thejornal3.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wolftop5.xyz/event_339730e7-4387-4c27-2b92-e45466bd745e_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZX...
Effective URL:
https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQy...
Submission: On November 01 via api (November 1st 2024, 1:19:45 am UTC) from US — Scanned from CA

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 10 domains to perform 8 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is thejornal3.xyz.
TLS certificate: Issued by E5 on September 12th 2024. Valid for: 3 months.

This is the only time thejornal3.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16 19	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1 1	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
1 1	2606:4700:303... 2606:4700:3033::ac43:cc0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	178.63.104.24 178.63.104.24	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2400:52e0:1a0... 2400:52e0:1a00::1068:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700:440... 2606:4700:4400::6812:2396	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c07::5e	15169 (GOOGLE) (GOOGLE)
8	5

19 173.214.240.15 (United States) 16 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

wolftop5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thejornal3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.182.164.180 (United States) 1 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.rexsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:cc0f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

icon-adc.realsh.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.104.24 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.24.104.63.178.clients.your-server.de

frequentjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1068:1 (Chicago, United States) 1 redirects

ASN200325 (BUNNYCDN, SI)

icon.eu.rfxmnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2396 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	freetrckr.com 14 redirects freetrckr.com	4 KB
4	thejornal3.xyz 1 redirects thejornal3.xyz	3 KB
2	gstatic.com fonts.gstatic.com	36 KB
1	adskeeper.com s-img.adskeeper.com — Cisco Umbrella Rank: 33028	7 KB
1	rfxmnd.com 1 redirects icon.eu.rfxmnd.com — Cisco Umbrella Rank: 227181	676 B
1	frequentjam.com 1 redirects frequentjam.com	272 B
1	realsh.xyz 1 redirects icon-adc.realsh.xyz — Cisco Umbrella Rank: 159694 realpush.realsh.xyz Failed	1 KB
1	rexsrv.com 1 redirects xml.rexsrv.com — Cisco Umbrella Rank: 101321	163 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	wolftop5.xyz 1 redirects wolftop5.xyz	129 B
8	10

	Domain	Requested by
14	freetrckr.com	14 redirects
4	thejornal3.xyz	1 redirects thejornal3.xyz
2	fonts.gstatic.com	fonts.googleapis.com
1	s-img.adskeeper.com	thejornal3.xyz
1	icon.eu.rfxmnd.com	1 redirects
1	frequentjam.com	1 redirects
1	icon-adc.realsh.xyz	1 redirects
1	xml.rexsrv.com	1 redirects
1	fonts.googleapis.com	thejornal3.xyz
1	wolftop5.xyz	1 redirects
0	realpush.realsh.xyz Failed	thejornal3.xyz
8	11

This site contains no links.

Subject Issuer	Validity	Valid
freshnewsnow3.xyz E5	`2024-09-12` - `2024-12-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Frame: https://realpush.realsh.xyz/b2/c/c/redir?cid=5&did=XWFyTUQ&eid=13659&nid=10004&sid=3269572421SIWTkzJG&ts=1730423979&ttl=3600&v=v5.12.8
Frame ID: 957B1D523F8943FEF39385EE0058B913
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

https://wolftop5.xyz/event_339730e7-4387-4c27-2b92-e45466bd745e_102_0_3001?payload=JTdCJTIyaCUyMi... HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJT... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

75 %
HTTPS

63 %
IPv6

10
Domains

11
Subdomains

5
IPs

2
Countries

47 kB
Transfer

54 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wolftop5.xyz/event_339730e7-4387-4c27-2b92-e45466bd745e_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtOTliMzg1ZGRiOWUyZjZkNzRkNGE5OWE4ZjQyNTNjNDMtMjUxMy0wLjAwMDI4NCUyMiU1RCU3RA%3D%3D&t=1729974592382&rnd=561642695&js=1...%20311%20...lOHhxbzRfcmV4X2RlJTIyJTdE&if=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://thejornal3.xyz/event_f7934584-de01-a3dc-c40a-7c2765b91ed0_70_3883_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0Q0NzgwY2FhNGRjNmU1NjcyZTUwYTIxMWNmYzNhZTNlMiUyNnJuZCUzRDgxMjIyMzQ5Mg%3D%3D&t=1730423980204&rnd=546016059&i=1 HTTP 302
https://xml.rexsrv.com/icon?sid=4780caa4dc6e5672e50a211cfc3ae3e2&rnd=812223492 HTTP 302
https://icon-adc.realsh.xyz/b2/c/i/icon?cid=5&did=XWFyTUQ&eid=13659&nid=10004&sid=3269572421SIWTkzJG&ts=1730423979&ttl=3600&v=v5.12.8 HTTP 302
https://frequentjam.com/imp?a=fagH&e=gAAAAABnJCyrWQfOdFPGh1DVdcwBjR8BoDpkqa8UXyGznzLJfCtXwr6YrT12sfaCl1qMHnC0CUf-tpfZ2213xyef8kwF4Cieg6f9cMfe2H9qkE7BF_ICdEiHYfEqhvU7RKnyQsOY5CHD1uNwsdGFSazfTkr8NLYVXBdO0gMazirHxt7E2PlXIBpGoOt_DeVGt5mL0N0K3Fs_JLcbe7Px6pps_64HxNXIAwkreNbxbAPtyiqE1Tk1pzLzvtkyRRSU3jHNw38ZXT4ectCscu2MxJNSyTQZzkYPRXNX86S2n8oeU9H6NsgYE_Dtyq7gy8VtenSmyUenRErjHm_kpwReGXUzPFgsUbU8w50n26KyvzE13U-AuQ3k_cra3C8MFG8cOjuFR7TbMxCHiBEXNt5i0bqzMA7b-rLjEFWT_LPEYIjb8JXrOsa7V_ZSa13wL76-iT_Nmf-GABaHiEyZNPn9hY-rdsY6ktccwWu7pMar41GUUnDtRXYK2Y0%3D HTTP 302
https://icon.eu.rfxmnd.com/v2/455/5d6bd2e1-97ef-11ef-93c7-5eb0b9f2b61c/1/ic HTTP 302
https://s-img.adskeeper.com/g/18919956/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDIvMTAxOTI0LzcyZjM1ZmQxZDMzM2Q0ZGQ0ZDIzZTFhZTQwZmU1MTdkLmpwZw.webp?v=1730423979-gRFEt80grhxUAXJCIPLOYdJAl43LVDsLFshLha23XN8

Request Chain 6

https://xml.rexsrv.com/click?s=1&tid=1496&sid=4780caa4dc6e5672e50a211cfc3ae3e2&rnd=582126719 HTTP 302
https://realpush.realsh.xyz/b2/c/c/redir?cid=5&did=XWFyTUQ&eid=13659&nid=10004&sid=3269572421SIWTkzJG&ts=1730423979&ttl=3600&v=v5.12.8

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thejornal3.xyz/
Redirect Chain

https://wolftop5.xyz/event_339730e7-4387-4c27-2b92-e45466bd745e_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtOTliMzg1ZGRiOWUyZjZkNzRkNGE5OWE4Zj...
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

590ms
163ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 042f6471f9a53f32d578ab3cd44db745cd46e03b5cc4342155b29c6362413a72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 01 Nov 2024 01:19:40 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Fri, 01 Nov 2024 01:19:39 GMT
location: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 415ms
110ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

794e424cad112f306e1bf057c71a9c9f3c9de2adb2831f02f1159e93f6049061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thejornal3.xyz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 01:19:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 01:19:40 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 00:50:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDIvMTAxOTI0LzcyZjM1Z...
s-img.adskeeper.com/g/18919956/200x200/-/
Redirect Chain

https://thejornal3.xyz/event_f7934584-de01-a3dc-c40a-7c2765b91ed0_70_3883_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0Q0NzgwY2FhNGRjNmU1NjcyZTUwYTIxMWNmYzNhZTNlMiUyNnJuZC...
https://xml.rexsrv.com/icon?sid=4780caa4dc6e5672e50a211cfc3ae3e2&rnd=812223492
https://icon-adc.realsh.xyz/b2/c/i/icon?cid=5&did=XWFyTUQ&eid=13659&nid=10004&sid=3269572421SIWTkzJG&ts=1730423979&ttl=3600&v=v5.12.8
https://frequentjam.com/imp?a=fagH&e=gAAAAABnJCyrWQfOdFPGh1DVdcwBjR8BoDpkqa8UXyGznzLJfCtXwr6YrT12sfaCl1qMHnC0CUf-tpfZ2213xyef8kwF4Cieg6f9cMfe2H9qkE7BF_ICdEiHYfEqhvU7RKnyQsOY5CHD1uNwsdGFSazfTkr8NLYV...
https://icon.eu.rfxmnd.com/v2/455/5d6bd2e1-97ef-11ef-93c7-5eb0b9f2b61c/1/ic
https://s-img.adskeeper.com/g/18919956/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDov...

7 KB
7 KB

257ms
79ms

Image
image/webp

2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.adskeeper.com/g/18919956/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDIvMTAxOTI0LzcyZjM1ZmQxZDMzM2Q0ZGQ0ZDIzZTFhZTQwZmU1MTdkLmpwZw.webp?v=1730423979-gRFEt80grhxUAXJCIPLOYdJAl43LVDsLFshLha23XN8

Requested by

Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0560aec4256faaf103073388bcef0a71c079431074c6ae71b7922cc8b2dcbe59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 719941
x-mg-request-uuid: 98d67497-7305-4155-a904-abbd35b6f3a0
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 01:19:42 GMT
content-type: image/webp
last-modified: Thu, 01 Aug 2024 20:34:30 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: immutable, max-age=31536000
cf-ray: 8db80ee3c8100cc4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6756
server: cloudflare

Redirect headers

cdn-status: 302
date: Fri, 01 Nov 2024 01:19:42 GMT
cdn-cache: MISS
cdn-cachedat: 11/01/2024 01:19:42
cdn-requestpullcode: 302
cache-control: no-store, must-revalidate, no-cache, max-age=0
location: https://s-img.adskeeper.com/g/18919956/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDIvMTAxOTI0LzcyZjM1ZmQxZDMzM2Q0ZGQ0ZDIzZTFhZTQwZmU1MTdkLmpwZw.webp?v=1730423979-gRFEt80grhxUAXJCIPLOYdJAl43LVDsLFshLha23XN8
cdn-requestpullsuccess: True
pragma: no-cache
cdn-uid: 5ceed8e7-cd08-4fa9-9fd5-2c309512d291
cdn-requestid: 6b4f2f55b898e9d2b3f410cff370777f
cdn-pullzone: 1117332
referrer-policy: no-referrer
cdn-proxyver: 1.06
cdn-requesttime: 0
content-length: 0
cdn-edgestorageid: 1068
server: BunnyCDN-IL1-1068
cdn-requestcountrycode: CA

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 208ms
67ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thejornal3.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 603807
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 25 Oct 2025 01:36:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 25 Oct 2024 01:36:14 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 187ms
58ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thejornal3.xyz
Referer: https://fonts.googleapis.com/

Response headers

age: 69147
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 06:07:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:07:14 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 404 favicon.ico
thejornal3.xyz/ 13 B
258 B 105ms
103ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thejornal3.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
date: Fri, 01 Nov 2024 01:19:42 GMT
pragma: no-cache
content-type: text/html; charset=UTF-8
server: nginx

GET
H2 200 event_f7934584-de01-a3dc-c40a-7c2765b91ed0_70_0_2998 Show response
thejornal3.xyz/ 116 B
207 B 102ms
98ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thejornal3.xyz/event_f7934584-de01-a3dc-c40a-7c2765b91ed0_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtNDc4MGNhYTRkYzZlNTY3MmU1MGEyMTFjZmMzYWUzZTItMzg4My0wLjAwMDAxNyUyMiU1RCU3RA%3D%3D&t=1730423980204&rnd=284216106&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: ad600f383153fe361ee9ed4dadda6bcf2aa09a69cc6ec972b420cc2b76a84db2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thejornal3.xyz/?sid=aaa67a648e320983709792ae06a335e5_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Response headers

content-encoding: gzip
date: Fri, 01 Nov 2024 01:19:43 GMT
content-type: application/javascript
server: nginx

GET

redir
realpush.realsh.xyz/b2/c/c/
Redirect Chain

https://xml.rexsrv.com/click?s=1&tid=1496&sid=4780caa4dc6e5672e50a211cfc3ae3e2&rnd=582126719
https://realpush.realsh.xyz/b2/c/c/redir?cid=5&did=XWFyTUQ&eid=13659&nid=10004&sid=3269572421SIWTkzJG&ts=1730423979&ttl=3600&v=v5.12.8

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: realpush.realsh.xyz
URL: https://realpush.realsh.xyz/b2/c/c/redir?cid=5&did=XWFyTUQ&eid=13659&nid=10004&sid=3269572421SIWTkzJG&ts=1730423979&ttl=3600&v=v5.12.8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			thejornal3.xyz/	1969-12-31 23:59:59	Name: sid Value: d5f0iu1ho4rjndf02spobuv582

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thejornal3.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
frequentjam.com
icon-adc.realsh.xyz
icon.eu.rfxmnd.com
realpush.realsh.xyz
s-img.adskeeper.com
thejornal3.xyz
wolftop5.xyz
xml.rexsrv.com
realpush.realsh.xyz
173.214.240.15
178.63.104.24
199.182.164.180
2400:52e0:1a00::1068:1
2606:4700:3033::ac43:cc0f
2606:4700:4400::6812:2396
2607:f8b0:4004:c06::5f
2607:f8b0:400d:c07::5e
042f6471f9a53f32d578ab3cd44db745cd46e03b5cc4342155b29c6362413a72
0560aec4256faaf103073388bcef0a71c079431074c6ae71b7922cc8b2dcbe59
794e424cad112f306e1bf057c71a9c9f3c9de2adb2831f02f1159e93f6049061
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
ad600f383153fe361ee9ed4dadda6bcf2aa09a69cc6ec972b420cc2b76a84db2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

thejornal3.xyz Open in urlscan Pro 173.214.240.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

75 %HTTPS

63 %IPv6

10 Domains

11 Subdomains

5 IPs

2 Countries

47 kBTransfer

54 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

thejornal3.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

63 %
IPv6

10
Domains

11
Subdomains

5
IPs

2
Countries

47 kB
Transfer

54 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions