cda88427a9a29e
a153dbde0ac2e20e48d37a740d96521265e2a429b6ff5ed3a70d838200f07b98
b0b3cf067ca63a1f9e32ae3d27cf706b01f79ce1091f570d6f1e77f83bbfdb1f
b7ade62db073257f0eee0078170d8e4a4b040878ef5280f7c9f7a84ec352dccd
b98aa59a245a275e35990bd0a6c61170035753a73425b6ba83fb4cb350398b83
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
dbb1b161bca3d0945f35b21adb48f29ef5575676cf87fbaa7b26330e9c0fc03e
e014182ddc2de096c70030aac5b43330ebf9602cf9e2942640cf653cfded77a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e845395d471039ccd586c418f3b59c0c7f2e54988a08dcc535fcd16131dfd203
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16