patientsale5.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21...
Effective URL:
https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNB...
Submission: On March 15 via api (March 15th 2024, 9:42:28 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 16 domains to perform 26 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is patientsale5.xyz.
TLS certificate: Issued by R3 on March 12th 2024. Valid for: 3 months.

This is the only time patientsale5.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9 13	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
2	142.251.40.234 142.251.40.234	15169 (GOOGLE) (GOOGLE)
8 8	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
3 9	104.19.133.76 104.19.133.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	157.90.33.74 157.90.33.74	24940 (HETZNER-AS) (HETZNER-AS)
3	157.90.4.17 157.90.4.17	24940 (HETZNER-AS) (HETZNER-AS)
3 3	185.162.87.205 185.162.87.205	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	45.133.44.32 45.133.44.32	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	142.250.72.99 142.250.72.99	15169 (GOOGLE) (GOOGLE)
26	7

13 173.214.240.15 (United States) 9 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

newhote3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
historydj4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
patientsale5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.234 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.182.164.180 (United States) 8 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.pushking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.cpcmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.ppctraffic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.planetpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.19.133.76 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.33.74 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: psh3.1push.io

g0-g3t-msg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.4.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn8.1push.io

cdn4image.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.162.87.205 (Amsterdam, Netherlands) 3 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

xtssbu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.32 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mgid.com 3 redirects c.mgid.com — Cisco Umbrella Rank: 6979 s-img.mgid.com — Cisco Umbrella Rank: 9238	40 KB
6	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 20595	192 KB
6	historydj4.xyz 4 redirects historydj4.xyz	4 KB
4	gstatic.com fonts.gstatic.com	62 KB
4	pushking.net 4 redirects xml.pushking.net — Cisco Umbrella Rank: 77987	2 KB
3	patientsale5.xyz 1 redirects patientsale5.xyz	3 KB
3	xtssbu.xyz 3 redirects xtssbu.xyz	411 B
3	cdn4image.com cdn4image.com — Cisco Umbrella Rank: 6808	11 KB
2	ppctraffic.co 2 redirects xml.ppctraffic.co	262 B
2	g0-g3t-msg.net 2 redirects g0-g3t-msg.net	567 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	2 KB
2	freetrckr.com 2 redirects freetrckr.com — Cisco Umbrella Rank: 736582	677 B
2	newhote3.xyz 2 redirects newhote3.xyz	607 B
1	planetpush.net 1 redirects xml.planetpush.net — Cisco Umbrella Rank: 133746	653 B
1	cpcmart.com 1 redirects xml.cpcmart.com — Cisco Umbrella Rank: 954444	122 B
0	shopsalelogs3.xyz Failed shopsalelogs3.xyz Failed
26	16

	Domain	Requested by
6	i.wmgtr.com	historydj4.xyz
6	s-img.mgid.com	historydj4.xyz patientsale5.xyz
6	historydj4.xyz	4 redirects historydj4.xyz
4	fonts.gstatic.com	fonts.googleapis.com
4	xml.pushking.net	4 redirects
3	patientsale5.xyz	1 redirects historydj4.xyz patientsale5.xyz
3	xtssbu.xyz	3 redirects
3	cdn4image.com	historydj4.xyz
3	c.mgid.com	3 redirects
2	xml.ppctraffic.co	2 redirects
2	g0-g3t-msg.net	2 redirects
2	fonts.googleapis.com	historydj4.xyz patientsale5.xyz
2	freetrckr.com	2 redirects
2	newhote3.xyz	2 redirects
1	xml.planetpush.net	1 redirects
1	xml.cpcmart.com	1 redirects
0	shopsalelogs3.xyz Failed	patientsale5.xyz
26	17

This site contains no links.

Subject Issuer	Validity	Valid
woonews4.xyz R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
mgid.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
cdn4image.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
i.wmgtr.com R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
spectrumtop5.xyz R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh

This page contains 1 frames:

Frame: https://shopsalelogs3.xyz/sw_787d53cd-3e32-3c2f-d925-3c4d19ce0d3c_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: 067827DFEA87490AE3FCB0BB718ED3F3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

http://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiu... HTTP 301
https://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiu... HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

65 %
HTTPS

0 %
IPv6

16
Domains

17
Subdomains

7
IPs

4
Countries

312 kB
Transfer

326 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwu2ytrknzi2ywi3owe2ytvizwrmy2q4ymzindexyjqyltm0ntetmc4wmjm4ndilmjilmkmlmjixmdcyltmyyjbhnzhhmzdizjaxnzhimzlhogq0ndfl...~311~...knmr5of9yzxhfz2ilmjiln0q=&if=0 HTTP 301
https://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwu2ytrknzi2ywi3owe2ytvizwrmy2q4ymzindexyjqyltm0ntetmc4wmjm4ndilmjilmkmlmjixmdcyltmyyjbhnzhhmzdizjaxnzhimzlhogq0ndfl...~311~...knmr5of9yzxhfz2ilmjiln0q=&if=0 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwu2ytrknzi2ywi3owe2ytvizwrmy2q4ymzindexyjqyltm0ntetmc4wmjm4ndilmjilmkmlmjixmdcyltmyyjbhnzhhmzdizjaxnzhimzlhogq0ndfl...~311~...knmr5of9yzxhfz2ilmjiln0q=&if=0 HTTP 301
https://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwu2ytrknzi2ywi3owe2ytvizwrmy2q4ymzindexyjqyltm0ntetmc4wmjm4ndilmjilmkmlmjixmdcyltmyyjbhnzhhmzdizjaxnzhimzlhogq0ndfl...~311~...knmr5of9yzxhfz2ilmjiln0q=&if=0 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_3813_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDBmMTBkYzAyZmU5OTdlNTk5N2RiODA4NTNkMjczYTkzJTI2cm5kJTNEMzM4NzYwMTEx&t=1710538935809&rnd=203754305&i=1 HTTP 302
https://xml.pushking.net/icon?sid=0f10dc02fe997e5997db80853d273a93&rnd=338760111 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|fNaAtIAV9hbYlIc_OrjyhINAvWt9_JEGyziVV1eo-uU1XG_3y4PzJTw3kQNxNLMc8i0IGXHkgJT7gZMuZ5OrxW1fvZts8CJ2nemsQ1-BFfQ*&cid=1581047&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&rid=e38bb72f-e314-11ee-9393-c84bd68370c0&psid=876226&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzEyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzEwNTM4OTM1LVVnT3RpVnpZR2ZoZWh1V0NBcjh4dy1PUnB6UF9zdVBicWd1SnlnTFF1b3c= HTTP 301
https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1710538935-UgOtiVzYGfhehuWCAr8xw-ORpzP_suPbqguJygLQuow

Request Chain 3

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_2177_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDU1OWZlZDAwM2Y2OWY4NTQ0OGM2MWJmY2MwODg3OTNmJTI2cm5kJTNEMzM4NzYwMTEx&t=1710538935809&rnd=619835838&i=1 HTTP 302
https://xml.pushking.net/icon?sid=559fed003f69f85448c61bfcc088793f&rnd=338760111 HTTP 302
https://g0-g3t-msg.net/icn/uDkJkAqFanMUVWXMvcO7v1JrwEAWt9jReXBljxjgkwlavZzBYKR4ZSUjULdYh4-4c5FV6A6TLKSl6xSbrJe-EBPbnJjfCDqvKIPzkjmf55NiV0kQ5ef_vBprsqQ0BUHeJLWfGzYIWd3R6Z2AYjhqq9AhtVe6GUyy7UEGVRhHmaIfNBM7FZvtlQ2LEcpcfipRx40W1oPSESZob5AKqar0MUv8yM913avc9hn8zqCvidRinpsQh_zUTGG7KrpgWi7ModlR4EW3CYfrcnRNBnh0PO8rZkkp2UuvBRHal5C0dTwitS-2TfdJ1jyKmfuU28WtQoLGo0iTjrw8ojoN0xAdOJ6G-qJLa8YYI21ezqK3EIapGbfCB3T2KmLCgGABl2RE4mSCAVbOTGpcb6g_eQlfjJ1rVeSXVgAWgGNGNjsJbhHjGf2F2Cl4OVxUNT5iHlnRAKarjbJ9SjGOTvpzeJBbE65pMAcVdeG7JNIv2cC6DJuRzwkINCCMJmBih3o HTTP 301
https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp

Request Chain 4

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_1690_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGUxYWMxNjExNjgxN2RkNWRiM2RiYzAxYTljZTdlYmY3JTI2cm5kJTNEMzM4NzYwMTEx&t=1710538935809&rnd=833882272&i=1 HTTP 302
https://xml.pushking.net/icon?sid=e1ac16116817dd5db3dbc01a9ce7ebf7&rnd=338760111 HTTP 302
https://g0-g3t-msg.net/icn/znMRqkc0DTIq7HxD_m7t6ZegktGEI6d2wRlucLQenI3rUeV7ECEgDij_ugqVcmYCIPFeE1D05H2PNDKFs1XgMz0c4hlak9IUCHRIYR3tn9OY_bVJZHrpxjdUSWT6yn49ix0FIkxC4koAftlRS8rWSWofbGd0A7rbJV4V9O9xyKsqblpodei1ct2VjlgmmCYkxsFIvZGL2BZpzCi6I5FU28QGucASwHDUjYnIJAbA3BeL93j22L8unNp-K3nhxP2CTMFbGIsDMG3C2L8In2u9pQ_t_bG_0_j1hcO6LeKnKan6OSynWZmZqMByxk_sQ1zjZH_ouP68aqiiInotasV3MQwBaBuE-pF_slFlBST5mDolxjWxZnoVmRkuKQH9-DZsP3Yi-nY610ctj0B1HWzPv_J5Q1sr_4NW571_drydXn3q8jBJwc_rwm1wVQKM8dnWylvtKkEX9tzscTXIHZfxes20I4v-5T2Z7rGjQWc0E_0XIGHzTJzlzg HTTP 301
https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp

Request Chain 5

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGJlNTVjMzc3MDU1YzJiODEyODAxZGM3ZjJmNmVhZWMzJTI2cm5kJTNEMzM4NzYwMTEx&t=1710538935809&rnd=463374643&i=1 HTTP 302
https://xml.pushking.net/icon?sid=be55c377055c2b812801dc7f2f6eaec3&rnd=338760111 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|fNaAtIAV9hbYlIc_OrjyhIUSl770cIFA0eoujtHlif3mMMNmFroZarZNjIQCa3E-Gzte7BsVpsr5SFuVR5YVYtmEWRWqHKhBMRB8xLaKY0g*&cid=1423484&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&rid=e38b6415-e314-11ee-9393-c84bd68370c0&psid=876226&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1ETXZOelF5TVRZMUx6WmpNbU13TlRnNU9ETXdZVEUyT0dRd09USXdObU5tTWpSaE9UQm1ZelppTG1wd1pXYy53ZWJwP3Y9MTcxMDUzODkzNS1OTGMydnNBS3dPQXpVdzZVMjVDLXE2VDdpNEhkVTNPWHhtRzR2dHh4Qk5N HTTP 301
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1710538935-NLc2vsAKwOAzUw6U25C-q6T7i4HdU3OXxmG4vtxxBNM

Request Chain 9

https://xml.cpcmart.com/icon?sid=4609f454ad32b7cc5b8eb566832de198&rnd=50792592 HTTP 302
https://xtssbu.xyz/dsp/ph/icm?aid=1935988140069046471&mid=0&sid=212&t=1710538935&subid=491020 HTTP 302
https://i.wmgtr.com/cic/DKdHTvTMuo6yon7UOqPkSuZT93IR2Y_a.png

Request Chain 11

https://xml.ppctraffic.co/icon?sid=5494b9ac6a5bad2e82cead0be860d678&rnd=598641217 HTTP 302
https://xtssbu.xyz/dsp/ph/icm?aid=5905034581408239377&mid=0&sid=744&t=1710538935&subid=200216 HTTP 302
https://i.wmgtr.com/cic/LVHIJy8zRM6TEkbL0hQSmyYkpKAm-cCR.png

Request Chain 13

https://xml.ppctraffic.co/icon?sid=48a562707d00fe99c9850d830080a341&rnd=598641217 HTTP 302
https://xtssbu.xyz/dsp/ph/icm?aid=4461532776837369500&mid=0&sid=212&t=1710538935&subid=b82ab5ef3ae8846816fd88bf427ed3e1 HTTP 302
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

Request Chain 19

https://patientsale5.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEYWRhYjBlMzQ4MDFmMmU5MmJiYzE2YWVlZTQ4NGZmOTElMjZybmQlM0Q1MDcwNDE2MjU%3D&t=1710538946084&rnd=52623463&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=adab0e34801f2e92bbc16aeee484ff91&rnd=507041625 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|xSvvqCpX7xKJDw62Drd-DGhdXBJz0YnLchN60HL5P87mMMNmFroZarZNjIQCa3E-Gzte7BsVpsr5SFuVR5YVYpeWIh6CA0_fnZpgBkIjNhQ*&cid=1423484&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&rid=e9cd5e63-e314-11ee-bb64-c84bd6836428&psid=1282065&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzEyLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1EVXZOelF5TVRZMUwyRmtPR05tWTJVMlpHSmlPV0kzTjJJMFl6UXdabUV4TUdOalltTXlOemczTG1wd1p3LndlYnA_dj0xNzEwNTM4OTQ1LU45UWs0Z0E1ZEllTDlTNFFvSHAxT3Fhc1ZKdnphaWE2TG5yb25yYjcwMmM= HTTP 301
https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1710538945-N9Qk4gA5dIeL9S4QoHp1OqasVJvzaia6Lnronrb702c

Request Chain 24

https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://shopsalelogs3.xyz/sw_787d53cd-3e32-3c2f-d925-3c4d19ce0d3c_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js Show response
historydj4.xyz/
Redirect Chain

http://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwu2ytrknzi2ywi3owe2ytvizwrmy2q4ymzi...
https://newhote3.xyz/event_5506dcd3-4394-0b81-e7ce-ba4d0c3e48a6_54_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwu2ytrknzi2ywi3owe2ytvizwrmy2q4ymz...
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

8 KB
3 KB

276ms
85ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: ae94c40cceaa26ac9787d3f8f6a8ec48b0a3d34385c2d69b216836d850464b5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 15 Mar 2024 21:42:15 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Fri, 15 Mar 2024 21:42:15 GMT
location: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 372ms
51ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.234 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Mar 2024 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:16:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Mar 2024 21:42:16 GMT

GET
H2

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY...
s-img.mgid.com/g/18013312/328x328/-/
Redirect Chain

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_3813_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDBmMTBkYzAyZmU5OTdlNTk5N2RiODA4NTNkMjczYTkzJTI2c...
https://xml.pushking.net/icon?sid=0f10dc02fe997e5997db80853d273a93&rnd=338760111
https://c.mgid.com/c?pv=2&v=0|0|0|fNaAtIAV9hbYlIc_OrjyhINAvWt9_JEGyziVV1eo-uU1XG_3y4PzJTw3kQNxNLMc8i0IGXHkgJT7gZMuZ5OrxW1fvZts8CJ2nemsQ1-BFfQ*&cid=1581047&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9H...
https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
8 KB

43ms
42ms

Image
image/webp

104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1710538935-UgOtiVzYGfhehuWCAr8xw-ORpzP_suPbqguJygLQuow

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: f7bb7aaf-489b-4967-a438-aef428fddb4d
age: 150754
alt-svc: h3=":443"; ma=86400
content-length: 7784
last-modified: Thu, 14 Mar 2024 03:49:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fac4cca3d17ed-EWR

Redirect headers

date: Fri, 15 Mar 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1a6c2ebe-5a40-4fcd-94e0-b21f5aeb0af8
server: cloudflare
location: https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1710538935-UgOtiVzYGfhehuWCAr8xw-ORpzP_suPbqguJygLQuow
cf-ray: 864fac4c79e517ed-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

192_1_1710502749970.webp
cdn4image.com/creatives/667/761/
Redirect Chain

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_2177_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDU1OWZlZDAwM2Y2OWY4NTQ0OGM2MWJmY2MwODg3OTNmJTI2c...
https://xml.pushking.net/icon?sid=559fed003f69f85448c61bfcc088793f&rnd=338760111
https://g0-g3t-msg.net/icn/uDkJkAqFanMUVWXMvcO7v1JrwEAWt9jReXBljxjgkwlavZzBYKR4ZSUjULdYh4-4c5FV6A6TLKSl6xSbrJe-EBPbnJjfCDqvKIPzkjmf55NiV0kQ5ef_vBprsqQ0BUHeJLWfGzYIWd3R6Z2AYjhqq9AhtVe6GUyy7UEGVRhHma...
https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp

2 KB
2 KB

139ms
139ms

Image
image/webp

157.90.4.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp
Requested by: Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 157.90.4.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn8.1push.io
Software: nginx /
Resource Hash: 056b333dbfaa6c92e4fbc6001399da225c1c1f38c16839f74bd5710fbcb7c9e8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:24 GMT
last-modified: Fri, 15 Mar 2024 12:18:21 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2176
expires: Sat, 16 Mar 2024 21:42:24 GMT

Redirect headers

location: https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp
date: Fri, 15 Mar 2024 21:42:24 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: nginx
content-length: 0

GET
H2

200

192_1_1710502749970.webp
cdn4image.com/creatives/667/761/
Redirect Chain

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_1690_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGUxYWMxNjExNjgxN2RkNWRiM2RiYzAxYTljZTdlYmY3JTI2c...
https://xml.pushking.net/icon?sid=e1ac16116817dd5db3dbc01a9ce7ebf7&rnd=338760111
https://g0-g3t-msg.net/icn/znMRqkc0DTIq7HxD_m7t6ZegktGEI6d2wRlucLQenI3rUeV7ECEgDij_ugqVcmYCIPFeE1D05H2PNDKFs1XgMz0c4hlak9IUCHRIYR3tn9OY_bVJZHrpxjdUSWT6yn49ix0FIkxC4koAftlRS8rWSWofbGd0A7rbJV4V9O9xyK...
https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp

2 KB
2 KB

139ms
138ms

Image
image/webp

157.90.4.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp
Requested by: Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 157.90.4.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn8.1push.io
Software: nginx /
Resource Hash: 056b333dbfaa6c92e4fbc6001399da225c1c1f38c16839f74bd5710fbcb7c9e8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:24 GMT
last-modified: Fri, 15 Mar 2024 12:18:21 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2176
expires: Sat, 16 Mar 2024 21:42:24 GMT

Redirect headers

location: https://cdn4image.com/creatives/667/761/192_1_1710502749970.webp
date: Fri, 15 Mar 2024 21:42:24 GMT
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: nginx
content-length: 0

GET
H2

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwN...
s-img.mgid.com/g/18013315/328x328/-/
Redirect Chain

https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGJlNTVjMzc3MDU1YzJiODEyODAxZGM3ZjJmNmVhZWMzJTI2c...
https://xml.pushking.net/icon?sid=be55c377055c2b812801dc7f2f6eaec3&rnd=338760111
https://c.mgid.com/c?pv=2&v=0|0|0|fNaAtIAV9hbYlIc_OrjyhIUSl770cIFA0eoujtHlif3mMMNmFroZarZNjIQCa3E-Gzte7BsVpsr5SFuVR5YVYtmEWRWqHKhBMRB8xLaKY0g*&cid=1423484&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9H...
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

5 KB
5 KB

50ms
49ms

Image
image/webp

104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1710538935-NLc2vsAKwOAzUw6U25C-q6T7i4HdU3OXxmG4vtxxBNM

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274521d9954dbeea56152c7ef89853d12215b7d8fd118b70fcf06578e44b5e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 3fbba018-aca4-4c2a-a1bb-a8e974113627
age: 194962
alt-svc: h3=":443"; ma=86400
content-length: 4958
last-modified: Fri, 08 Mar 2024 04:33:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fac4cca3b17ed-EWR

Redirect headers

date: Fri, 15 Mar 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0b7e165f-4d35-4269-8a45-0b8644b8bbfa
server: cloudflare
location: https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1710538935-NLc2vsAKwOAzUw6U25C-q6T7i4HdU3OXxmG4vtxxBNM
cf-ray: 864fac4c79e417ed-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1Lzc0MjE2NS9hZDhjZ...
s-img.mgid.com/g/18013312/453x227/-/ 6 KB
7 KB 1137ms
45ms Image
image/webp 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013312/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1Lzc0MjE2NS9hZDhjZmNlNmRiYjliNzdiNGM0MGZhMTBjY2JjMjc4Ny5qcGc.webp?v=1710538935-rbowROzWsd-Yur3N-4_3-PcaVPrd8etx6fO4i1J4BCA

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800db8a499e397c94dd9e1c1f079c7009573cab652be72fcb060f08be9d66a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 49a8dd5d-0bf8-40bf-a6e1-e8ad7df9df91
age: 150747
alt-svc: h3=":443"; ma=86400
content-length: 6424
last-modified: Thu, 14 Mar 2024 03:49:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fac26698217ed-EWR

GET
H2 200 360_1_1710502749970.webp
cdn4image.com/creatives/667/761/ 6 KB
6 KB 1631ms
118ms Image
image/webp 157.90.4.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4image.com/creatives/667/761/360_1_1710502749970.webp
Requested by: Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.4.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn8.1push.io
Software: nginx /
Resource Hash: a75275bde843492c82802fe66ef179d99927fa51f807c1a7b3aca99d4b5bde0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:17 GMT
last-modified: Fri, 15 Mar 2024 12:18:21 GMT
server: nginx
content-type: image/webp
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 6206
expires: Sat, 16 Mar 2024 21:42:17 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzc0MjE2NS82YzJjM...
s-img.mgid.com/g/18013315/453x227/-/ 5 KB
5 KB 1139ms
47ms Image
image/webp 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013315/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzc0MjE2NS82YzJjMDU4OTgzMGExNjhkMDkyMDZjZjI0YTkwZmM2Yi5qcGVn.webp?v=1710538935-46jLqC3Eur1e5gnAvlBHpv4kqkecw6tV7eJsuSxAgk8

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42bb0284b724614d86d789c5dea479d30a53b4f4ae47c50703d5bb396b59b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 44730ad4-955c-4fa8-9643-206ed7b17d11
age: 181238
alt-svc: h3=":443"; ma=86400
content-length: 4804
last-modified: Fri, 08 Dec 2023 00:33:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fac26698317ed-EWR

GET
H2

200

DKdHTvTMuo6yon7UOqPkSuZT93IR2Y_a.png
i.wmgtr.com/cic/
Redirect Chain

https://xml.cpcmart.com/icon?sid=4609f454ad32b7cc5b8eb566832de198&rnd=50792592
https://xtssbu.xyz/dsp/ph/icm?aid=1935988140069046471&mid=0&sid=212&t=1710538935&subid=491020
https://i.wmgtr.com/cic/DKdHTvTMuo6yon7UOqPkSuZT93IR2Y_a.png

18 KB
18 KB

41ms
41ms

Image
image/png

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/DKdHTvTMuo6yon7UOqPkSuZT93IR2Y_a.png

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

db57621f217d93e53bb67435e14efb94acdaa166c52217dc2fd9d2cde06a123d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:42:18 GMT
date: Fri, 15 Mar 2024 21:42:18 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/DKdHTvTMuo6yon7UOqPkSuZT93IR2Y_a.png
date: Fri, 15 Mar 2024 21:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 fl9V747E29lwk0190ma9p_C9PB1P1YdK.png
i.wmgtr.com/cim/ 83 KB
84 KB 672ms
316ms Image
image/png 45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/fl9V747E29lwk0190ma9p_C9PB1P1YdK.png

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

675e8812191638a9edfae4dc94e8b43bfe99fb0d84c29f182413604ec3b2bb0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:42:16 GMT
date: Fri, 15 Mar 2024 21:42:16 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2

200

LVHIJy8zRM6TEkbL0hQSmyYkpKAm-cCR.png
i.wmgtr.com/cic/
Redirect Chain

https://xml.ppctraffic.co/icon?sid=5494b9ac6a5bad2e82cead0be860d678&rnd=598641217
https://xtssbu.xyz/dsp/ph/icm?aid=5905034581408239377&mid=0&sid=744&t=1710538935&subid=200216
https://i.wmgtr.com/cic/LVHIJy8zRM6TEkbL0hQSmyYkpKAm-cCR.png

9 KB
9 KB

42ms
42ms

Image
image/jpeg

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/LVHIJy8zRM6TEkbL0hQSmyYkpKAm-cCR.png

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

68ac6071ad95bf55bfc8e24ba9a1d65dcfd301469d4c998c96c2ec880aec9858

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:42:20 GMT
date: Fri, 15 Mar 2024 21:42:20 GMT
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/LVHIJy8zRM6TEkbL0hQSmyYkpKAm-cCR.png
date: Fri, 15 Mar 2024 21:42:20 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 Vt2oc3M8iLAcgWW_luxxHpan-jDr_Wsr.png
i.wmgtr.com/cim/ 53 KB
53 KB 735ms
379ms Image
image/png 45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/Vt2oc3M8iLAcgWW_luxxHpan-jDr_Wsr.png

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

1ad7b4c91f537e071fd41b6308137698b5db19fa09a309435c7e08a39b7059fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:42:16 GMT
date: Fri, 15 Mar 2024 21:42:16 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2

200

o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
i.wmgtr.com/cic/
Redirect Chain

https://xml.ppctraffic.co/icon?sid=48a562707d00fe99c9850d830080a341&rnd=598641217
https://xtssbu.xyz/dsp/ph/icm?aid=4461532776837369500&mid=0&sid=212&t=1710538935&subid=b82ab5ef3ae8846816fd88bf427ed3e1
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

21 KB
21 KB

40ms
40ms

Image
image/png

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:42:20 GMT
date: Fri, 15 Mar 2024 21:42:20 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
date: Fri, 15 Mar 2024 21:42:20 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
i.wmgtr.com/cim/ 7 KB
7 KB 734ms
378ms Image
image/png 45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png

Requested by

Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

6bd9cd7785446537c145de6313a125d7c728bfd9add3f1628e547ad167cdb558

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://historydj4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 16 Mar 2024 20:42:16 GMT
date: Fri, 15 Mar 2024 21:42:16 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 103ms
30ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://historydj4.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 218986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:52:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 123ms
50ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://historydj4.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 218744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:56:32 GMT

GET
H2 200 event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_0_2000
historydj4.xyz/ 114 B
206 B 88ms
81ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTBmMTBkYzAyZmU5OTdlNTk5N2RiODA4NTNkMjczYTkzLTM4MTMtMC4wMTA2MDklMjIlMkMlMjI1MzQtNTU5ZmVkMDAzZjY5Zjg1NDQ4YzYxYmZjYzA4ODc5M2YtMjE3Ny0wLjAwNTU4NiUyMiUyQyUyMjUzNC1lMWFjMTYxMTY4MTdkZDVkYjNkYmMwMWE5Y2U3ZWJmNy0xNjkwLTAuMDAzNDk4JTIyJTJDJTIyNTM0LWJlNTVjMzc3MDU1YzJiODEyODAxZGM3ZjJmNmVhZWMzLTMyODUtMC4wMDI4MjklMjIlNUQlN0Q%3D&t=1710538935809&rnd=454008687&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: historydj4.xyz
URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:25 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

Primary Request sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js Show response
patientsale5.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

311ms
98ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: historydj4.xyz
URL: https://historydj4.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTBmMTBkYzAyZmU5OTdlNTk5N2RiODA4NTNkMjczYTkzLTM4MTMtMC4wMTA2MDklMjIlMkMlMjI1MzQtNTU5ZmVkMDAzZjY5Zjg1NDQ4YzYxYmZjYzA4ODc5M2YtMjE3Ny0wLjAwNTU4NiUyMiUyQyUyMjUzNC1lMWFjMTYxMTY4MTdkZDVkYjNkYmMwMWE5Y2U3ZWJmNy0xNjkwLTAuMDAzNDk4JTIyJTJDJTIyNTM0LWJlNTVjMzc3MDU1YzJiODEyODAxZGM3ZjJmNmVhZWMzLTMyODUtMC4wMDI4MjklMjIlNUQlN0Q%3D&t=1710538935809&rnd=454008687&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 05ec2e5527afdd7d90157f2a3baf6210318173f8c384bfd7e19535e09b862ae6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 15 Mar 2024 21:42:26 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Fri, 15 Mar 2024 21:42:25 GMT
location: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
854 B 60ms
51ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.234 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://patientsale5.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Mar 2024 21:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:29:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Mar 2024 21:42:26 GMT

GET
H3

200

https://patientsale5.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEYWRhYjBlMzQ4MDFmMmU5MmJiYzE2YWVlZTQ4NGZmOTE...
https://xml.planetpush.net/icon?sid=adab0e34801f2e92bbc16aeee484ff91&rnd=507041625
https://c.mgid.com/c?pv=2&v=0|0|0|xSvvqCpX7xKJDw62Drd-DGhdXBJz0YnLchN60HL5P87mMMNmFroZarZNjIQCa3E-Gzte7BsVpsr5SFuVR5YVYpeWIh6CA0_fnZpgBkIjNhQ*&cid=1423484&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9H...
https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

8 KB
8 KB

50ms
49ms

Image
image/webp

104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://patientsale5.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: f7bb7aaf-489b-4967-a438-aef428fddb4d
age: 150757
alt-svc: h3=":443"; ma=86400
content-length: 7784
last-modified: Thu, 14 Mar 2024 03:49:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fac5f4f7a8cca-EWR

Redirect headers

date: Fri, 15 Mar 2024 21:42:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: e1176426-ef0e-4185-841e-42e54f5600bf
server: cloudflare
location: https://s-img.mgid.com/g/18013312/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDUvNzQyMTY1L2FkOGNmY2U2ZGJiOWI3N2I0YzQwZmExMGNjYmMyNzg3LmpwZw.webp?v=1710538945-N9Qk4gA5dIeL9S4QoHp1OqasVJvzaia6Lnronrb702c
cf-ray: 864fac5edf048cca-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA1Lzc0MjE2NS9hZDhjZ...
s-img.mgid.com/g/18013312/453x227/-/ 6 KB
7 KB 51ms
50ms Image
image/webp 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800db8a499e397c94dd9e1c1f079c7009573cab652be72fcb060f08be9d66a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://patientsale5.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 49a8dd5d-0bf8-40bf-a6e1-e8ad7df9df91
age: 150756
alt-svc: h3=":443"; ma=86400
content-length: 6424
last-modified: Thu, 14 Mar 2024 03:49:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 864fac5d9dc98cca-EWR

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 35ms
30ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://patientsale5.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 218996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:52:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
39ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://patientsale5.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 218754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:56:32 GMT

GET
H2 200 event_21d0ea53-479b-76e8-6829-9430d47b93ea_102_0_3001
patientsale5.xyz/ 114 B
206 B 100ms
100ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://patientsale5.xyz/event_21d0ea53-479b-76e8-6829-9430d47b93ea_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtYWRhYjBlMzQ4MDFmMmU5MmJiYzE2YWVlZTQ4NGZmOTEtMzI4Ni0wLjAwMjgyOSUyMiU1RCU3RA%3D%3D&t=1710538946084&rnd=219920331&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: patientsale5.xyz
URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 21:42:27 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET

sw_787d53cd-3e32-3c2f-d925-3c4d19ce0d3c_101_0_3000.js
shopsalelogs3.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://shopsalelogs3.xyz/sw_787d53cd-3e32-3c2f-d925-3c4d19ce0d3c_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shopsalelogs3.xyz
URL: https://shopsalelogs3.xyz/sw_787d53cd-3e32-3c2f-d925-3c4d19ce0d3c_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mgid.com/	1970-01-20 19:09:00	Name: __cf_bm Value: jwkqSREtYr463VkDb7qTeypLPaB1cB_AqCoJ5H4RVog-1710538937-1.0.1.1-Qr6gYxy0w2Jd.YSZshEK9xb0RqJVHEGMzgkoHncI9PmiS2TdaS30dMwITCsJfZ.Lhmw.1ARkmZ6FxAPPaKdLYA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://historydj4.xyz/sw_d05af5f4-6deb-34dc-9820-95de4d10353a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://patientsale5.xyz/sw_80084c47-91c5-11a6-a817-b231277507d7_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
cdn4image.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
g0-g3t-msg.net
historydj4.xyz
i.wmgtr.com
newhote3.xyz
patientsale5.xyz
s-img.mgid.com
shopsalelogs3.xyz
xml.cpcmart.com
xml.planetpush.net
xml.ppctraffic.co
xml.pushking.net
xtssbu.xyz
shopsalelogs3.xyz
104.19.133.76
142.250.72.99
142.251.40.234
157.90.33.74
157.90.4.17
173.214.240.15
185.162.87.205
199.182.164.180
45.133.44.32
056b333dbfaa6c92e4fbc6001399da225c1c1f38c16839f74bd5710fbcb7c9e8
05ec2e5527afdd7d90157f2a3baf6210318173f8c384bfd7e19535e09b862ae6
1ad7b4c91f537e071fd41b6308137698b5db19fa09a309435c7e08a39b7059fa
274521d9954dbeea56152c7ef89853d12215b7d8fd118b70fcf06578e44b5e20
5719328f774ad8ca16dd35d0f7c97aec6e204912eebac668fade12430e40d4e9
675e8812191638a9edfae4dc94e8b43bfe99fb0d84c29f182413604ec3b2bb0f
68ac6071ad95bf55bfc8e24ba9a1d65dcfd301469d4c998c96c2ec880aec9858
6bd9cd7785446537c145de6313a125d7c728bfd9add3f1628e547ad167cdb558
800db8a499e397c94dd9e1c1f079c7009573cab652be72fcb060f08be9d66a9b
a75275bde843492c82802fe66ef179d99927fa51f807c1a7b3aca99d4b5bde0c
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
ae94c40cceaa26ac9787d3f8f6a8ec48b0a3d34385c2d69b216836d850464b5b
b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c
d42bb0284b724614d86d789c5dea479d30a53b4f4ae47c50703d5bb396b59b4b
db57621f217d93e53bb67435e14efb94acdaa166c52217dc2fd9d2cde06a123d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

patientsale5.xyz Open in urlscan Pro 173.214.240.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

65 %HTTPS

0 %IPv6

16 Domains

17 Subdomains

7 IPs

4 Countries

312 kBTransfer

326 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

patientsale5.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

65 %
HTTPS

0 %
IPv6

16
Domains

17
Subdomains

7
IPs

4
Countries

312 kB
Transfer

326 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions