urlscan.io logo urlscan.io
SecurityTrails logo

8427dd3169.news-vakuba.cc Open in urlscan Pro
23.158.56.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yalena.fun/
Effective URL: https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Submission: On April 18 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 40 HTTP transactions. The main IP is 23.158.56.123, located in and belongs to . The main domain is 8427dd3169.news-vakuba.cc.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time 8427dd3169.news-vakuba.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 1 23.158.56.201 63023 (AS-GLOBAL...)
6 65.109.24.247 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 95.216.65.178 24940 (HETZNER-AS)
12 2a00:1450:400... 15169 (GOOGLE)
1 5.9.110.111 24940 (HETZNER-AS)
7 136.243.42.50 24940 (HETZNER-AS)
1 94.130.32.96 24940 (HETZNER-AS)
1 1 78.46.76.54 24940 (HETZNER-AS)
1 172.64.152.106 13335 (CLOUDFLAR...)
6 23.158.56.123 ()
1 144.76.56.162 ()
1 5.9.197.87 ()
40 11
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
yalena.fun
1    23.158.56.201 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com
news-sizeja.cc
6    65.109.24.247 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.247.24.109.65.clients.your-server.de
news-xafehe.com
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    95.216.65.178 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: revopush-show-36.t.push.house
show.revopush.com
12    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    5.9.110.111 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-113.t.push.house
img.cdn.house
7    136.243.42.50 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.42.243.136.clients.your-server.de
a1dd1b7cde.news-xizagi.cc
1    94.130.32.96 (Landshut, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: revopush-show-58.t.push.house
show.revopush.com
1    78.46.76.54 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-181.t.push.house
img.cdn.house
1    172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.com
6    23.158.56.123 (None, )

ASN- ()
8427dd3169.news-vakuba.cc
1    144.76.56.162 (None, )

ASN- ()
show.revopush.com
1    5.9.197.87 (None, )

ASN- ()
img.cdn.house
Apex Domain
Subdomains		 Transfer
12 gstatic.com
fonts.gstatic.com
152 KB
7 news-xizagi.cc
a1dd1b7cde.news-xizagi.cc
185 KB
6 news-vakuba.cc
8427dd3169.news-vakuba.cc
185 KB
6 news-xafehe.com
news-xafehe.com
185 KB
3 cdn.house
img.cdn.house — Cisco Umbrella Rank: 12810
7 KB
3 revopush.com
show.revopush.com — Cisco Umbrella Rank: 19472
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
4 KB
1 adskeeper.com
s-img.adskeeper.com — Cisco Umbrella Rank: 27019
5 KB
1 news-sizeja.cc
news-sizeja.cc
137 B
1 yalena.fun
yalena.fun
872 B
40 10
Domain Requested by
12 fonts.gstatic.com fonts.googleapis.com
7 a1dd1b7cde.news-xizagi.cc news-xafehe.com
a1dd1b7cde.news-xizagi.cc
6 8427dd3169.news-vakuba.cc a1dd1b7cde.news-xizagi.cc
8427dd3169.news-vakuba.cc
6 news-xafehe.com news-xafehe.com
3 img.cdn.house 1 redirects
3 show.revopush.com news-xafehe.com
a1dd1b7cde.news-xizagi.cc
8427dd3169.news-vakuba.cc
3 fonts.googleapis.com news-xafehe.com
a1dd1b7cde.news-xizagi.cc
8427dd3169.news-vakuba.cc
1 s-img.adskeeper.com
1 news-sizeja.cc 1 redirects
1 yalena.fun 1 redirects
40 10

This site contains no links.

Subject Issuer Validity Valid
*.news-xafehe.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
show.revopush.com
Go Daddy Secure Certificate Authority - G2		 2024-03-22 -
2025-03-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
img.cdn.house
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
*.news-xizagi.cc
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.news-vakuba.cc
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Frame ID: B090836880D97DEE0E8EC1A597D870F6
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://yalena.fun/ HTTP 302
    https://news-sizeja.cc/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 HTTP 307
    https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 Page URL
  2. https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 Page URL
  3. https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 Page URL

Page Statistics

40
Requests

98 %
HTTPS

14 %
IPv6

10
Domains

10
Subdomains

11
IPs

4
Countries

725 kB
Transfer

776 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yalena.fun/ HTTP 302
    https://news-sizeja.cc/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 HTTP 307
    https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 Page URL
  2. https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 Page URL
  3. https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://yalena.fun/ HTTP 302
  • https://news-sizeja.cc/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4 HTTP 307
  • https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Request Chain 25
  • https://img.cdn.house/i/1/ANzZBD9KejSzryaaJh1cd73_9VEz1yJ-HgwwZLMJaZmY7sdgRs1EZk3RGKrTZScEReUtT-RGtCmA-R0hBR92nhFofLfd8acCNYniKXlo05MGFjt7ZvIoN0cRikRZSfxz_sUORyCxvscqSLuy7OFNhgiUiyxf3r5nEuBC2q0KtP9EhBlOTzTLEjm7OxC-xX2wUH3PrRIGBMfKMi164EzV1VfUmLHTmEoAocL4K3-3xRxbK1MReAQY2oqnlheGJG057unm8WGCSkwvfxuc2Cl_uZ9XJLD-2jOM9_JVVmsxB5YkLinfFXtMvP1XJ5FZQxEteyRR19fWz8xGLtSlY3X2JTTqN0vtFS58SsNZo9jicIf-tGnOu1SHwPMjGx0pOdYZvcmFGAeIS19ObMvtWyQMP-zP74n1OzyKNF2p2LzYK_3j-zqrhNR6oTF5NMn01KEwKmYaVLK-asTMaAqonEmO3yKNtA== HTTP 307
  • https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1713401899-ylhqMVrj7BUbEMN3EBivEqYDyasOsiBh1VCJoH1qsp4

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
news-xafehe.com/
Redirect Chain
  • https://yalena.fun/
  • https://news-sizeja.cc/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
  • https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
15bf9333a2eab5f29ff2afd52c93eb5c93a6144a848c744d8d9ec82cbf86575c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
1534
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 00:58:16 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

content-length
0
date
Thu, 18 Apr 2024 00:58:16 GMT
location
https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
server
nginx
vary
Origin
x-frame-options
DENY
style.css
news-xafehe.com/lands/20/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-xafehe.com/lands/20/style.css
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:16 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-364"
content-type
text/css
accept-ranges
bytes
content-length
868
process.js
news-xafehe.com/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xafehe.com/process.js?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
283af8facdaf257afdc6b42787311515246da21cd51dd4e440ca1eeb1788acc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript; charset=utf-8
pragma
no-cache
date
Thu, 18 Apr 2024 00:58:16 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
vary
Origin
expires
0
revopush.js
news-xafehe.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xafehe.com/revopush.js
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:16 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-1d30"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
7472
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 00:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 00:58:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 00:58:17 GMT
/
show.revopush.com/api/v1/inpage/show/ 		750 B
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.revopush.com/api/v1/inpage/show/?uid=144073&subacc=8065025&sub1=&sub2=t53em1c9u9ht&sub3=&sub4=&adult=true&limit=1&traffic=adult
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/process.js?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.65.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
revopush-show-36.t.push.house
Software
nginx /
Resource Hash
0912783a556991011342b9b64872da4e62f0067bb744183da82d968f1a0850cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://news-xafehe.com
date
Thu, 18 Apr 2024 00:58:18 GMT
content-encoding
br
accept-ch
Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server
nginx
vary
Origin
content-type
application/json
girls.jpg
news-xafehe.com/lands/20/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xafehe.com/lands/20/girls.jpg
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/lands/20/style.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:17 GMT
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
accept-ranges
bytes
etag
"6602cb4c-24ee6"
content-length
151270
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://news-xafehe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:51:34 GMT
x-content-type-options
nosniff
age
410803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 06:51:34 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://news-xafehe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 05:38:27 GMT
x-content-type-options
nosniff
age
328790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Apr 2025 05:38:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://news-xafehe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 18:08:13 GMT
x-content-type-options
nosniff
age
456604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 18:08:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://news-xafehe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:10:19 GMT
x-content-type-options
nosniff
age
161278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 04:10:19 GMT
4Hify_VdCRNEE6QQ2BrRZTlfTWq0edXoikAwm15Un3cjom7jBhn9PA3QUzj0aM0tH9CvgWUxcjvWQAlVOz7wuLXCBniM7i3RgSWA_JP98fsB8Xs_FanLo2STPrYIMWsOgxzaVsMLWUt6xgrqCdPViVBuDCplLXwNu-KFW_6u8vQNHgH8HqNvHxY1fS_eqy_LWewW
img.cdn.house/i/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdn.house/i/1/4Hify_VdCRNEE6QQ2BrRZTlfTWq0edXoikAwm15Un3cjom7jBhn9PA3QUzj0aM0tH9CvgWUxcjvWQAlVOz7wuLXCBniM7i3RgSWA_JP98fsB8Xs_FanLo2STPrYIMWsOgxzaVsMLWUt6xgrqCdPViVBuDCplLXwNu-KFW_6u8vQNHgH8HqNvHxY1fS_eqy_LWewW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.110.111 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
push-house-cdn-113.t.push.house
Software
nginx /
Resource Hash
2e16a8be2606e14ebe051e23b1e5cf7557fd803c3e35b4e7405acd392f639a0f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xafehe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:18 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Wed, 26 Jul 2023 15:43:34 GMT
server
nginx
accept-ranges
bytes
content-length
3140
content-type
image/webp
reject
news-xafehe.com/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news-xafehe.com/reject
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 18 Apr 2024 00:58:19 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
/
a1dd1b7cde.news-xizagi.cc/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Requested by
Host: news-xafehe.com
URL: https://news-xafehe.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
5a1177c3d39939ceefdd27ed8c16167cd354e214c9d50ecd77813eee88a15c13
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://news-xafehe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
1553
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 00:58:21 GMT
server
nginx
vary
Origin
x-frame-options
DENY
style.css
a1dd1b7cde.news-xizagi.cc/lands/20/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a1dd1b7cde.news-xizagi.cc/lands/20/style.css
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-364"
content-type
text/css
accept-ranges
bytes
content-length
868
process.js
a1dd1b7cde.news-xizagi.cc/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1dd1b7cde.news-xizagi.cc/process.js?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
b553967d5c13e7b17ae6ad49a4b653b84e68cf577f5fe899a0e51d8b446e8e39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript; charset=utf-8
pragma
no-cache
date
Thu, 18 Apr 2024 00:58:21 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
vary
Origin
expires
0
revopush.js
a1dd1b7cde.news-xizagi.cc/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1dd1b7cde.news-xizagi.cc/revopush.js
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-1d30"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
7472
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 00:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 00:58:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 00:58:19 GMT
/
show.revopush.com/api/v1/inpage/show/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.revopush.com/api/v1/inpage/show/?uid=144073&subacc=8065025&sub1=&sub2=t53em1c9u9ht&sub3=&sub4=&adult=true&limit=1&traffic=adult
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/process.js?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.32.96 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
revopush-show-58.t.push.house
Software
nginx /
Resource Hash
6023eefac9757f2f06a57d53effd213ca5dec9517b09eaea70e3341e7ef449bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://a1dd1b7cde.news-xizagi.cc
date
Thu, 18 Apr 2024 00:58:19 GMT
content-encoding
br
accept-ch
Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server
nginx
vary
Origin
content-type
application/json
girls.jpg
a1dd1b7cde.news-xizagi.cc/lands/20/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1dd1b7cde.news-xizagi.cc/lands/20/girls.jpg
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/lands/20/style.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
accept-ranges
bytes
etag
"6602cb4c-24ee6"
content-length
151270
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://a1dd1b7cde.news-xizagi.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:51:34 GMT
x-content-type-options
nosniff
age
410805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 06:51:34 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://a1dd1b7cde.news-xizagi.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 05:38:27 GMT
x-content-type-options
nosniff
age
328792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Apr 2025 05:38:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://a1dd1b7cde.news-xizagi.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 18:08:13 GMT
x-content-type-options
nosniff
age
456606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 18:08:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://a1dd1b7cde.news-xizagi.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:10:19 GMT
x-content-type-options
nosniff
age
161280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 04:10:19 GMT
favicon.ico
a1dd1b7cde.news-xizagi.cc/ 		548 B
622 B 		Other
General
Check archive.org
Download Go to
Full URL
https://a1dd1b7cde.news-xizagi.cc/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
server
nginx
content-length
548
content-type
text/html; charset=utf-8
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp
s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/
Redirect Chain
  • https://img.cdn.house/i/1/ANzZBD9KejSzryaaJh1cd73_9VEz1yJ-HgwwZLMJaZmY7sdgRs1EZk3RGKrTZScEReUtT-RGtCmA-R0hBR92nhFofLfd8acCNYniKXlo05MGFjt7ZvIoN0cRikRZSfxz_sUORyCxvscqSLuy7OFNhgiUiyxf3r5nEuBC2q0KtP9...
  • https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1713401899-ylhqMVrj7BUbE...
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1713401899-ylhqMVrj7BUbEMN3EBivEqYDyasOsiBh1VCJoH1qsp4
Protocol
H3
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e526ddebbb0cc593e1aff178209caa3be9eab6d933e0574a69d487d1d88148f8

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://a1dd1b7cde.news-xizagi.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Apr 2024 00:58:20 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Aug 2022 16:05:31 GMT
x-mg-request-uuid
07400381-374a-4916-9b7f-b813a0f278b5
server
cloudflare
age
2649346
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8760b4b33b679ff9-AMS
content-length
5166
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://s-img.adskeeper.com/g/2287380/200x200/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDYvMTAxOTI0L2Y2YjM5NTI5YjIxNDhhOTI1NmU5ODUzNjMwZjZjMjJjLmpwZw.webp?v=1713401899-ylhqMVrj7BUbEMN3EBivEqYDyasOsiBh1VCJoH1qsp4
date
Thu, 18 Apr 2024 00:58:19 GMT
server
nginx
content-length
0
reject
a1dd1b7cde.news-xizagi.cc/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a1dd1b7cde.news-xizagi.cc/reject
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 18 Apr 2024 00:58:22 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
Primary Request /
8427dd3169.news-vakuba.cc/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Requested by
Host: a1dd1b7cde.news-xizagi.cc
URL: https://a1dd1b7cde.news-xizagi.cc/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b658f3958ff6be02e71317f779f207a199bb957f7aadb01a13a0faa4f690e618
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://a1dd1b7cde.news-xizagi.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
1627
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 00:58:21 GMT
server
nginx
vary
Origin
x-frame-options
DENY
style.css
8427dd3169.news-vakuba.cc/lands/20/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8427dd3169.news-vakuba.cc/lands/20/style.css
Requested by
Host: 8427dd3169.news-vakuba.cc
URL: https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-364"
content-type
text/css
accept-ranges
bytes
content-length
868
process.js
8427dd3169.news-vakuba.cc/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8427dd3169.news-vakuba.cc/process.js?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=
Requested by
Host: 8427dd3169.news-vakuba.cc
URL: https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
73a1a4a41cab7b41b8876845f6c2085ffa487939f19bcae56b454b0814682247

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript; charset=utf-8
pragma
no-cache
date
Thu, 18 Apr 2024 00:58:21 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
vary
Origin
expires
0
revopush.js
8427dd3169.news-vakuba.cc/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8427dd3169.news-vakuba.cc/revopush.js
Requested by
Host: 8427dd3169.news-vakuba.cc
URL: https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-1d30"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
7472
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: 8427dd3169.news-vakuba.cc
URL: https://8427dd3169.news-vakuba.cc/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 00:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 00:58:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 00:58:21 GMT
/
show.revopush.com/api/v1/inpage/show/ 		750 B
906 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.revopush.com/api/v1/inpage/show/?uid=144073&subacc=8065025&sub1=&sub2=t53em1c9u9ht&sub3=&sub4=&adult=true&limit=1&traffic=adult
Requested by
Host: 8427dd3169.news-vakuba.cc
URL: https://8427dd3169.news-vakuba.cc/process.js?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.56.162 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dd0bfaefe6688c2cbfdd59cd158e1f82fec99de6d3228d40d64d01a5568d1706

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://8427dd3169.news-vakuba.cc
date
Thu, 18 Apr 2024 00:58:21 GMT
content-encoding
br
accept-ch
Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server
nginx
vary
Origin
content-type
application/json
girls.jpg
8427dd3169.news-vakuba.cc/lands/20/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8427dd3169.news-vakuba.cc/lands/20/girls.jpg
Requested by
Host: 8427dd3169.news-vakuba.cc
URL: https://8427dd3169.news-vakuba.cc/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/lands/20/style.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
accept-ranges
bytes
etag
"6602cb4c-24ee6"
content-length
151270
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://8427dd3169.news-vakuba.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:51:34 GMT
x-content-type-options
nosniff
age
410807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 06:51:34 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://8427dd3169.news-vakuba.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 05:38:27 GMT
x-content-type-options
nosniff
age
328794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Apr 2025 05:38:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://8427dd3169.news-vakuba.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 18:08:13 GMT
x-content-type-options
nosniff
age
456608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 18:08:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://8427dd3169.news-vakuba.cc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:10:19 GMT
x-content-type-options
nosniff
age
161282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 04:10:19 GMT
favicon.ico
8427dd3169.news-vakuba.cc/ 		548 B
622 B 		Other
General
Check archive.org
Download Go to
Full URL
https://8427dd3169.news-vakuba.cc/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
server
nginx
content-length
548
content-type
text/html; charset=utf-8
ccBMwKxbtneyVeszmpWouXytImjtBpSlWzvyXohqq8NikOpcRB2zkrz5cMPZt-wj_TZLOSOmB0Np7KoiyCjQ5vH4-XCyXyaNRF6nX9rjfuU0NyudOwpUFFZMVkoLsY9-Cte0Ds_Mg0-4_rXj5YSP4LSnCXXM_Srmvyaz5BkdARTyFG_90MVrPFN1ZapnAgLFZO3A
img.cdn.house/i/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdn.house/i/1/ccBMwKxbtneyVeszmpWouXytImjtBpSlWzvyXohqq8NikOpcRB2zkrz5cMPZt-wj_TZLOSOmB0Np7KoiyCjQ5vH4-XCyXyaNRF6nX9rjfuU0NyudOwpUFFZMVkoLsY9-Cte0Ds_Mg0-4_rXj5YSP4LSnCXXM_Srmvyaz5BkdARTyFG_90MVrPFN1ZapnAgLFZO3A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.197.87 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b915d61474bc74df5223729d51093332241e0d709f1cd1037fa43be7f2ce179c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://8427dd3169.news-vakuba.cc/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 00:58:21 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Wed, 26 Jul 2023 15:41:46 GMT
server
nginx
accept-ranges
bytes
content-length
3040
content-type
image/webp

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
yalena.fun/ Name: _subid
Value: t53em1c9u9ht
yalena.fun/ Name: 330d8
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjc5NFwiOjE3MTM0MDE4OTV9LFwiY2FtcGFpZ25zXCI6e1wiMTk4XCI6MTcxMzQwMTg5NX0sXCJ0aW1lXCI6MTcxMzQwMTg5NX0ifQ.LLRQaCI6Dcl3JFWLwB8fi7LExzSaRMLRYBWGd32cuME
yalena.fun/ Name: _token
Value: uuid_t53em1c9u9ht_t53em1c9u9ht66207027d933c6.73971439

5 Console Messages

Source Level URL
Text
other error URL: https://news-xafehe.com/?id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other error URL: https://a1dd1b7cde.news-xizagi.cc/?i=1&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://a1dd1b7cde.news-xizagi.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://8427dd3169.news-vakuba.cc/?i=2&id=8065025&p1=&p2=t53em1c9u9ht&p3=&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://8427dd3169.news-vakuba.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8427dd3169.news-vakuba.cc
a1dd1b7cde.news-xizagi.cc
fonts.googleapis.com
fonts.gstatic.com
img.cdn.house
news-sizeja.cc
news-xafehe.com
s-img.adskeeper.com
show.revopush.com
yalena.fun
136.243.42.50
144.76.56.162
172.64.152.106
188.114.96.3
23.158.56.123
23.158.56.201
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
5.9.110.111
5.9.197.87
65.109.24.247
78.46.76.54
94.130.32.96
95.216.65.178
0912783a556991011342b9b64872da4e62f0067bb744183da82d968f1a0850cd
15bf9333a2eab5f29ff2afd52c93eb5c93a6144a848c744d8d9ec82cbf86575c
283af8facdaf257afdc6b42787311515246da21cd51dd4e440ca1eeb1788acc2
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
2e16a8be2606e14ebe051e23b1e5cf7557fd803c3e35b4e7405acd392f639a0f
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
5a1177c3d39939ceefdd27ed8c16167cd354e214c9d50ecd77813eee88a15c13
6023eefac9757f2f06a57d53effd213ca5dec9517b09eaea70e3341e7ef449bc
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
73a1a4a41cab7b41b8876845f6c2085ffa487939f19bcae56b454b0814682247
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533
b553967d5c13e7b17ae6ad49a4b653b84e68cf577f5fe899a0e51d8b446e8e39
b658f3958ff6be02e71317f779f207a199bb957f7aadb01a13a0faa4f690e618
b915d61474bc74df5223729d51093332241e0d709f1cd1037fa43be7f2ce179c
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dd0bfaefe6688c2cbfdd59cd158e1f82fec99de6d3228d40d64d01a5568d1706
e526ddebbb0cc593e1aff178209caa3be9eab6d933e0574a69d487d1d88148f8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615