urlscan.io logo urlscan.io
SecurityTrails logo

clck.mgid.com Open in urlscan Pro
2606:4700:1::6813:854c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL: https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4y...
Submission: On January 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 10 domains to perform 16 HTTP transactions. The main IP is 2606:4700:1::6813:854c, located in and belongs to . The main domain is clck.mgid.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 11th 2023. Valid for: a year.
This is the only time clck.mgid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
game-shop2.xyz
freetrckr.com
bussuper4.xyz
smoothmicro4.xyz
2    2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.pushking.net
7    2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
s-img.adskeeper.com
clck.adskeeper.com
4    2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:1::6813:854c (None, )

ASN- ()
clck.mgid.com
1    2606:4700:3031::6815:4592 (None, )

ASN- ()
zestradar.com
Apex Domain
Subdomains		 Transfer
7 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 25277
s-img.adskeeper.com — Cisco Umbrella Rank: 27058
clck.adskeeper.com
52 KB
6 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 588504
2 KB
4 gstatic.com
fonts.gstatic.com
62 KB
3 smoothmicro4.xyz
smoothmicro4.xyz
3 KB
3 pushking.net
xml.pushking.net — Cisco Umbrella Rank: 67024
2 KB
3 bussuper4.xyz
bussuper4.xyz
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
2 game-shop2.xyz
game-shop2.xyz
607 B
1 zestradar.com
zestradar.com
1 mgid.com
clck.mgid.com
2 KB
16 10
Domain Requested by
6 freetrckr.com 6 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 s-img.adskeeper.com bussuper4.xyz
smoothmicro4.xyz
3 smoothmicro4.xyz 1 redirects bussuper4.xyz
smoothmicro4.xyz
3 xml.pushking.net 3 redirects
3 bussuper4.xyz 1 redirects bussuper4.xyz
2 c.adskeeper.com 2 redirects
2 fonts.googleapis.com bussuper4.xyz
smoothmicro4.xyz
2 game-shop2.xyz 2 redirects
1 zestradar.com clck.mgid.com
1 clck.mgid.com smoothmicro4.xyz
1 clck.adskeeper.com 1 redirects
16 12

This site contains no links.

Subject Issuer Validity Valid
bussuper4.xyz
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-26 -
2024-04-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
wordbazar4.xyz
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
zestradar.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://zestradar.com/curiosities/miss-nepal-receives-backlash-for-being-in-miss-universe-2023-responds-they-dont-even-know-my-story/?utm_medium=&utm_source=zestradar.com_push&utm_campaign=zestradar.com_push&utm_term=57911008s37096&utm_content=18309537&adclid=6e92ebded11c90b5b55bf8abbfd37f52
Frame ID: 5D6D09B1520B6A34262613FB3EBB14F1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

  1. http://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymi... HTTP 301
    https://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
  2. https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
  3. https://xml.pushking.net/click?s=1&tid=534&sid=13151fe4c378b5a227e91e2daea6735f&rnd=755383310 HTTP 302
    https://clck.adskeeper.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxW... HTTP 301
    https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

88 %
HTTPS

71 %
IPv6

10
Domains

12
Subdomains

6
IPs

1
Countries

121 kB
Transfer

136 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltjlzjrkmtdlmtcznzzjodk2ote4yzc3zjrmmtu5mdq1lte2otatmc4wmdazmzglmjilmkmlmji1mzqtzduynznkmwqxmdrky2q5mjnlzmjmntlmmjq3z...~311~...wnjm5m19hbgxfc2slmjiln0q=&if=1 HTTP 301
    https://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltjlzjrkmtdlmtcznzzjodk2ote4yzc3zjrmmtu5mdq1lte2otatmc4wmdazmzglmjilmkmlmji1mzqtzduynznkmwqxmdrky2q5mjnlzmjmntlmmjq3z...~311~...wnjm5m19hbgxfc2slmjiln0q=&if=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  3. https://xml.pushking.net/click?s=1&tid=534&sid=13151fe4c378b5a227e91e2daea6735f&rnd=755383310 HTTP 302
    https://clck.adskeeper.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw**&rid=570f4915-bfb9-11ee-a522-c84bd6826564&tt=Direct&att=3&pubsrcid=871757&cpm=1&ct=1&st=-300&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&euid=9a6726b390bc7a07b254eef25828978e HTTP 301
    https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw%2A%2A&rid=570f4915-bfb9-11ee-a522-c84bd6826564&tt=Direct&att=3&pubsrcid=871757&cpm=1&ct=1&st=-300&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&euid=9a6726b390bc7a07b254eef25828978e&rdrct=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltjlzjrkmtdlmtcznzzjodk2ote4yzc3zjrmmtu5mdq1lte2otatmc4wmdazmzglmjilmkmlmji1mzqtzduynznkmwqxmdrky2q5mjnlzmjmntlmmjq3z...~311~...wnjm5m19hbgxfc2slmjiln0q=&if=1 HTTP 301
  • https://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltjlzjrkmtdlmtcznzzjodk2ote4yzc3zjrmmtu5mdq1lte2otatmc4wmdazmzglmjilmkmlmji1mzqtzduynznkmwqxmdrky2q5mjnlzmjmntlmmjq3z...~311~...wnjm5m19hbgxfc2slmjiln0q=&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://bussuper4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_3795_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDExYTNiYjkwZDZkZjY2Y2UwOTgzNTE4OTRhZDcxMWRmJTI2cm5kJTNENjExOTc3Mzc4&t=1706651322380&rnd=160399665&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=11a3bb90d6df66ce098351894ad711df&rnd=611977378 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|vUN7yyhbB64KLI1LW8gV4QgoZs7uYp5QmajhLbzppm8apzG4yTMj29Og3w-pLpFfhEK27FWqAQOyvfm8b3zc1Q**&cid=1579638&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&rid=557c5d33-bfb9-11ee-8a84-c84bd6836428&psid=871765&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvMTA1NDYxMTUvMzI4eDMyOC8tL2FIUjBjRG92TDJOc0xtbHRaMmh2YzNSekxtTnZiUzlwYldkb0wybHRZV2RsTDJabGRHTm9MMkZ5WHpFNk1TeGpYMlpwYkd3c1pWOXphR0Z5Y0dWdU9qRXdNQ3htWDJwd1p5eG5YMlpoWTJWek9tRjFkRzhzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qRXRNRGt2TXpFd01UUXhMelE1WWpFM1lXTTBOMlV6WVRrd01UZzFOalkyTVRWaU1USmtNemxpTURCbUxtcHdaV2Mud2VicD92PTE3MDY2NTEzMjEtVGw3dE9mV0UxQ0stWWdCY21ZWWtMa3Q2aEZyNWNKZkNYbGJIZk5SWjh3WQ== HTTP 301
  • https://s-img.adskeeper.com/g/10546115/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMzEwMTQxLzQ5YjE3YWM0N2UzYTkwMTg1NjY2MTViMTJkMzliMDBmLmpwZWc.webp?v=1706651321-Tl7tOfWE1CK-YgBcmYYkLkt6hFr5cJfCXlbHfNRZ8wY
Request Chain 7
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 9
  • https://smoothmicro4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_3795_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDEzMTUxZmU0YzM3OGI1YTIyN2U5MWUyZGFlYTY3MzVmJTI2cm5kJTNEOTAwNjY3NTU3&t=1706651324939&rnd=329896876&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=13151fe4c378b5a227e91e2daea6735f&rnd=900667557 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw**&cid=1579638&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&rid=570f4915-bfb9-11ee-a522-c84bd6826564&psid=871757&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvMTgzMDk1MzcvMzI4eDMyOC8tL2FIUjBjRG92TDJOc0xtbHRaMmh2YzNSekxtTnZiUzlwYldkb0wybHRZV2RsTDJabGRHTm9MMkZ5WHpFNk1TeGpYMlpwYkd3c1pWOXphR0Z5Y0dWdU9qRXdNQ3htWDJwd1p5eG5YM2g1WDJObGJuUmxjaXh4WDJGMWRHODZaMjl2WkN4M1h6azJNQ3g0WHpNM01TeDVYekkzTkM5b2RIUndPaTh2YVcxbmFHOXpkSE11WTI5dEwzUXZNakF5TkMwd01TOHpNVEF4TkRFdk1tSmhPR0prTmpJeU1tUm1ZV1JqTURNMk5tUmtOMkUwTWprNFl6STNPV0V1Y0c1bi53ZWJwP3Y9MTcwNjY1MTMyNC1XV05Ea2Q0dDVfajRMUGpoR3h1ZDljM25YNVpWOWJBT1JzenlJTTFXZlZN HTTP 301
  • https://s-img.adskeeper.com/g/18309537/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3MSx5XzI3NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS8zMTAxNDEvMmJhOGJkNjIyMmRmYWRjMDM2NmRkN2E0Mjk4YzI3OWEucG5n.webp?v=1706651324-WWNDkd4t5_j4LPjhGxud9c3nX5ZV9bAORszyIM1WfVM

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js
bussuper4.xyz/
Redirect Chain
  • http://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltjlzjrkmtdlmtcznzzjodk2ote4yzc3zjrmm...
  • https://game-shop2.xyz/event_7e077af2-d969-1e4a-b14a-3e7503918b58_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltjlzjrkmtdlmtcznzzjodk2ote4yzc3zjrm...
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
6f8fe3e474e5329795613ceefa7c9a5f000fdda569d8d85a0a7f706c3a3cde08

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 30 Jan 2024 21:48:42 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 30 Jan 2024 21:48:42 GMT
location
https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: bussuper4.xyz
URL: https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bussuper4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 21:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 19:53:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 21:48:42 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMzEwMTQxLzQ5YjE3YWM0N2UzYTkwMTg1N...
s-img.adskeeper.com/g/10546115/328x328/-/
Redirect Chain
  • https://bussuper4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_3795_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDExYTNiYjkwZDZkZjY2Y2UwOTgzNTE4OTRhZDcxMWRmJTI2cm...
  • https://xml.pushking.net/icon?sid=11a3bb90d6df66ce098351894ad711df&rnd=611977378
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|vUN7yyhbB64KLI1LW8gV4QgoZs7uYp5QmajhLbzppm8apzG4yTMj29Og3w-pLpFfhEK27FWqAQOyvfm8b3zc1Q**&cid=1579638&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2h...
  • https://s-img.adskeeper.com/g/10546115/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNv...
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10546115/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMzEwMTQxLzQ5YjE3YWM0N2UzYTkwMTg1NjY2MTViMTJkMzliMDBmLmpwZWc.webp?v=1706651321-Tl7tOfWE1CK-YgBcmYYkLkt6hFr5cJfCXlbHfNRZ8wY
Requested by
Host: bussuper4.xyz
URL: https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d91adfa760ee017e55397a6255f39c9a23184a56bc697ef3c29f4c79b19248

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bussuper4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:42 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Dec 2021 09:10:51 GMT
x-mg-request-uuid
c4d8a0d6-ae61-4578-b0ba-a5b6d1b6cb7a
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
84dcebb019bc4bc0-BUF
content-length
15336
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 30 Jan 2024 21:48:42 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
fc567d12-dfab-47b8-964b-fd137d8eea33
server
cloudflare
location
https://s-img.adskeeper.com/g/10546115/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMzEwMTQxLzQ5YjE3YWM0N2UzYTkwMTg1NjY2MTViMTJkMzliMDBmLmpwZWc.webp?v=1706651321-Tl7tOfWE1CK-YgBcmYYkLkt6hFr5cJfCXlbHfNRZ8wY
cf-ray
84dcebafb9aa4bc0-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzMxMDE0MS80OWIxN2FjNDdlM2E5MDE4N...
s-img.adskeeper.com/g/10546115/453x227/-/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10546115/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzMxMDE0MS80OWIxN2FjNDdlM2E5MDE4NTY2NjE1YjEyZDM5YjAwZi5qcGVn.webp?v=1706651321-zsVV9mPQogqM0c1KSK4SH5kU88ZfEAHcnnfPaotyM0s
Requested by
Host: bussuper4.xyz
URL: https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5efcf387188e4002690a2fa092e8aa49a1b44a525bfb4b6a071719f67f586ad9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bussuper4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:42 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:38:32 GMT
x-mg-request-uuid
1d9dab9b-90ac-4044-8e79-8e6a3d17a2cf
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
84dcebadd91c4bc0-BUF
content-length
17958
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bussuper4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:43 GMT
x-content-type-options
nosniff
age
402659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:57:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bussuper4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:03:44 GMT
x-content-type-options
nosniff
age
402298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:03:44 GMT
event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_0_2000
bussuper4.xyz/ 		114 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bussuper4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTExYTNiYjkwZDZkZjY2Y2UwOTgzNTE4OTRhZDcxMWRmLTM3OTUtMC4wMDAzNjclMjIlNUQlN0Q%3D&t=1706651322380&rnd=499818736&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: bussuper4.xyz
URL: https://bussuper4.xyz/sw_fc4ba095-e3fa-c69b-7996-bae227ad14fc_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:44 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js
smoothmicro4.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: bussuper4.xyz
URL: https://bussuper4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTExYTNiYjkwZDZkZjY2Y2UwOTgzNTE4OTRhZDcxMWRmLTM3OTUtMC4wMDAzNjclMjIlNUQlN0Q%3D&t=1706651322380&rnd=499818736&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
782fb65f4e7cb9deba572540a0d89f7287b8bcfa58e5828ea298d82a82b49cc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 30 Jan 2024 21:48:44 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 30 Jan 2024 21:48:44 GMT
location
https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: smoothmicro4.xyz
URL: https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smoothmicro4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 21:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 21:48:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 21:48:45 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3MSx5XzI3NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS8zM...
s-img.adskeeper.com/g/18309537/328x328/-/
Redirect Chain
  • https://smoothmicro4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_3795_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDEzMTUxZmU0YzM3OGI1YTIyN2U5MWUyZGFlYTY3MzVmJTI...
  • https://xml.pushking.net/icon?sid=13151fe4c378b5a227e91e2daea6735f&rnd=900667557
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw**&cid=1579638&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2h...
  • https://s-img.adskeeper.com/g/18309537/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3MSx5...
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/18309537/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3MSx5XzI3NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS8zMTAxNDEvMmJhOGJkNjIyMmRmYWRjMDM2NmRkN2E0Mjk4YzI3OWEucG5n.webp?v=1706651324-WWNDkd4t5_j4LPjhGxud9c3nX5ZV9bAORszyIM1WfVM
Requested by
Host: smoothmicro4.xyz
URL: https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0c85f762b27b17919f361924697f7f6085f18bc2281907802d13790ea84185c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smoothmicro4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:45 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Jan 2024 11:49:09 GMT
x-mg-request-uuid
97ce27f7-e51d-43b1-97bf-ae6ccc579466
server
cloudflare
age
16726
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
84dcebbe998c6aee-BUF
content-length
8888
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 30 Jan 2024 21:48:45 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
f48bda25-768f-4cea-ae88-18e276048625
server
cloudflare
location
https://s-img.adskeeper.com/g/18309537/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzM3MSx5XzI3NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS8zMTAxNDEvMmJhOGJkNjIyMmRmYWRjMDM2NmRkN2E0Mjk4YzI3OWEucG5n.webp?v=1706651324-WWNDkd4t5_j4LPjhGxud9c3nX5ZV9bAORszyIM1WfVM
cf-ray
84dcebbe496a6aee-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzEseV8yNzQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDEvM...
s-img.adskeeper.com/g/18309537/453x227/-/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/18309537/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzEseV8yNzQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDEvMzEwMTQxLzJiYThiZDYyMjJkZmFkYzAzNjZkZDdhNDI5OGMyNzlhLnBuZw.webp?v=1706651324-jEfb3qUtJhqbfuo-GGCqxILMD8opVCF0M7f6A2M7bac
Requested by
Host: smoothmicro4.xyz
URL: https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c62413b0e7756be8ef9639831d2dca4d69ea41b872e698db8442b0cf01b70b69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://smoothmicro4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:45 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Jan 2024 11:49:08 GMT
x-mg-request-uuid
e28b5acc-6922-4615-9d90-04ed94331d58
server
cloudflare
age
16726
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
84dcebbd39296aee-BUF
content-length
7946
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://smoothmicro4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:57:43 GMT
x-content-type-options
nosniff
age
402662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:57:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://smoothmicro4.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:03:44 GMT
x-content-type-options
nosniff
age
402301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:03:44 GMT
event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_0_3000
smoothmicro4.xyz/ 		117 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smoothmicro4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTEzMTUxZmU0YzM3OGI1YTIyN2U5MWUyZGFlYTY3MzVmLTM3OTUtMC4wMDAzNjclMjIlNUQlN0Q%3D&t=1706651324939&rnd=384580167&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: smoothmicro4.xyz
URL: https://smoothmicro4.xyz/sw_5f096d06-e9e1-1d72-a405-ab8d4f7cd90f_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:46 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request 1
clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/
Redirect Chain
  • https://xml.pushking.net/click?s=1&tid=534&sid=13151fe4c378b5a227e91e2daea6735f&rnd=755383310
  • https://clck.adskeeper.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw**&rid=570f4915-bfb9-11ee-a522-c84bd6...
  • https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw%2A%2A&rid=570f4915-bfb9-11ee-a522-c84bd68...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw%2A%2A&rid=570f4915-bfb9-11ee-a522-c84bd6826564&tt=Direct&att=3&pubsrcid=871757&cpm=1&ct=1&st=-300&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&euid=9a6726b390bc7a07b254eef25828978e&rdrct=1
Requested by
Host: smoothmicro4.xyz
URL: https://smoothmicro4.xyz/event_f47cc481-105e-b027-eaab-66c4ebd5e893_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTEzMTUxZmU0YzM3OGI1YTIyN2U5MWUyZGFlYTY3MzVmLTM3OTUtMC4wMDAzNjclMjIlNUQlN0Q%3D&t=1706651324939&rnd=384580167&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854c -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84dcebcb7c694bd3-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 21:48:47 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-mg-click-uuid
e38e0b94-600a-a7ed-5821-41e05b8e5b18
x-robots-tag
noindex

Redirect headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84dcebc98bda4bc0-BUF
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 21:48:47 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw%2A%2A&rid=570f4915-bfb9-11ee-a522-c84bd6826564&tt=Direct&att=3&pubsrcid=871757&cpm=1&ct=1&st=-300&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&euid=9a6726b390bc7a07b254eef25828978e&rdrct=1
server
cloudflare
x-robots-tag
noindex
/
zestradar.com/curiosities/miss-nepal-receives-backlash-for-being-in-miss-universe-2023-responds-they-dont-even-know-my-story/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zestradar.com/curiosities/miss-nepal-receives-backlash-for-being-in-miss-universe-2023-responds-they-dont-even-know-my-story/?utm_medium=&utm_source=zestradar.com_push&utm_campaign=zestradar.com_push&utm_term=57911008s37096&utm_content=18309537&adclid=6e92ebded11c90b5b55bf8abbfd37f52
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18309537/i/57911008/2/src/37096/pp/1/1?h=TVURVP9wclri3V3SpwAIYp-BQAtxWil3JO6cit0Mi9IapzG4yTMj29Og3w-pLpFfGqpLN6fVxRNXGbu5Zc_CKw%2A%2A&rid=570f4915-bfb9-11ee-a522-c84bd6826564&tt=Direct&att=3&pubsrcid=871757&cpm=1&ct=1&st=-300&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&euid=9a6726b390bc7a07b254eef25828978e&rdrct=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4592 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://clck.mgid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84dcebcd58314bd5-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 21:48:47 GMT
link
<https://zestradar.com/wp-json/>; rel="https://api.w.org/" <https://zestradar.com/wp-json/wp/v2/posts/64144>; rel="alternate"; type="application/json" <https://zestradar.com/?p=64144>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svn6m7hlRAjWk%2F5NSbWrZZTTcmI3gAyEGfnxxaYKxLvfwxTusdNY6HMlzw7ByY%2BO0AfFdbIX7hziWpcVkJu8zF5IZ0T1W6UlEzZ4e5JYtSu66Nig4XjbWBXAEsVLnL4EWXRPmqR2f3F1Cnlk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
HIT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

0 Cookies