urlscan.io logo urlscan.io
SecurityTrails logo

newssage4.xyz Open in urlscan Pro
173.214.240.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzx...
Effective URL: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNB...
Submission: On May 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 13 domains to perform 21 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is newssage4.xyz.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time newssage4.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 11 173.214.240.15 15317 (SERVEREL-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 199.182.164.180 15317 (SERVEREL-AS)
2 2 2a00:1d26:877... 49544 (I3DNET)
2 2 88.214.195.153 46636 (NATCOWEB)
2 5.9.105.245 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 2a02:b4a:1:8:... ()
3 45.133.44.32 39572 (ADVANCEDH...)
1 1 2a00:1d26:c77... 49544 (I3DNET)
1 88.214.195.156 ()
21 7
11    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
autoler5.xyz
freetrckr.com
thejornal3.xyz
newssage4.xyz
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.rexsrv.com
xml.ppctraffic.co
xml.cpcmart.com
2    2a00:1d26:8771::12 (Atlanta, United States)

ASN49544 (I3DNET, NL)
us.skated.co
2    88.214.195.153 (United Kingdom)

ASN46636 (NATCOWEB, US)
track.trackingtraffo.com
2    5.9.105.245 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.105.9.5.clients.your-server.de
ads.trackingtraffo.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:b4a:1:8::5651:1 (None, )

ASN- ()
niaget.xyz
3    45.133.44.32 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
i.wmgtr.com
1    2a00:1d26:c771::11 (Newark, United States)

ASN49544 (I3DNET, NL)
us.skated.co
1    88.214.195.156 (None, )

ASN- ()
track.trackingtraffo.com
Apex Domain
Subdomains		 Transfer
5 trackingtraffo.com
track.trackingtraffo.com — Cisco Umbrella Rank: 183521
ads.trackingtraffo.com — Cisco Umbrella Rank: 223674
184 KB
5 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 729711
1 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 thejornal3.xyz
thejornal3.xyz
3 KB
3 wmgtr.com
i.wmgtr.com — Cisco Umbrella Rank: 28706
28 KB
3 skated.co
us.skated.co — Cisco Umbrella Rank: 47119
2 KB
2 niaget.xyz
niaget.xyz
275 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 cpcmart.com
xml.cpcmart.com — Cisco Umbrella Rank: 871706
123 B
1 ppctraffic.co
xml.ppctraffic.co — Cisco Umbrella Rank: 802650
123 B
1 newssage4.xyz
newssage4.xyz
4 KB
1 rexsrv.com
xml.rexsrv.com — Cisco Umbrella Rank: 87402
656 B
1 autoler5.xyz
autoler5.xyz
120 B
21 13
Domain Requested by
5 freetrckr.com 5 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 thejornal3.xyz 1 redirects thejornal3.xyz
3 i.wmgtr.com newssage4.xyz
3 track.trackingtraffo.com 2 redirects newssage4.xyz
3 us.skated.co 3 redirects
2 niaget.xyz 2 redirects
2 ads.trackingtraffo.com thejornal3.xyz
newssage4.xyz
2 fonts.googleapis.com thejornal3.xyz
newssage4.xyz
1 xml.cpcmart.com 1 redirects
1 xml.ppctraffic.co 1 redirects
1 newssage4.xyz thejornal3.xyz
1 xml.rexsrv.com 1 redirects
1 autoler5.xyz 1 redirects
21 14

This site contains no links.

Subject Issuer Validity Valid
freshnewsnow3.xyz
R3		 2024-03-15 -
2024-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
wordbazar4.xyz
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
i.wmgtr.com
R3		 2024-04-20 -
2024-07-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: 7DC936FB80229745750748B406BB798E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

  1. http://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymi... HTTP 307
    https://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJT... Page URL
  2. https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

52 %
HTTPS

45 %
IPv6

13
Domains

14
Subdomains

7
IPs

3
Countries

284 kB
Transfer

320 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzxrwdxnolm5ldcuymiuyqyuymnulmjilm0elnuilmji4odytndzhzwy3nmnlmdbmzmm0zwvkzdbmyznizjhlnwflmdqtmzuyni0wljaymjc0niuymiu1rcu3ra%3d%3d&t=1715196721853&rnd=934808760&js=1...~311~...4btltx2fsbf9zayuymiu3ra==&if=1 HTTP 307
    https://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzxrwdxnolm5ldcuymiuyqyuymnulmjilm0elnuilmji4odytndzhzwy3nmnlmdbmzmm0zwvkzdbmyznizjhlnwflmdqtmzuyni0wljaymjc0niuymiu1rcu3ra%3d%3d&t=1715196721853&rnd=934808760&js=1...~311~...4btltx2fsbf9zayuymiu3ra==&if=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzxrwdxnolm5ldcuymiuyqyuymnulmjilm0elnuilmji4odytndzhzwy3nmnlmdbmzmm0zwvkzdbmyznizjhlnwflmdqtmzuyni0wljaymjc0niuymiu1rcu3ra%3d%3d&t=1715196721853&rnd=934808760&js=1...~311~...4btltx2fsbf9zayuymiu3ra==&if=1 HTTP 307
  • https://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzxrwdxnolm5ldcuymiuyqyuymnulmjilm0elnuilmji4odytndzhzwy3nmnlmdbmzmm0zwvkzdbmyznizjhlnwflmdqtmzuyni0wljaymjc0niuymiu1rcu3ra%3d%3d&t=1715196721853&rnd=934808760&js=1...~311~...4btltx2fsbf9zayuymiu3ra==&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://thejornal3.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_70_2525_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RiYjIzNjEzZmYyZjg3MjI5ODZmMzZkNTM1MTc5YjViMSUyNnJuZCUzRDE4NTM2MjkwMA%3D%3D&t=1715287879760&rnd=634125270&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=bb23613ff2f8722986f36d535179b5b1&rnd=185362900 HTTP 302
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287878902-7-7533-1338968-a9b6ebf5-81d4-f64e-f651-19fa0b0ae448&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3D2ShTSYKt25CRat28pJR2_6zZaCTM4ilrN2-cid4dRNGuyqnEZ_bE6HHptjX1q1etesCakhksLqJzDNnol1XmO4x32iNXibAv8n7ijaf4Lmr6CJKw0RLVpfB2Lwbos3RNo-WQVimJ47swwXuCIY3A4NuYaP4K9xh_Wm78wVdBvAOSYUyfzSU6pUyzFkmVijbtHcaBYEuTKATyWomsgHwPXrWb6jeuSTcZ-MBegYcgsSZFwwas0VfzzQ82re_GDauYM12Wen9AruBl-FyNY6mBxGHElh2-jtnpnyiN5Y6yAeKljAb6ECwcDsTigcmZF6w1Gq5hJx6-MhnqH-5Pk_O9CEu-7JG9iRF2XEuFmbjdkGs0Es-F_-niu_1gev6AT2_wfpG4P47q50orLd7g-bRzyXo91Mthx7d9YKgO_aH_FtKNbg_RTphXseFQ0rAXZ9AItZqlvkdoGi6lsosLiPRyyqbNwpSpTSV0RH3r_1Nxz7NAfqsfGN06MW1l9pZe4eag-1EYovcSb1lZnbBAlOX0XvsO9GC-RaWbocAWEJm6n4GdNi3sPo-BpQ HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=2ShTSYKt25CRat28pJR2_6zZaCTM4ilrN2-cid4dRNGuyqnEZ_bE6HHptjX1q1etesCakhksLqJzDNnol1XmO4x32iNXibAv8n7ijaf4Lmr6CJKw0RLVpfB2Lwbos3RNo-WQVimJ47swwXuCIY3A4NuYaP4K9xh_Wm78wVdBvAOSYUyfzSU6pUyzFkmVijbtHcaBYEuTKATyWomsgHwPXrWb6jeuSTcZ-MBegYcgsSZFwwas0VfzzQ82re_GDauYM12Wen9AruBl-FyNY6mBxGHElh2-jtnpnyiN5Y6yAeKljAb6ECwcDsTigcmZF6w1Gq5hJx6-MhnqH-5Pk_O9CEu-7JG9iRF2XEuFmbjdkGs0Es-F_-niu_1gev6AT2_wfpG4P47q50orLd7g-bRzyXo91Mthx7d9YKgO_aH_FtKNbg_RTphXseFQ0rAXZ9AItZqlvkdoGi6lsosLiPRyyqbNwpSpTSV0RH3r_1Nxz7NAfqsfGN06MW1l9pZe4eag-1EYovcSb1lZnbBAlOX0XvsO9GC-RaWbocAWEJm6n4GdNi3sPo-BpQ HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938934-yDUTwpotH86c.jpg
Request Chain 3
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287878902-7-7533-1338968-a9b6ebf5-81d4-f64e-f651-19fa0b0ae448&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3D9riZp4g9gGioU2Y0-7yTPhx0nDZl9kuhj44hnhH0AC2arROEEtb5TLx7mMnr3-Pgn3Xl7FUgtHw3D3uM1tw20Zy2VDtrcF01QBcN9Y2c3lQjhkIHjUuSN5mlgPWpIT3KcMJQaTaTk5zGbyEA5ZW9M3LmznkBp4F0jKmSPZvm7Utip-JygoP_9S4PcA2nG4-TgvKiIF1kjRIP2GRIEFBWiJauYgjRAR0w3xSXrWJk28VvjBa6IrskrLPKOn-tSbj3gfterlbgld-cWaz0NYYaqm8sunMJZSjCd80j2eywYANl1yE4ubO_DemrTmbI5suh8HGztRCe6WzsOeOfISUNEeV9CIYOwfdKt9HT71mU3s3HiVwgAsIvUnSAfwcSQFyx_31QsGYUnEpApY3AII_bfP8Mb01rZb3sOR0fAwKaDjdTZbEAdJyM76IbvkOpFEWhuOFFZ3J2s0jRY5hzGRaekTOlHOvutLnqbFvXwy8A8pBqneZBuUox46mv5U_kY6_MQQ596Mw8fpDW3ZjgrUtpRou1HnR-iDWHZrF4kYLs2CpPhpWQxSil-g HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=9riZp4g9gGioU2Y0-7yTPhx0nDZl9kuhj44hnhH0AC2arROEEtb5TLx7mMnr3-Pgn3Xl7FUgtHw3D3uM1tw20Zy2VDtrcF01QBcN9Y2c3lQjhkIHjUuSN5mlgPWpIT3KcMJQaTaTk5zGbyEA5ZW9M3LmznkBp4F0jKmSPZvm7Utip-JygoP_9S4PcA2nG4-TgvKiIF1kjRIP2GRIEFBWiJauYgjRAR0w3xSXrWJk28VvjBa6IrskrLPKOn-tSbj3gfterlbgld-cWaz0NYYaqm8sunMJZSjCd80j2eywYANl1yE4ubO_DemrTmbI5suh8HGztRCe6WzsOeOfISUNEeV9CIYOwfdKt9HT71mU3s3HiVwgAsIvUnSAfwcSQFyx_31QsGYUnEpApY3AII_bfP8Mb01rZb3sOR0fAwKaDjdTZbEAdJyM76IbvkOpFEWhuOFFZ3J2s0jRY5hzGRaekTOlHOvutLnqbFvXwy8A8pBqneZBuUox46mv5U_kY6_MQQ596Mw8fpDW3ZjgrUtpRou1HnR-iDWHZrF4kYLs2CpPhpWQxSil-g HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938940-eRjehpgApOt2.jpg
Request Chain 9
  • https://newssage4.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_101_2673_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDE1NWNmY2M1ZTZhMjFjMWVjNDA0ZDAwNTU1MjcxYjZlJTI2cm5kJTNENjI1NjUzNzc3&t=1715287883670&rnd=423610230&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=155cfcc5e6a21c1ec404d00555271b6e&rnd=625653777 HTTP 302
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287882932-7-9241-1338968-57b7425b-14df-bacf-46e5-56b1c30cbe50&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3DGnV5M8X4gIQWfQufaReDZv2H-a__UaDQUHlwaWUTmtOkrv4sCyaGAQa3AC7VVkMbrE4Zasl6qB0KjLAnQjjOyqBLVfhVmmZu8YScapL23cek_4ePMPmv8f6N4cPtOVVFRy_9uQqujVdUV5_VYNtQSlbGiqhPBcpcezVKqsWs0wyL_8l1Sm1K2AtNpCFk623D0TRoxt1P_G2XAHSPi2A6btcupPPUy44voReJRx36XEME2sOBQOnVD9MztSOS1CfiX_OmqyGuf5MdBz7kGFrIRadriMghVy8g1X0NtUQo-ZFCWTjbrfM7QfKPpMkxzKe3wx2r5ukk4LozahjQB1jaQBUr6xjwnCV0r3t07T06PCuo0tegKDBGFFAXwh_qBFMblSbgzIHsdKtvdZ-pwPCtmAT0cguix0BLyiEoe43xo-uMBecbxSv6DBJAlj6rjFwM7LYROpYDRtijzR_b9QJBgMtDF2j0GI_O4KA0z-ExUPabCDtFgQ2tcMzWGAEekkrhihDlRXQWgYUeBS2DY-t6vvSYxT1Aw7UxbNA6QNAAC2z1IVwzLkCrzA HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=GnV5M8X4gIQWfQufaReDZv2H-a__UaDQUHlwaWUTmtOkrv4sCyaGAQa3AC7VVkMbrE4Zasl6qB0KjLAnQjjOyqBLVfhVmmZu8YScapL23cek_4ePMPmv8f6N4cPtOVVFRy_9uQqujVdUV5_VYNtQSlbGiqhPBcpcezVKqsWs0wyL_8l1Sm1K2AtNpCFk623D0TRoxt1P_G2XAHSPi2A6btcupPPUy44voReJRx36XEME2sOBQOnVD9MztSOS1CfiX_OmqyGuf5MdBz7kGFrIRadriMghVy8g1X0NtUQo-ZFCWTjbrfM7QfKPpMkxzKe3wx2r5ukk4LozahjQB1jaQBUr6xjwnCV0r3t07T06PCuo0tegKDBGFFAXwh_qBFMblSbgzIHsdKtvdZ-pwPCtmAT0cguix0BLyiEoe43xo-uMBecbxSv6DBJAlj6rjFwM7LYROpYDRtijzR_b9QJBgMtDF2j0GI_O4KA0z-ExUPabCDtFgQ2tcMzWGAEekkrhihDlRXQWgYUeBS2DY-t6vvSYxT1Aw7UxbNA6QNAAC2z1IVwzLkCrzA
Request Chain 10
  • https://historyweekly4.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_6_1516_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0Q3YzA3ZmY2NjU0M2U0MTA0MjNiMzNlMDM2OTk4OGFjNyUyNnJuZCUzRDU2OTA1NTE0OA%3D%3D&t=1715287883670&rnd=672603045&i=1 HTTP 302
  • https://xml.ppctraffic.co/icon?sid=7c07ff66543e410423b33e0369988ac7&rnd=569055148 HTTP 302
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287882932-7-7420-1338968-32b4a82d-17fa-98cf-9822-3b88e17c0deb&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3DazB5dhl8ZSOR4P4PnQi0B2zzu1rWgd7jVv9BdrYwDo5FuM2l7s9hHSm0lhK4MPJJG9VMvbz_38zByetc2jXowEDYipjcEhAKosUVIs8Dpd15tOCXBUpDGGzfyj0jqaSoEYiwl3pCjL8pg0w09iHrsanWBM0o5P3T3Kh5r1SRmjwAaot0u_Kh_C5bQrvEdsTNkEH39L_c4gJTFm5SPQqxxdYtVcDeo8yWcny_FgUneQ2SV3LJEARRZNZhMRZT_tRM8o0GEYkpOOMupjWJMaCeXz63MxQq8C3TlHIdiz24dgJAgS0VYyL2DpVxyrLIM7c7yDw0CnzgS-IkB7Q1ci-U82PeFhzSNKoF6GAIUDsCMbiRaF-qK2MjDetlvPACQXyuCiqvDakFhf9LePRYGL0dhueRH32AQYeMjXCNHiP_ontzLckICfHN1OC7aueT91xF4WeSeCPi-Q5YNx_1bDZ2RCGTrmw89ZTWWUlP0aUcbRyEOaGG0V8C0ip_PDPkM9TK03OURbMOzn0Az0DvZn1yGNv3fOs9OudhJGmfbI9pduXJTqL9HOY9ZA HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=azB5dhl8ZSOR4P4PnQi0B2zzu1rWgd7jVv9BdrYwDo5FuM2l7s9hHSm0lhK4MPJJG9VMvbz_38zByetc2jXowEDYipjcEhAKosUVIs8Dpd15tOCXBUpDGGzfyj0jqaSoEYiwl3pCjL8pg0w09iHrsanWBM0o5P3T3Kh5r1SRmjwAaot0u_Kh_C5bQrvEdsTNkEH39L_c4gJTFm5SPQqxxdYtVcDeo8yWcny_FgUneQ2SV3LJEARRZNZhMRZT_tRM8o0GEYkpOOMupjWJMaCeXz63MxQq8C3TlHIdiz24dgJAgS0VYyL2DpVxyrLIM7c7yDw0CnzgS-IkB7Q1ci-U82PeFhzSNKoF6GAIUDsCMbiRaF-qK2MjDetlvPACQXyuCiqvDakFhf9LePRYGL0dhueRH32AQYeMjXCNHiP_ontzLckICfHN1OC7aueT91xF4WeSeCPi-Q5YNx_1bDZ2RCGTrmw89ZTWWUlP0aUcbRyEOaGG0V8C0ip_PDPkM9TK03OURbMOzn0Az0DvZn1yGNv3fOs9OudhJGmfbI9pduXJTqL9HOY9ZA
Request Chain 11
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287882932-7-9241-1338968-57b7425b-14df-bacf-46e5-56b1c30cbe50&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3DmyO1xkr5VU8X7U7V5Mk_GCNuLCI3UTSN3yZXicoBl_qFSvdY1Et83gF81QQPc0hL2ZnDfbd1qHaLBiRQEUC-pI-i7RHEg4JaEK2ye_t8uE7GtRlWe1swNnGAjmXc4k9B2gdOOzhPaSnv9BdMIJX39fuSRr2qo6-1KzwllHtBd4aABvmqMEHYEnobTwWhOnG-iic6WTJEHM_TJEGAzoeeEj46yiKHrikmNCPyENfaNrDwvhXEwNYBzxN-oqPjmqUhgf7jYYuoWUyd6fIoO0pY6S2USFSlz6gKFvdeTkeOyRsKJuPPtsGYBVRdge9agiBZ28kIc51L0ILy5vVnSlwFD509C_bKW8k5zdSNj2M0CKZVAvMw0dpgmKQ11TU5SSxEBn86bappH2l-kf-8bDkRDci7sAmN2LvXGgtQai4ZJfrD14AO1mJMWZ0UCd5KgIWP6JMSmVkNrUHjMF3jxxwK3kFJgYptI4YDuaIsA43lv0lHk1aRZfd4Ag4inbI8HFJNAZ4bzF_BB1Uxfee_VmQQYzVD2Gozs1AlWpVURkwxCuf4IvxjxdFUEA HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=myO1xkr5VU8X7U7V5Mk_GCNuLCI3UTSN3yZXicoBl_qFSvdY1Et83gF81QQPc0hL2ZnDfbd1qHaLBiRQEUC-pI-i7RHEg4JaEK2ye_t8uE7GtRlWe1swNnGAjmXc4k9B2gdOOzhPaSnv9BdMIJX39fuSRr2qo6-1KzwllHtBd4aABvmqMEHYEnobTwWhOnG-iic6WTJEHM_TJEGAzoeeEj46yiKHrikmNCPyENfaNrDwvhXEwNYBzxN-oqPjmqUhgf7jYYuoWUyd6fIoO0pY6S2USFSlz6gKFvdeTkeOyRsKJuPPtsGYBVRdge9agiBZ28kIc51L0ILy5vVnSlwFD509C_bKW8k5zdSNj2M0CKZVAvMw0dpgmKQ11TU5SSxEBn86bappH2l-kf-8bDkRDci7sAmN2LvXGgtQai4ZJfrD14AO1mJMWZ0UCd5KgIWP6JMSmVkNrUHjMF3jxxwK3kFJgYptI4YDuaIsA43lv0lHk1aRZfd4Ag4inbI8HFJNAZ4bzF_BB1Uxfee_VmQQYzVD2Gozs1AlWpVURkwxCuf4IvxjxdFUEA HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1692604581249-5AWifwPx6Rtf.jpg
Request Chain 12
  • https://xml.ppctraffic.co/icon?sid=669acb91cb2e0b526ae318cdcb9a2f73&rnd=569055148 HTTP 302
  • https://niaget.xyz/dsp/ph/icm?aid=17847805123504787248&mid=0&sid=212&t=1715287882&subid=601543 HTTP 302
  • https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
Request Chain 14
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287882932-7-7420-1338968-32b4a82d-17fa-98cf-9822-3b88e17c0deb&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3D1Htzra5hV2wJDWdLgMZ-3-h4kEjVOk8c4TomZ_0CJh03Himgiqmekti4TVS5onkduumIyLQCOZI0MfhBDpf1YZRvqOAfSfD2S0irRNVsKdznPKghO45oGYOk0i2N2oMG6BptB7ozeVcxa4-3aemgVzW6I7SkmU4uQDVVel6nLwYA0Y6bERnZi6s_mLvB3e3l5cQ6PpwuNzQss63TvWn3zhOb6QdMwgxX7RIWvS14tN4y1xHpUFPdPgdK342oz6sz7u0uwRMsmP-xKzvKMLmL1VrDNjiBTO5fiVbx6lxXdXfaOKhWysxJXBRROYlnx6juOXXpNiezpFHktUF_lJfVLQP3AeXWFq2wcKs5Qjc1UUUvT-qFrjQJk9BYYWcamGFU-uQbOphCixTUUh6C54Ry_wRLJyCThf-IMv1WoN7Rae-YzUezI31YVlRHshmy1fr-lAK5aDYLBLZaipXSEricpUsjQo8qHlJhB4Z_CDPloMkqaAci9JJOhQD2-qL75xDyhifhJCXEVbJVQodHBdbNfyN0Y4nIIG0t1JiHr2VEKJOmI5FM_Qj3jg HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=1Htzra5hV2wJDWdLgMZ-3-h4kEjVOk8c4TomZ_0CJh03Himgiqmekti4TVS5onkduumIyLQCOZI0MfhBDpf1YZRvqOAfSfD2S0irRNVsKdznPKghO45oGYOk0i2N2oMG6BptB7ozeVcxa4-3aemgVzW6I7SkmU4uQDVVel6nLwYA0Y6bERnZi6s_mLvB3e3l5cQ6PpwuNzQss63TvWn3zhOb6QdMwgxX7RIWvS14tN4y1xHpUFPdPgdK342oz6sz7u0uwRMsmP-xKzvKMLmL1VrDNjiBTO5fiVbx6lxXdXfaOKhWysxJXBRROYlnx6juOXXpNiezpFHktUF_lJfVLQP3AeXWFq2wcKs5Qjc1UUUvT-qFrjQJk9BYYWcamGFU-uQbOphCixTUUh6C54Ry_wRLJyCThf-IMv1WoN7Rae-YzUezI31YVlRHshmy1fr-lAK5aDYLBLZaipXSEricpUsjQo8qHlJhB4Z_CDPloMkqaAci9JJOhQD2-qL75xDyhifhJCXEVbJVQodHBdbNfyN0Y4nIIG0t1JiHr2VEKJOmI5FM_Qj3jg HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1692604581249-5AWifwPx6Rtf.jpg
Request Chain 15
  • https://xml.cpcmart.com/icon?sid=88fd052bef8f88fb091f41dd144cfcba&rnd=760608321 HTTP 302
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287882932-7-8883-1338968-f2c1902c-6c44-9f45-bac2-9597b474b5fb&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3DcGJ7JvAcvE9RYVWNiAB-xB-PB2kfqKCDdwH7ZYpBJSmzBjPBqxuw82RF2Y01-KQENyvZaZY3hyK_cGXiZ81K6hNs50IZasHkpfuma0KkU0z_0ITTie4c48vhwpRh4wX9seDM2tmVjsYBox_fGOd9fk9AplVwlDFtdRBv5GgJfbCmcO2Y_t4NcsmKxs8DNEN8yLaXpDBx72SzAV9imW9YgLU53J3qyVbMDs7eO9n9_YraJHIvVZzNMJQ5AAr3-spob0UQMeTwr9lcPSFWrCjc1QH5QgPsil3aERvrQADFNJBZtPbpd3zHcTVdhNrEypYt9ATPJqjdb44947T3XOzxpVc_DW_S07A4O9YUlGN56Z-c7lZsoazGILJSnsGDJ7zfVCZVnfv6Pk1fLUYXZeB4OXmPNrnUWT1J7C7oaZ2Ex5SGLMDjO-vrvWxMgFdHyUUR1x6cWAsTaoQ4y5gICnz2PlOEaR6eNmejLjz7ZMW0zl8I3XlSIs1O-QclUjjSLC598DH0sSBFXS917ud5fWNv2b6shaxS1Xp-MOH1oSWMYDN9wMZjV8F-hg HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=cGJ7JvAcvE9RYVWNiAB-xB-PB2kfqKCDdwH7ZYpBJSmzBjPBqxuw82RF2Y01-KQENyvZaZY3hyK_cGXiZ81K6hNs50IZasHkpfuma0KkU0z_0ITTie4c48vhwpRh4wX9seDM2tmVjsYBox_fGOd9fk9AplVwlDFtdRBv5GgJfbCmcO2Y_t4NcsmKxs8DNEN8yLaXpDBx72SzAV9imW9YgLU53J3qyVbMDs7eO9n9_YraJHIvVZzNMJQ5AAr3-spob0UQMeTwr9lcPSFWrCjc1QH5QgPsil3aERvrQADFNJBZtPbpd3zHcTVdhNrEypYt9ATPJqjdb44947T3XOzxpVc_DW_S07A4O9YUlGN56Z-c7lZsoazGILJSnsGDJ7zfVCZVnfv6Pk1fLUYXZeB4OXmPNrnUWT1J7C7oaZ2Ex5SGLMDjO-vrvWxMgFdHyUUR1x6cWAsTaoQ4y5gICnz2PlOEaR6eNmejLjz7ZMW0zl8I3XlSIs1O-QclUjjSLC598DH0sSBFXS917ud5fWNv2b6shaxS1Xp-MOH1oSWMYDN9wMZjV8F-hg
Request Chain 16
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287882932-7-8883-1338968-f2c1902c-6c44-9f45-bac2-9597b474b5fb&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3DMdVJhzJi0z55yV_XGzN0t9EZHHiiad4ETecdRh2v8irAzwgfwzU7zPiKuG3kBb32jqVQzMmoqBWTfuVTzOaAQ2n1ZFwyFciDhLz9hlaDGGpy1FPKAwIFuHugiPhKH0bvJyYf4TzsKiEadDlRp1ozuh1xuVAsODZUsryA6bTnZ8QCy5g7cAP2keWy4-SJDVbB9OFirIiSey5dGKvxWr22U5LHZbWthBHmByYSw_FDNpn0GxX50HuGQADs5ynBBgvhdv74NZ3WtGaeJoMImEKJfDUDVALZcTsi6YfBiaRdz-zqnDPeU84l_ByVKO0QZeFv6a3P_DxmazJW4jpK1hNvl16GEtJuvxplNZez24TPY4O1OY50CK5DRckImXtBMfF0jBXbhlvGfEl982rz0f3WsWo1p6Unm2XGH8VVRJlGOtDKFyLVECW7eE6vewa44R0g9HQL0K4ojb7F1qGjDztymr3io7rkEY9Ad-2F5gN7Qywnl-f4ynbRmkKlpyQEfNeK_qY8oiXdGUjFbMZ9NpaYq7FMzoF0aCZfd0mv_7Ode5Z1DmlmBfAQUg HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=MdVJhzJi0z55yV_XGzN0t9EZHHiiad4ETecdRh2v8irAzwgfwzU7zPiKuG3kBb32jqVQzMmoqBWTfuVTzOaAQ2n1ZFwyFciDhLz9hlaDGGpy1FPKAwIFuHugiPhKH0bvJyYf4TzsKiEadDlRp1ozuh1xuVAsODZUsryA6bTnZ8QCy5g7cAP2keWy4-SJDVbB9OFirIiSey5dGKvxWr22U5LHZbWthBHmByYSw_FDNpn0GxX50HuGQADs5ynBBgvhdv74NZ3WtGaeJoMImEKJfDUDVALZcTsi6YfBiaRdz-zqnDPeU84l_ByVKO0QZeFv6a3P_DxmazJW4jpK1hNvl16GEtJuvxplNZez24TPY4O1OY50CK5DRckImXtBMfF0jBXbhlvGfEl982rz0f3WsWo1p6Unm2XGH8VVRJlGOtDKFyLVECW7eE6vewa44R0g9HQL0K4ojb7F1qGjDztymr3io7rkEY9Ad-2F5gN7Qywnl-f4ynbRmkKlpyQEfNeK_qY8oiXdGUjFbMZ9NpaYq7FMzoF0aCZfd0mv_7Ode5Z1DmlmBfAQUg
Request Chain 17
  • https://xml.cpcmart.com/icon?sid=8f0357d3ceba3db77efee53a11fbc8da&rnd=760608321 HTTP 302
  • https://niaget.xyz/dsp/ph/icm?aid=12043058685354000704&mid=0&sid=212&t=1715287883&subid=498428 HTTP 302
  • https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
thejornal3.xyz/
Redirect Chain
  • http://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzxrwdxnolm5ldcuymiuyqyuymnulmjilm0elnuilmji4odytndzhzwy3nmnlmdbmzmm0zwvkzdbmyznizjh...
  • https://autoler5.xyz/event_fd929e6b-fe1b-fa6a-8143-9f53848fbf96_102_0_3001?payload=jtdcjtiyacuymiuzqsuymnhtbc5wbgfuzxrwdxnolm5ldcuymiuyqyuymnulmjilm0elnuilmji4odytndzhzwy3nmnlmdbmzmm0zwvkzdbmyznizj...
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
fada687256462396b480e140e95d8deb4dc1cb0d8f4734c0c3815bb6661ca3ce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 09 May 2024 20:51:19 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Thu, 09 May 2024 20:51:19 GMT
location
https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thejornal3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 20:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 19:14:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 20:51:19 GMT
1689851938934-yDUTwpotH86c.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://thejornal3.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_70_2525_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RiYjIzNjEzZmYyZjg3MjI5ODZmMzZkNTM1MTc5YjViMSUyNnJuZC...
  • https://xml.rexsrv.com/icon?sid=bb23613ff2f8722986f36d535179b5b1&rnd=185362900
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287878902-7-7533-1338968-a9b6ebf5-81d4-f64e-f651-19fa0b0ae448&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=2ShTSYKt25CRat28pJR2_6zZaCTM4ilrN2-cid4dRNGuyqnEZ_bE6HHptjX1q1etesCakhksLqJzDNnol1XmO4x32iNXibAv8n7ijaf4Lmr6CJKw0RLVpfB2Lwbos3RNo-WQVimJ47sww...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938934-yDUTwpotH86c.jpg
58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938934-yDUTwpotH86c.jpg
Requested by
Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cb0f60399151481204cae22e0929ea0a092915947f76fa3f36710546c56f9dd4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thejornal3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Thu, 09 May 2024 20:51:21 GMT
Last-Modified
Thu, 20 Jul 2023 11:18:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64b91822-e93a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59706

Redirect headers

Pragma
no-cache
Date
Thu, 09 May 2024 20:51:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938934-yDUTwpotH86c.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
1689851938940-eRjehpgApOt2.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287878902-7-7533-1338968-a9b6ebf5-81d4-f64e-f651-19fa0b0ae448&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=9riZp4g9gGioU2Y0-7yTPhx0nDZl9kuhj44hnhH0AC2arROEEtb5TLx7mMnr3-Pgn3Xl7FUgtHw3D3uM1tw20Zy2VDtrcF01QBcN9Y2c3lQjhkIHjUuSN5mlgPWpIT3KcMJQaTaTk5zGb...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938940-eRjehpgApOt2.jpg
124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938940-eRjehpgApOt2.jpg
Requested by
Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6cf564d6ecb33781246130f8440dcbacde97e81af94044b37b0a4ca6d42dc7e1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thejornal3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Thu, 09 May 2024 20:51:20 GMT
Last-Modified
Thu, 20 Jul 2023 11:18:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64b91822-1f120"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127264

Redirect headers

Pragma
no-cache
Date
Thu, 09 May 2024 20:51:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1689851938940-eRjehpgApOt2.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thejornal3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:40:06 GMT
x-content-type-options
nosniff
age
177074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 19:40:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thejornal3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:46:35 GMT
x-content-type-options
nosniff
age
219885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:46:35 GMT
favicon.ico
thejornal3.xyz/ 		13 B
258 B 		Other
General
Check archive.org
Download Go to
Full URL
https://thejornal3.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
pragma
no-cache
date
Thu, 09 May 2024 20:51:21 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
event_0fa183f7-7ea2-5733-2386-3709fbce1fba_70_0_2998
thejornal3.xyz/ 		114 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thejornal3.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtYmIyMzYxM2ZmMmY4NzIyOTg2ZjM2ZDUzNTE3OWI1YjEtMjUyNS0wLjAyMjQyNyUyMiU1RCU3RA%3D%3D&t=1715287879760&rnd=885162762&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: thejornal3.xyz
URL: https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
4c885c661bcd011dde2225ebffa7996cb9427ca8df0f09b133c780501425daf6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thejornal3.xyz/?sid=67bad0b9622a383687683c7b8d4b8d9f_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 20:51:22 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js
newssage4.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: thejornal3.xyz
URL: https://thejornal3.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtYmIyMzYxM2ZmMmY4NzIyOTg2ZjM2ZDUzNTE3OWI1YjEtMjUyNS0wLjAyMjQyNyUyMiU1RCU3RA%3D%3D&t=1715287879760&rnd=885162762&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
663ed7521fbd3121cafc85b9f8aa5eb0354f4434d12158ad1692cc496cb217d8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thejornal3.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"124.0.6367.118"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 09 May 2024 20:51:23 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Thu, 09 May 2024 20:51:23 GMT
location
https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: newssage4.xyz
URL: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://newssage4.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 20:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 18:52:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 20:51:23 GMT
ic
track.trackingtraffo.com/push/
Redirect Chain
  • https://newssage4.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_101_2673_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDE1NWNmY2M1ZTZhMjFjMWVjNDA0ZDAwNTU1MjcxYjZlJTI2cm...
  • https://xml.pushking.net/icon?sid=155cfcc5e6a21c1ec404d00555271b6e&rnd=625653777
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287882932-7-9241-1338968-57b7425b-14df-bacf-46e5-56b1c30cbe50&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=GnV5M8X4gIQWfQufaReDZv2H-a__UaDQUHlwaWUTmtOkrv4sCyaGAQa3AC7VVkMbrE4Zasl6qB0KjLAnQjjOyqBLVfhVmmZu8YScapL23cek_4ePMPmv8f6N4cPtOVVFRy_9uQqujVdUV...
0
0
ic
track.trackingtraffo.com/push/
Redirect Chain
  • https://historyweekly4.xyz/event_0fa183f7-7ea2-5733-2386-3709fbce1fba_6_1516_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHBjdHJhZmZpYy5jbyUyRmljb24lM0ZzaWQlM0Q3YzA3ZmY2NjU0M2U0MTA0MjNiMzNlMDM2OTk4OGFjNyU...
  • https://xml.ppctraffic.co/icon?sid=7c07ff66543e410423b33e0369988ac7&rnd=569055148
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287882932-7-7420-1338968-32b4a82d-17fa-98cf-9822-3b88e17c0deb&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=azB5dhl8ZSOR4P4PnQi0B2zzu1rWgd7jVv9BdrYwDo5FuM2l7s9hHSm0lhK4MPJJG9VMvbz_38zByetc2jXowEDYipjcEhAKosUVIs8Dpd15tOCXBUpDGGzfyj0jqaSoEYiwl3pCjL8pg...
0
0
1692604581249-5AWifwPx6Rtf.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287882932-7-9241-1338968-57b7425b-14df-bacf-46e5-56b1c30cbe50&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=myO1xkr5VU8X7U7V5Mk_GCNuLCI3UTSN3yZXicoBl_qFSvdY1Et83gF81QQPc0hL2ZnDfbd1qHaLBiRQEUC-pI-i7RHEg4JaEK2ye_t8uE7GtRlWe1swNnGAjmXc4k9B2gdOOzhPaSnv9...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1692604581249-5AWifwPx6Rtf.jpg
0
0
o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
i.wmgtr.com/cic/
Redirect Chain
  • https://xml.ppctraffic.co/icon?sid=669acb91cb2e0b526ae318cdcb9a2f73&rnd=569055148
  • https://niaget.xyz/dsp/ph/icm?aid=17847805123504787248&mid=0&sid=212&t=1715287882&subid=601543
  • https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
Requested by
Host: newssage4.xyz
URL: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Server
45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newssage4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

expires
Fri, 10 May 2024 19:51:24 GMT
date
Thu, 09 May 2024 20:51:24 GMT
content-encoding
gzip
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT

Redirect headers

location
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
date
Thu, 09 May 2024 20:51:24 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
i.wmgtr.com/cim/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cim/4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
Requested by
Host: newssage4.xyz
URL: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
6bd9cd7785446537c145de6313a125d7c728bfd9add3f1628e547ad167cdb558
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://newssage4.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 10 May 2024 19:51:24 GMT
date
Thu, 09 May 2024 20:51:24 GMT
content-encoding
gzip
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT
1692604581249-5AWifwPx6Rtf.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287882932-7-7420-1338968-32b4a82d-17fa-98cf-9822-3b88e17c0deb&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=1Htzra5hV2wJDWdLgMZ-3-h4kEjVOk8c4TomZ_0CJh03Himgiqmekti4TVS5onkduumIyLQCOZI0MfhBDpf1YZRvqOAfSfD2S0irRNVsKdznPKghO45oGYOk0i2N2oMG6BptB7ozeVcxa...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1692604581249-5AWifwPx6Rtf.jpg
0
0
ic
track.trackingtraffo.com/push/
Redirect Chain
  • https://xml.cpcmart.com/icon?sid=88fd052bef8f88fb091f41dd144cfcba&rnd=760608321
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715287882932-7-8883-1338968-f2c1902c-6c44-9f45-bac2-9597b474b5fb&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=cGJ7JvAcvE9RYVWNiAB-xB-PB2kfqKCDdwH7ZYpBJSmzBjPBqxuw82RF2Y01-KQENyvZaZY3hyK_cGXiZ81K6hNs50IZasHkpfuma0KkU0z_0ITTie4c48vhwpRh4wX9seDM2tmVjsYBo...
0
0
im
track.trackingtraffo.com/push/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715287882932-7-8883-1338968-f2c1902c-6c44-9f45-bac2-9597b474b5fb&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=MdVJhzJi0z55yV_XGzN0t9EZHHiiad4ETecdRh2v8irAzwgfwzU7zPiKuG3kBb32jqVQzMmoqBWTfuVTzOaAQ2n1ZFwyFciDhLz9hlaDGGpy1FPKAwIFuHugiPhKH0bvJyYf4TzsKiEad...
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=MdVJhzJi0z55yV_XGzN0t9EZHHiiad4ETecdRh2v8irAzwgfwzU7zPiKuG3kBb32jqVQzMmoqBWTfuVTzOaAQ2n1ZFwyFciDhLz9hlaDGGpy1FPKAwIFuHugiPhKH0bvJyYf4TzsKiEadDlRp1ozuh1xuVAsODZUsryA6bTnZ8QCy5g7cAP2keWy4-SJDVbB9OFirIiSey5dGKvxWr22U5LHZbWthBHmByYSw_FDNpn0GxX50HuGQADs5ynBBgvhdv74NZ3WtGaeJoMImEKJfDUDVALZcTsi6YfBiaRdz-zqnDPeU84l_ByVKO0QZeFv6a3P_DxmazJW4jpK1hNvl16GEtJuvxplNZez24TPY4O1OY50CK5DRckImXtBMfF0jBXbhlvGfEl982rz0f3WsWo1p6Unm2XGH8VVRJlGOtDKFyLVECW7eE6vewa44R0g9HQL0K4ojb7F1qGjDztymr3io7rkEY9Ad-2F5gN7Qywnl-f4ynbRmkKlpyQEfNeK_qY8oiXdGUjFbMZ9NpaYq7FMzoF0aCZfd0mv_7Ode5Z1DmlmBfAQUg
Requested by
Host: newssage4.xyz
URL: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
88.214.195.156 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newssage4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 09 May 2024 20:51:24 GMT
Server
nginx/1.18.0 (Ubuntu)

Redirect headers

location
https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=MdVJhzJi0z55yV_XGzN0t9EZHHiiad4ETecdRh2v8irAzwgfwzU7zPiKuG3kBb32jqVQzMmoqBWTfuVTzOaAQ2n1ZFwyFciDhLz9hlaDGGpy1FPKAwIFuHugiPhKH0bvJyYf4TzsKiEadDlRp1ozuh1xuVAsODZUsryA6bTnZ8QCy5g7cAP2keWy4-SJDVbB9OFirIiSey5dGKvxWr22U5LHZbWthBHmByYSw_FDNpn0GxX50HuGQADs5ynBBgvhdv74NZ3WtGaeJoMImEKJfDUDVALZcTsi6YfBiaRdz-zqnDPeU84l_ByVKO0QZeFv6a3P_DxmazJW4jpK1hNvl16GEtJuvxplNZez24TPY4O1OY50CK5DRckImXtBMfF0jBXbhlvGfEl982rz0f3WsWo1p6Unm2XGH8VVRJlGOtDKFyLVECW7eE6vewa44R0g9HQL0K4ojb7F1qGjDztymr3io7rkEY9Ad-2F5gN7Qywnl-f4ynbRmkKlpyQEfNeK_qY8oiXdGUjFbMZ9NpaYq7FMzoF0aCZfd0mv_7Ode5Z1DmlmBfAQUg
date
Thu, 09 May 2024 20:51:24 GMT
server
openresty/1.21.4.1
content-length
0
o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
i.wmgtr.com/cic/
Redirect Chain
  • https://xml.cpcmart.com/icon?sid=8f0357d3ceba3db77efee53a11fbc8da&rnd=760608321
  • https://niaget.xyz/dsp/ph/icm?aid=12043058685354000704&mid=0&sid=212&t=1715287883&subid=498428
  • https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
Requested by
Host: newssage4.xyz
URL: https://newssage4.xyz/sw_c32d84b4-ee48-2b95-6153-3b7ebcace1a8_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Server
45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
b42b0f659f2f8919dd8f2454164894c640aba98cfd4e81367815bdec226ae21c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newssage4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

expires
Fri, 10 May 2024 19:51:24 GMT
date
Thu, 09 May 2024 20:51:24 GMT
content-encoding
gzip
server
nginx/1.19.0
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=82800
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT

Redirect headers

location
https://i.wmgtr.com/cic/o3I8cL6SJapQCB3EMZCRH_G6ZwxYTN9A.png
date
Thu, 09 May 2024 20:51:24 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://newssage4.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:40:06 GMT
x-content-type-options
nosniff
age
177078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 19:40:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://newssage4.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:46:35 GMT
x-content-type-options
nosniff
age
219889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:46:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.trackingtraffo.com
URL
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=GnV5M8X4gIQWfQufaReDZv2H-a__UaDQUHlwaWUTmtOkrv4sCyaGAQa3AC7VVkMbrE4Zasl6qB0KjLAnQjjOyqBLVfhVmmZu8YScapL23cek_4ePMPmv8f6N4cPtOVVFRy_9uQqujVdUV5_VYNtQSlbGiqhPBcpcezVKqsWs0wyL_8l1Sm1K2AtNpCFk623D0TRoxt1P_G2XAHSPi2A6btcupPPUy44voReJRx36XEME2sOBQOnVD9MztSOS1CfiX_OmqyGuf5MdBz7kGFrIRadriMghVy8g1X0NtUQo-ZFCWTjbrfM7QfKPpMkxzKe3wx2r5ukk4LozahjQB1jaQBUr6xjwnCV0r3t07T06PCuo0tegKDBGFFAXwh_qBFMblSbgzIHsdKtvdZ-pwPCtmAT0cguix0BLyiEoe43xo-uMBecbxSv6DBJAlj6rjFwM7LYROpYDRtijzR_b9QJBgMtDF2j0GI_O4KA0z-ExUPabCDtFgQ2tcMzWGAEekkrhihDlRXQWgYUeBS2DY-t6vvSYxT1Aw7UxbNA6QNAAC2z1IVwzLkCrzA
Domain
track.trackingtraffo.com
URL
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=azB5dhl8ZSOR4P4PnQi0B2zzu1rWgd7jVv9BdrYwDo5FuM2l7s9hHSm0lhK4MPJJG9VMvbz_38zByetc2jXowEDYipjcEhAKosUVIs8Dpd15tOCXBUpDGGzfyj0jqaSoEYiwl3pCjL8pg0w09iHrsanWBM0o5P3T3Kh5r1SRmjwAaot0u_Kh_C5bQrvEdsTNkEH39L_c4gJTFm5SPQqxxdYtVcDeo8yWcny_FgUneQ2SV3LJEARRZNZhMRZT_tRM8o0GEYkpOOMupjWJMaCeXz63MxQq8C3TlHIdiz24dgJAgS0VYyL2DpVxyrLIM7c7yDw0CnzgS-IkB7Q1ci-U82PeFhzSNKoF6GAIUDsCMbiRaF-qK2MjDetlvPACQXyuCiqvDakFhf9LePRYGL0dhueRH32AQYeMjXCNHiP_ontzLckICfHN1OC7aueT91xF4WeSeCPi-Q5YNx_1bDZ2RCGTrmw89ZTWWUlP0aUcbRyEOaGG0V8C0ip_PDPkM9TK03OURbMOzn0Az0DvZn1yGNv3fOs9OudhJGmfbI9pduXJTqL9HOY9ZA
Domain
ads.trackingtraffo.com
URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1692604581249-5AWifwPx6Rtf.jpg
Domain
ads.trackingtraffo.com
URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1692604581249-5AWifwPx6Rtf.jpg
Domain
track.trackingtraffo.com
URL
https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=cGJ7JvAcvE9RYVWNiAB-xB-PB2kfqKCDdwH7ZYpBJSmzBjPBqxuw82RF2Y01-KQENyvZaZY3hyK_cGXiZ81K6hNs50IZasHkpfuma0KkU0z_0ITTie4c48vhwpRh4wX9seDM2tmVjsYBox_fGOd9fk9AplVwlDFtdRBv5GgJfbCmcO2Y_t4NcsmKxs8DNEN8yLaXpDBx72SzAV9imW9YgLU53J3qyVbMDs7eO9n9_YraJHIvVZzNMJQ5AAr3-spob0UQMeTwr9lcPSFWrCjc1QH5QgPsil3aERvrQADFNJBZtPbpd3zHcTVdhNrEypYt9ATPJqjdb44947T3XOzxpVc_DW_S07A4O9YUlGN56Z-c7lZsoazGILJSnsGDJ7zfVCZVnfv6Pk1fLUYXZeB4OXmPNrnUWT1J7C7oaZ2Ex5SGLMDjO-vrvWxMgFdHyUUR1x6cWAsTaoQ4y5gICnz2PlOEaR6eNmejLjz7ZMW0zl8I3XlSIs1O-QclUjjSLC598DH0sSBFXS917ud5fWNv2b6shaxS1Xp-MOH1oSWMYDN9wMZjV8F-hg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

1 Cookies

Domain/Path Name / Value
thejornal3.xyz/ Name: sid
Value: t311m5kp1euh6hm50m37ldi4k4

1 Console Messages

Source Level URL
Text
network error URL: https://thejornal3.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()