urlscan.io logo urlscan.io
SecurityTrails logo

clck.mgid.com Open in urlscan Pro
104.19.129.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_...
Submission: On July 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 28 HTTP transactions. The main IP is 104.19.129.76, located in and belongs to CLOUDFLARENET, US. The main domain is clck.mgid.com. The Cisco Umbrella rank of the primary domain is 29499.
TLS certificate: Issued by WE1 on July 7th 2024. Valid for: 3 months.
This is the only time clck.mgid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 9 173.214.240.15 15317 (SERVEREL-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
5 5 199.182.164.180 15317 (SERVEREL-AS)
9 104.19.129.76 13335 (CLOUDFLAR...)
2 104.18.2.22 13335 (CLOUDFLAR...)
3 104.19.130.76 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 64.233.180.106 15169 (GOOGLE)
1 18.160.41.112 16509 (AMAZON-02)
1 2 3.230.190.195 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 99.84.191.77 16509 (AMAZON-02)
28 12
9    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
cjtrade5.xyz
freetrckr.com
diarydiet1.xyz
1    2607:f8b0:400d:c02::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.pushking.net
9    104.19.129.76 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
clck.mgid.com
cdn.mgid.com
a.mgid.com
2    104.18.2.22 (None, )

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
s-img.adskeeper.com
3    104.19.130.76 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    64.233.180.106 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f106.1e100.net
www.google.com
1    18.160.41.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-112.iad55.r.cloudfront.net
static.hotjar.com
2    3.230.190.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-190-195.compute-1.amazonaws.com
adrta.com
ipds.adrta.com
1    2607:f8b0:400d:c00::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    99.84.191.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
12 mgid.com
c.mgid.com — Cisco Umbrella Rank: 5722
s-img.mgid.com — Cisco Umbrella Rank: 6986
clck.mgid.com — Cisco Umbrella Rank: 29499
cdn.mgid.com — Cisco Umbrella Rank: 8940
a.mgid.com — Cisco Umbrella Rank: 11382
143 KB
7 diarydiet1.xyz
diarydiet1.xyz
4 KB
5 pushking.net
xml.pushking.net — Cisco Umbrella Rank: 48173
1 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
62 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
243 KB
2 adrta.com
adrta.com — Cisco Umbrella Rank: 2814
ipds.adrta.com — Cisco Umbrella Rank: 4686
1 KB
2 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 21004
s-img.adskeeper.com — Cisco Umbrella Rank: 19154
6 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
979 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 637579
352 B
1 cjtrade5.xyz
cjtrade5.xyz
129 B
0 herbeauty.co Failed
herbeauty.co Failed
28 12
Domain Requested by
7 diarydiet1.xyz 4 redirects diarydiet1.xyz
5 xml.pushking.net 5 redirects
3 s-img.mgid.com diarydiet1.xyz
3 c.mgid.com diarydiet1.xyz
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 a.mgid.com clck.mgid.com
2 cdn.mgid.com clck.mgid.com
2 clck.mgid.com diarydiet1.xyz
clck.mgid.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 ipds.adrta.com clck.mgid.com
1 adrta.com 1 redirects
1 static.hotjar.com clck.mgid.com
1 www.google.com clck.mgid.com
www.gstatic.com
1 s-img.adskeeper.com diarydiet1.xyz
1 c.adskeeper.com diarydiet1.xyz
1 fonts.googleapis.com diarydiet1.xyz
1 freetrckr.com 1 redirects
1 cjtrade5.xyz 1 redirects
0 herbeauty.co Failed clck.mgid.com
28 20

This site contains no links.

Subject Issuer Validity Valid
diarydiet1.xyz
E5		 2024-07-07 -
2024-10-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
mgid.com
WE1		 2024-07-07 -
2024-10-05		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh

This page contains 2 frames:

Frame: https://herbeauty.co/en/entertainment/8-famous-female-scientists-every-strong-woman/?utm_medium=cpc&utm_source=herbeauty_mock&utm_campaign=herbeauty_mock&utm_term=57746912s574910&utm_content=15112027&adclid=b7104bca847fe183f17212b376620424
Frame ID: 0B1C75CD42FE733535D579C272DBB4DE
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLm1naWQuY29tOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&sa=antifraud&cb=683l8nn5mpre
Frame ID: 72AAA8C6FCE0C32557EFA955AC583AB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

8 Pioneering Women In Science History You Should Know About

Page URL History Show full URLs

  1. http://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymi... HTTP 307
    https://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMj... Page URL
  2. https://xml.pushking.net/click?s=1&tid=1763&sid=81074322487ca836c9606f3410bace8e&rnd=540328921 HTTP 302
    https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-Q... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

28
Requests

75 %
HTTPS

25 %
IPv6

12
Domains

20
Subdomains

12
IPs

2
Countries

460 kB
Transfer

1066 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltkynzm4mzrjy2q2zjlinte1y2nhyzflnzrmmtvmmzi2ltm4mtmtmc4wmdayotglmjilmkmlmji1mzqtnjm5y2rmogrkzte1mzywmjllmgjkmdzmnwm3ymj...~311~...3nmrunv9yzxhfznilmjiln0q=&if=1 HTTP 307
    https://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltkynzm4mzrjy2q2zjlinte1y2nhyzflnzrmmtvmmzi2ltm4mtmtmc4wmdayotglmjilmkmlmji1mzqtnjm5y2rmogrkzte1mzywmjllmgjkmdzmnwm3ymj...~311~...3nmrunv9yzxhfznilmjiln0q=&if=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://xml.pushking.net/click?s=1&tid=1763&sid=81074322487ca836c9606f3410bace8e&rnd=540328921 HTTP 302
    https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltkynzm4mzrjy2q2zjlinte1y2nhyzflnzrmmtvmmzi2ltm4mtmtmc4wmdayotglmjilmkmlmji1mzqtnjm5y2rmogrkzte1mzywmjllmgjkmdzmnwm3ymj...~311~...3nmrunv9yzxhfznilmjiln0q=&if=1 HTTP 307
  • https://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltkynzm4mzrjy2q2zjlinte1y2nhyzflnzrmmtvmmzi2ltm4mtmtmc4wmdayotglmjilmkmlmji1mzqtnjm5y2rmogrkzte1mzywmjllmgjkmdzmnwm3ymj...~311~...3nmrunv9yzxhfznilmjiln0q=&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3236_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGNiMWNiZDA2YzM5ZTZhN2YwNDU2YmU3MDg5NzYwNzY2JTI2cm5kJTNEOTY3ODM1MTYz&t=1721163855094&rnd=675159285&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=cb1cbd06c39e6a7f0456be7089760766&rnd=967835163 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr1gNFs_bJswUROsb7h_VH2vTkwIUIcelbD5dH7Qu6DKdVif_bmnZMA6oX7-uKK1NkMr0GRstOkczFMhYsEWIqHo*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
Request Chain 3
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3236_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDcwOWMxYWYxNzNkZWNjMWQyYjYyMmFlZmVmMDMzYjZjJTI2cm5kJTNEOTY3ODM1MTYz&t=1721163855094&rnd=709070375&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=709c1af173decc1d2b622aefef033b6c&rnd=967835163 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVrydmXYSaaFcJg-S7jr6dJobeeNhP382v6m3aO_6m9nZaVif_bmnZMA6oX7-uKK1NkG2PAMvH5okbaZvc7e01D50*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
Request Chain 4
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3236_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDgxMDc0MzIyNDg3Y2E4MzZjOTYwNmYzNDEwYmFjZThlJTI2cm5kJTNEOTY3ODM1MTYz&t=1721163855094&rnd=314969336&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=81074322487ca836c9606f3410bace8e&rnd=967835163 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
Request Chain 5
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3300_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDYyOTQwMTFlM2UyMjc2NzEyMWUxMzAxNzA3MDk2NTk3JTI2cm5kJTNEOTY3ODM1MTYz&t=1721163855094&rnd=328508698&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=6294011e3e22767121e1301707096597&rnd=967835163 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr39F4y0bu_M1ZhPB_Wv69eaKrcVXFQ1GaG9tzyxhYm0TVif_bmnZMA6oX7-uKK1NkLKK1SaRuJZPzfrcYnu984M*&cid=1641980&f=1&h2=BQUlh5009vknble7-KSVe4pTbLSfoihwzGFkmTvfD7R5rbTtNXq4hRjPzo_DXeaN&rid=f5253d85-43b6-11ef-8cf0-c84bd68370c0&psid=75601
Request Chain 20
  • https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=15112027&publisherId=57746912&siteId=797944&kv1=492x328&kv2=https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&kv3=-&kv4=-&kv5=574910&kv6=afrd_click_Atrz&kv7=711889&kv11=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&kv12=f525888d-43b6-11ef-b810-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36 HTTP 302
  • https://ipds.adrta.com/i?__x=GKGFIILFHFKCJKMBHAKEGMPHIPFJEKHKFIJGN@FOIFHNINJMNNJBKGFLLLLJGOMOMIKLMIJAGLGIHKJPKNKLMBKNOOMLINGHMHIMIEPGLBIMHFFNJMLPLMJ@HBEBH&clid=mgid&paid=mgid&avid=-&caid=-&plid=15112027&publisherId=57746912&siteId=797944&kv1=492x328&kv2=https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&kv3=-&kv4=-&kv5=574910&kv6=afrd_click_Atrz&kv7=711889&kv11=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&kv12=f525888d-43b6-11ef-b810-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36
Request Chain 24
  • https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/tr/pp/1/1/?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0%2A&ph=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0%2A&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&pubsrcid=574910&tt=Direct&att=3&trt=4&k=1414833fc*f!fZCzXEFefZCzXEFnffMHwwf!fOJffKkfYfMjcuNTMxMjV8MTg%3Df%2C*f%2C*ffQf!faHR0cHM6Ly9jbGNrLm1naWQuY29tL2doaXRzLzE1MTEyMDI3L2kvNTc3NDY5MTIvMC9zcmMvNTc0OTEwL3BwLzEvMT9oPVl5R1RwaF9vWDh5Y1NwRXktdlZWcjlMN2FKLVFJQmo5eDFnR1FMMzRyanh2VXd6X2pwRnlNeGt*QlZZbkNYdVdWaWZ*Ym1uWk1BNm9YNy11%240sxTmtNTkxId09FQm9nM2VBOVdKcVByYnQwKiZyaWQ9ZjUyNTg4OGQtNDNiNi0xMWVmLWI4MTAtYzg0YmQ2ODI2NTY0JnR0PURpcmVjdCZhdHQ9MyZwdWJzcmNpZD01NzQ5MTAmYWZyZA%3D%3DfaHR0cHM6Ly9kaWFyeWRpZXQxLnh5ei8%3DfaHR0cHM6Ly9kaWFyeWRpZXQxLnh5ei8%3Df*fMHww*DkwNnw2NzY%3Dff%2C*f!fcfMTh8Mjd8OTA1*DY3Ng%3D%3DfZAfS0f!f!fTW96aWxsY%2481LjAgKFgxMTsgTGludXggeDg2XzY0K%24BBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvK%24BDaHJvbWUvMTI2LjAuMC4wIFNhZmFya%2481MzcuMzY%3DfUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGf!fTGludXggeDg2XzY0fLTYwMA%3D%3DfLTF8LTE%3DfMTYwMHwxMjAwfdW5rbm93bnw0Z3wwfM%3DfM%3DfQfKwSe%3Df*f*(MBORx%2B&grs=-2&kpgt=229 HTTP 301
  • https://herbeauty.co/en/entertainment/8-famous-female-scientists-every-strong-woman/?utm_medium=cpc&utm_source=herbeauty_mock&utm_campaign=herbeauty_mock&utm_term=57746912s574910&utm_content=15112027&adclid=b7104bca847fe183f17212b376620424

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
diarydiet1.xyz/news/11501/
Redirect Chain
  • http://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltkynzm4mzrjy2q2zjlinte1y2nhyzflnzrmmtv...
  • https://cjtrade5.xyz/event_ac419567-b708-d8b9-f2ab-331d31049a0c_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltkynzm4mzrjy2q2zjlinte1y2nhyzflnzrmmt...
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
7af31d8598b47f638a2baaefddc76ca4339d181912781824c4eff052bc0c2a03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 16 Jul 2024 21:04:15 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 16 Jul 2024 21:04:14 GMT
location
https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jul 2024 21:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 21:04:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jul 2024 21:04:15 GMT
c
c.mgid.com/
Redirect Chain
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3236_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGNiMWNiZDA2YzM5ZTZhN2YwNDU2YmU3MDg5NzYwNzY2JTI2c...
  • https://xml.pushking.net/icon?sid=cb1cbd06c39e6a7f0456be7089760766&rnd=967835163
  • https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr1gNFs_bJswUROsb7h_VH2vTkwIUIcelbD5dH7Qu6DKdVif_bmnZMA6oX7-uKK1NkMr0GRstOkczFMhYsEWIqHo*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlw...
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr1gNFs_bJswUROsb7h_VH2vTkwIUIcelbD5dH7Qu6DKdVif_bmnZMA6oX7-uKK1NkMr0GRstOkczFMhYsEWIqHo*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
5dc17371-27d5-4b9b-9f87-eed47f51706e
server
cloudflare
content-type
image/gif
cf-ray
8a44f191d96b2b7d-LAX
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr1gNFs_bJswUROsb7h_VH2vTkwIUIcelbD5dH7Qu6DKdVif_bmnZMA6oX7-uKK1NkMr0GRstOkczFMhYsEWIqHo*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
date
Tue, 16 Jul 2024 21:04:15 GMT
server
nginx
c
c.mgid.com/
Redirect Chain
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3236_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDcwOWMxYWYxNzNkZWNjMWQyYjYyMmFlZmVmMDMzYjZjJTI2c...
  • https://xml.pushking.net/icon?sid=709c1af173decc1d2b622aefef033b6c&rnd=967835163
  • https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVrydmXYSaaFcJg-S7jr6dJobeeNhP382v6m3aO_6m9nZaVif_bmnZMA6oX7-uKK1NkG2PAMvH5okbaZvc7e01D50*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlw...
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVrydmXYSaaFcJg-S7jr6dJobeeNhP382v6m3aO_6m9nZaVif_bmnZMA6oX7-uKK1NkG2PAMvH5okbaZvc7e01D50*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
1d68ea53-7fed-41f7-9ba1-9f8155458037
server
cloudflare
content-type
image/gif
cf-ray
8a44f191d9672b7d-LAX
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVrydmXYSaaFcJg-S7jr6dJobeeNhP382v6m3aO_6m9nZaVif_bmnZMA6oX7-uKK1NkG2PAMvH5okbaZvc7e01D50*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
date
Tue, 16 Jul 2024 21:04:15 GMT
server
nginx
c
c.mgid.com/
Redirect Chain
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3236_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDgxMDc0MzIyNDg3Y2E4MzZjOTYwNmYzNDEwYmFjZThlJTI2c...
  • https://xml.pushking.net/icon?sid=81074322487ca836c9606f3410bace8e&rnd=967835163
  • https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlw...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
a27a514c-41aa-410c-ba16-fe8430ad58bb
server
cloudflare
content-type
image/gif
cf-ray
8a44f1927a1c2b7d-LAX
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.mgid.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&cid=1414833&f=1&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&rid=f525888d-43b6-11ef-b810-c84bd6826564&psid=574910
date
Tue, 16 Jul 2024 21:04:15 GMT
server
nginx
c
c.adskeeper.com/
Redirect Chain
  • https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_3300_3005?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDYyOTQwMTFlM2UyMjc2NzEyMWUxMzAxNzA3MDk2NTk3JTI2c...
  • https://xml.pushking.net/icon?sid=6294011e3e22767121e1301707096597&rnd=967835163
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr39F4y0bu_M1ZhPB_Wv69eaKrcVXFQ1GaG9tzyxhYm0TVif_bmnZMA6oX7-uKK1NkLKK1SaRuJZPzfrcYnu984M*&cid=1641980&f=1&h2=BQUlh5009vknble7-KSVe4pTbLSfoi...
43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr39F4y0bu_M1ZhPB_Wv69eaKrcVXFQ1GaG9tzyxhYm0TVif_bmnZMA6oX7-uKK1NkLKK1SaRuJZPzfrcYnu984M*&cid=1641980&f=1&h2=BQUlh5009vknble7-KSVe4pTbLSfoihwzGFkmTvfD7R5rbTtNXq4hRjPzo_DXeaN&rid=f5253d85-43b6-11ef-8cf0-c84bd68370c0&psid=75601
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
104.18.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
ace89f79-b505-4ce1-8599-f9f2da2f603c
server
cloudflare
content-type
image/gif
cf-ray
8a44f1928ba91001-LAX
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.adskeeper.com/c?pv=2&v=0|0|0|YyGTph_oX8ycSpEy-vVVr39F4y0bu_M1ZhPB_Wv69eaKrcVXFQ1GaG9tzyxhYm0TVif_bmnZMA6oX7-uKK1NkLKK1SaRuJZPzfrcYnu984M*&cid=1641980&f=1&h2=BQUlh5009vknble7-KSVe4pTbLSfoihwzGFkmTvfD7R5rbTtNXq4hRjPzo_DXeaN&rid=f5253d85-43b6-11ef-8cf0-c84bd68370c0&psid=75601
date
Tue, 16 Jul 2024 21:04:15 GMT
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzc3LHlfNDY0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyL...
s-img.mgid.com/g/14936883/492x277/-/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14936883/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzc3LHlfNDY0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzEwMTkyNC8xYjE3Mjk1ZjEyMDkyZWRhZjAyZDZjMDhjY2UxODZjOC5qcGVn.webp?v=1721163854-PeRHWSAnjuwtj5C4jYAVBzM1i7nNhEC26fzSQcfi-RI
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d68c60fef1f35e86add3a4d7039065632cdf0b7d08544283a37aaedbba10fdd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
9e40e9ee-37a8-4301-9433-fe32c00d5b87
age
4013025
alt-svc
h3=":443"; ma=86400
content-length
14666
last-modified
Fri, 16 Dec 2022 13:47:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8a44f191fa47310d-LAX
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfOTIwLHlfMzIzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4L...
s-img.mgid.com/g/14137433/492x277/-/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14137433/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfOTIwLHlfMzIzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEwMTkyNC81OTY5YjI0OTljYzQyNDMwMzhiZWFkYTE5NDM0NmVlNi5qcGVn.webp?v=1721163854-tKr4WCeCrp7_QSeegdUQvWG8H-iudITj86QeQ-zvTdI
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d50a79299b08442a6c66dee1047277c1e68a8e61e01a9bf85486dce6853326
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
d3258c01-6149-4734-ae61-562097ff31ae
age
4012972
alt-svc
h3=":443"; ma=86400
content-length
34948
last-modified
Thu, 22 Sep 2022 09:55:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8a44f191fa4a310d-LAX
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8xMDE5MjQvMTY5N...
s-img.mgid.com/g/15112027/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15112027/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8xMDE5MjQvMTY5NTk0MzdhMDI0OWZlZmEzOTdkZDllODg0M2M4OTguZ2lm.webp?v=1721163854-FwrXg8PgkfKx9WWQCl7Xj6_SmgLEgwo4plNivcJSzHQ
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9109399b038d5c54b886103d34e9e1e47bf7b9bc727f8d86d4565e458f2b9ec0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
76e35c2f-99ef-46cf-aec0-7aaee6392600
age
4012923
alt-svc
h3=":443"; ma=86400
content-length
28192
last-modified
Thu, 12 Jan 2023 09:44:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8a44f191fa4b310d-LAX
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0LzU1OTU2N2VmYTdkYmY0ZWE4NGU5ODAyNGM0ZGIzMjg0LmpwZw.webp
s-img.adskeeper.com/g/3805445/200x200/227x0x433x433/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/3805445/200x200/227x0x433x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0LzU1OTU2N2VmYTdkYmY0ZWE4NGU5ODAyNGM0ZGIzMjg0LmpwZw.webp?v=1721163854-lqqKlwc4QhUym_yVAA9Yc9AplS085guHVK4LN7x_3yw
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4082ba7fa42619137a3fd32a881406047f8034320492f8107482d3a079ced26c

Request headers

Referer
https://diarydiet1.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:15 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 09:37:26 GMT
x-mg-request-uuid
75d42d2e-d8bb-4a1d-8de0-3e2119c87f90
server
cloudflare
age
1172569
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8a44f191fb2e1001-LAX
content-length
5770
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://diarydiet1.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 13:32:45 GMT
x-content-type-options
nosniff
age
113490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 13:32:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://diarydiet1.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 00:37:11 GMT
x-content-type-options
nosniff
age
419224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Jul 2025 00:37:11 GMT
favicon.ico
diarydiet1.xyz/ 		13 B
258 B 		Other
General
Check archive.org
Download Go to
Full URL
https://diarydiet1.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

Referer
https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
pragma
no-cache
date
Tue, 16 Jul 2024 21:04:16 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_0_3005
diarydiet1.xyz/ 		118 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_0_3005?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyMTc2My1jYjFjYmQwNmMzOWU2YTdmMDQ1NmJlNzA4OTc2MDc2Ni0zMjM2LTAuMDAwMzQyJTIyJTJDJTIyMTc2My03MDljMWFmMTczZGVjYzFkMmI2MjJhZWZlZjAzM2I2Yy0zMjM2LTAuMDAwMzQyJTIyJTJDJTIyMTc2My04MTA3NDMyMjQ4N2NhODM2Yzk2MDZmMzQxMGJhY2U4ZS0zMjM2LTAuMDAwMzQyJTIyJTJDJTIyMTc2My02Mjk0MDExZTNlMjI3NjcxMjFlMTMwMTcwNzA5NjU5Ny0zMzAwLTAuMDAwMjclMjIlNUQlN0Q%3D&t=1721163855094&rnd=447988316&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
b7f9e77e9f0be476e405d25e84f9eb314e3aef6c7ee82261cbc2dee2295bf32e

Request headers

Referer
https://diarydiet1.xyz/news/11501/?sid=6dbe560f1f44bc4524ee901cb74af7ed_107_0_3005&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:17 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request 1
clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/
Redirect Chain
  • https://xml.pushking.net/click?s=1&tid=1763&sid=81074322487ca836c9606f3410bace8e&rnd=540328921
  • https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-...
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Requested by
Host: diarydiet1.xyz
URL: https://diarydiet1.xyz/event_eac276a5-0d6c-bad4-32b5-58f301722cd9_107_0_3005?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyMTc2My1jYjFjYmQwNmMzOWU2YTdmMDQ1NmJlNzA4OTc2MDc2Ni0zMjM2LTAuMDAwMzQyJTIyJTJDJTIyMTc2My03MDljMWFmMTczZGVjYzFkMmI2MjJhZWZlZjAzM2I2Yy0zMjM2LTAuMDAwMzQyJTIyJTJDJTIyMTc2My04MTA3NDMyMjQ4N2NhODM2Yzk2MDZmMzQxMGJhY2U4ZS0zMjM2LTAuMDAwMzQyJTIyJTJDJTIyMTc2My02Mjk0MDExZTNlMjI3NjcxMjFlMTMwMTcwNzA5NjU5Ny0zMzAwLTAuMDAwMjclMjIlNUQlN0Q%3D&t=1721163855094&rnd=447988316&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9387da939ec2d8368de3288888150defbf6208d0b6d45b70e321dbb5b5e8b972
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diarydiet1.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8a44f19f8dbf2ef6-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 21:04:17 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex

Redirect headers

date
Tue, 16 Jul 2024 21:04:17 GMT
location
https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
server
nginx
api.js
www.google.com/recaptcha/ 		1 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f106.1e100.net
Software
GSE /
Resource Hash
fd1d8a9cd53cc8a0da434cc3beae34ffc96f4578b029f81374f435e5ed877fa1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 16 Jul 2024 21:04:18 GMT
img.png
cdn.mgid.com/images/tranzit/ 		68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/tranzit/img.png
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:18 GMT
x-amz-version-id
null
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
ETW92V459BXMG36W
age
1661
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
68
x-amz-id-2
vpUVsjOhvFuODbseLyWSh2ihoNIyurJwrkBeETZtiKFs3r+Em9aEgpiRAXoEWVf3XbJRZIRn9gQ=
cf-bgj
imgq:100,h2pri
last-modified
Thu, 24 Mar 2022 17:14:24 GMT
x-amz-meta-s3cmd-attrs
atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root
server
cloudflare
etag
"91e42db1c66c0b276abf6234dc50b2eb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8a44f1a0ef752ef6-LAX
expires
Wed, 17 Jul 2024 21:04:18 GMT
dojo-other.js
clck.mgid.com/build/ 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clck.mgid.com/build/dojo-other.js?t=fc89bc18d7b35d3d60eb704619c9b16d
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a2c1e232d431bc16f02193ceb8fcd82e9f20798ab430dffb12e2da41b0ca1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
129
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 05 Jul 2024 11:51:06 GMT
server
cloudflare
etag
W/"6687de2a-112df"
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8a44f1a0ff9d2ef6-LAX
access-control-allow-headers
*
expires
Thu, 01 Jan 1970 00:00:01 GMT
touchpoints-sensor.js
a.mgid.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/touchpoints-sensor.js
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5dfe765bdbfea2f3e29fc29756bf4300fd865bd6551e937c6d86e2a7e9d0871
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-mg-request-uuid
7286958d-94c2-4a6f-bd74-294f5e3d2d19
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8a44f1a0ef722ef6-LAX
alt-svc
h3=":443"; ma=86400
frpt.js
cdn.mgid.com/js/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/frpt.js
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
455c0cf3199c0d5eac170509b804776e1f18fb6c131f691660bf27a3952a335f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:18 GMT
x-amz-version-id
wH0_22p7dfcIxPdSIg4.3iu9LTGYLZqF
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GZ3STDXXW57MBM6D
age
1933
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
b62Bx23yfn8yh+oCgLnXuSw8XLITK3zWa7d+Qv8Z+7TV/tSSe0oEQX1ggxejI67JsunFY0azCXI=
cf-bgj
minify
last-modified
Mon, 26 Feb 2024 09:00:01 GMT
x-amz-meta-s3cmd-attrs
atime:1708937995/ctime:1708937995/gid:0/gname:root/md5:55ad86c8cb4471b5ab1c24760fe9a39b/mode:33188/mtime:1708937711/uid:0/uname:root
server
cloudflare
etag
W/"55ad86c8cb4471b5ab1c24760fe9a39b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
8a44f1a0ffa02ef6-LAX
expires
Wed, 17 Jul 2024 21:04:18 GMT
hotjar-2590724.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2590724.js?sv=6
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-112.iad55.r.cloudfront.net
Software
/
Resource Hash
629150c10198390fb2be7a094c6438f2d4b34c1a4f5c55b9a9231172a0e38f63
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 16 Jul 2024 21:03:54 GMT
via
1.1 06186860a5ea94b333945ca9761eb36c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
34
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/84703c7c6d276252df95afb707334cd2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
qb-Sem7Ngpl5Bx07p5lJnkkfHDgXA4leCkStsyUW_f2oVEvqlQrqZQ==
i
ipds.adrta.com/
Redirect Chain
  • https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=15112027&publisherId=57746912&siteId=797944&kv1=492x328&kv2=https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_o...
  • https://ipds.adrta.com/i?__x=GKGFIILFHFKCJKMBHAKEGMPHIPFJEKHKFIJGN@FOIFHNINJMNNJBKGFLLLLJGOMOMIKLMIJAGLGIHKJPKNKLMBKNOOMLINGHMHIMIEPGLBIMHFFNJMLPLMJ@HBEBH&clid=mgid&paid=mgid&avid=-&caid=-&plid=151...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipds.adrta.com/i?__x=GKGFIILFHFKCJKMBHAKEGMPHIPFJEKHKFIJGN@FOIFHNINJMNNJBKGFLLLLJGOMOMIKLMIJAGLGIHKJPKNKLMBKNOOMLINGHMHIMIEPGLBIMHFFNJMLPLMJ@HBEBH&clid=mgid&paid=mgid&avid=-&caid=-&plid=15112027&publisherId=57746912&siteId=797944&kv1=492x328&kv2=https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&kv3=-&kv4=-&kv5=574910&kv6=afrd_click_Atrz&kv7=711889&kv11=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&kv12=f525888d-43b6-11ef-b810-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H2
Server
3.230.190.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-190-195.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 Jul 2024 21:04:18 GMT
cache-control
no-cache
server
nginx
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://ipds.adrta.com/i?__x=GKGFIILFHFKCJKMBHAKEGMPHIPFJEKHKFIJGN@FOIFHNINJMNNJBKGFLLLLJGOMOMIKLMIJAGLGIHKJPKNKLMBKNOOMLINGHMHIMIEPGLBIMHFFNJMLPLMJ@HBEBH&clid=mgid&paid=mgid&avid=-&caid=-&plid=15112027&publisherId=57746912&siteId=797944&kv1=492x328&kv2=https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG&kv3=-&kv4=-&kv5=574910&kv6=afrd_click_Atrz&kv7=711889&kv11=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&kv12=f525888d-43b6-11ef-b810-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36
date
Tue, 16 Jul 2024 21:04:18 GMT
server
nginx
content-length
0
pixel.gif
a.mgid.com/ 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/pixel.gif?utm_content=&utm_term=&utm_source=&utm_campaign=&utm_medium=&frpt=9dc1727b1a2daf8bf5bf586666e7880d
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/pp/1/1?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0*&rid=f525888d-43b6-11ef-b810-c84bd6826564&tt=Direct&att=3&pubsrcid=574910&afrd=8&ct=1&st=-420&h2=BQUlh5009vknble7-KSVe6UNb6Yt7xLHVlwR7sA6FTnMI97yBapaNn-MO3BUF5hG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:04:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8a44f1a339ff2ef6-LAX
alt-svc
h3=":443"; ma=86400
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		534 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clck.mgid.com/
Origin
https://clck.mgid.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 16:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216123
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Jul 2025 16:22:44 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-77.iad89.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ae3759c8dc48487a424a60bd577ad554.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
1342391
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ffuhF0bhYO0c3J5LqMvP_GxpTiKVU3AoKSWfsvE2mi8AAf6ugY9JWQ==
/
herbeauty.co/en/entertainment/8-famous-female-scientists-every-strong-woman/
Redirect Chain
  • https://clck.mgid.com/ghits/15112027/i/57746912/0/src/574910/tr/pp/1/1/?h=YyGTph_oX8ycSpEy-vVVr9L7aJ-QIBj9x1gGQL34rjxvUwz_jpFyMxk_BVYnCXuWVif_bmnZMA6oX7-uKK1NkMNLHwOEBog3eA9WJqPrbt0%2A&ph=YyGTph_oX...
  • https://herbeauty.co/en/entertainment/8-famous-female-scientists-every-strong-woman/?utm_medium=cpc&utm_source=herbeauty_mock&utm_campaign=herbeauty_mock&utm_term=57746912s574910&utm_content=151120...
0
0
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-77.iad89.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://clck.mgid.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ae3759c8dc48487a424a60bd577ad554.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
15057132
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
L6HIxNSY5n8Qttjdssw1TorvOiY-5ENdZsIAWmqU-DAF7JZhfUfbVQ==
anchor
www.google.com/recaptcha/api2/ Frame 72AA 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
herbeauty.co
URL
https://herbeauty.co/en/entertainment/8-famous-female-scientists-every-strong-woman/?utm_medium=cpc&utm_source=herbeauty_mock&utm_campaign=herbeauty_mock&utm_term=57746912s574910&utm_content=15112027&adclid=b7104bca847fe183f17212b376620424
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly9jbGNrLm1naWQuY29tOjQ0Mw..&hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&sa=antifraud&cb=683l8nn5mpre

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| _mgExternalLinkChanger string| compositeId string| s1 number| adSrcId number| transitType string| referer object| transitThrownParams object| transitProxyParamsToSsp function| onLoadAfRecaptcha function| onRcResponse string| grResponse function| addEvent function| mgidHP object| redirector function| AfRedirector object| loadOptions function| hj object| _hjSettings function| bindAfParams function| a0d function| a0W object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| recaptcha object| closure_lm_896925

12 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: x5pbdZ6TTJHCcAnLMfE26sqPryczniFg34Ife5HNElI-1721163855-1.0.1.1-N5I2puQqRUCr24_0O0YYHtuf2_IX6dKX_NlbhuQ7HVf4ehAsAJOY4W_G8gtC2JnU3a0yHYp25xoCluWE2Mw5ZA
diarydiet1.xyz/ Name: sid
Value: p2gr4g9703ltlt5fj5949d59k0
.mgid.com/ Name: muidn
Value: o6ghUSfwhN4e
clck.mgid.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fdiarydiet1.xyz%2F%22%2C%22svsds%22%3A1%7D%2C%22206%22%3A%7B%7D%7D
clck.mgid.com/ Name: frpt
Value: 9dc1727b1a2daf8bf5bf586666e7880d
.mgid.com/ Name: mgid
Value: 15112027
.mgid.com/ Name: mtid
Value: 57746912
.mgid.com/ Name: mtuid
Value: 57746912s574910
.mgid.com/ Name: mstatus
Value: 0
.mgid.com/ Name: mghd
Value: herbeauty.co
.mgid.com/ Name: _hjSessionUser_2590724
Value: eyJpZCI6ImY4NmMxMGI1LWNlMDQtNWM5My05YzQ0LTc4ZGQ1ODNmOTljMSIsImNyZWF0ZWQiOjE3MjExNjM4NTkyMDIsImV4aXN0aW5nIjpmYWxzZX0=
.mgid.com/ Name: _hjSession_2590724
Value: eyJpZCI6IjhkZDU4ZTM2LWY0NjctNDBlNy04NmUyLTRmZmNjNjM0Yjk5YiIsImMiOjE3MjExNjM4NTkyMDMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

1 Console Messages

Source Level URL
Text
network error URL: https://diarydiet1.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
adrta.com
c.adskeeper.com
c.mgid.com
cdn.mgid.com
cjtrade5.xyz
clck.mgid.com
diarydiet1.xyz
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
herbeauty.co
ipds.adrta.com
s-img.adskeeper.com
s-img.mgid.com
script.hotjar.com
static.hotjar.com
www.google.com
www.gstatic.com
xml.pushking.net
herbeauty.co
www.google.com
104.18.2.22
104.19.129.76
104.19.130.76
173.214.240.15
18.160.41.112
199.182.164.180
2607:f8b0:400d:c00::5e
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
3.230.190.195
64.233.180.106
99.84.191.77
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
3d68c60fef1f35e86add3a4d7039065632cdf0b7d08544283a37aaedbba10fdd
4082ba7fa42619137a3fd32a881406047f8034320492f8107482d3a079ced26c
455c0cf3199c0d5eac170509b804776e1f18fb6c131f691660bf27a3952a335f
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
629150c10198390fb2be7a094c6438f2d4b34c1a4f5c55b9a9231172a0e38f63
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
7af31d8598b47f638a2baaefddc76ca4339d181912781824c4eff052bc0c2a03
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
85a2c1e232d431bc16f02193ceb8fcd82e9f20798ab430dffb12e2da41b0ca1b
9109399b038d5c54b886103d34e9e1e47bf7b9bc727f8d86d4565e458f2b9ec0
91d50a79299b08442a6c66dee1047277c1e68a8e61e01a9bf85486dce6853326
9387da939ec2d8368de3288888150defbf6208d0b6d45b70e321dbb5b5e8b972
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5dfe765bdbfea2f3e29fc29756bf4300fd865bd6551e937c6d86e2a7e9d0871
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
b7f9e77e9f0be476e405d25e84f9eb314e3aef6c7ee82261cbc2dee2295bf32e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd1d8a9cd53cc8a0da434cc3beae34ffc96f4578b029f81374f435e5ed877fa1