clck.mgid.com Open in urlscan Pro
104.19.130.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxheh...
Effective URL:
https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMr...
Submission: On June 26 via api (June 26th 2024, 12:43:30 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 104.19.130.76, located in and belongs to CLOUDFLARENET, US. The main domain is clck.mgid.com. The Cisco Umbrella rank of the primary domain is 37550.
TLS certificate: Issued by E1 on May 9th 2024. Valid for: 3 months.

This is the only time clck.mgid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 6	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3 3	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
2 22	104.19.130.76 104.19.130.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	18.244.18.38 18.244.18.38	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
5	104.19.133.76 104.19.133.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.92 13.33.187.92	() ()
43	10

6 173.214.240.15 (United States) 3 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

chicagochronicles3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
atlantanews1.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.182.164.180 (United States) 3 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.pushsupreme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.rexsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.19.130.76 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clck.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.133.76 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.92 (None, )

ASN- ()

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	mgid.com 2 redirects c.mgid.com — Cisco Umbrella Rank: 5892 s-img.mgid.com — Cisco Umbrella Rank: 8542 clck.mgid.com — Cisco Umbrella Rank: 37550 cdn.mgid.com — Cisco Umbrella Rank: 11014 a.mgid.com — Cisco Umbrella Rank: 12834 jsc.mgid.com — Cisco Umbrella Rank: 8325	487 KB
4	atlantanews1.xyz 1 redirects atlantanews1.xyz	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com	60 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 188	3 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	pushsupreme.com 2 redirects xml.pushsupreme.com — Cisco Umbrella Rank: 105576	988 B
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 745	17 KB
1	rexsrv.com 1 redirects xml.rexsrv.com — Cisco Umbrella Rank: 77461	670 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	freetrckr.com 1 redirects freetrckr.com — Cisco Umbrella Rank: 672301	340 B
1	chicagochronicles3.xyz 1 redirects chicagochronicles3.xyz	120 B
0	hotjar.io Failed vc.hotjar.io Failed
0	google.com Failed www.google.com Failed
0	adrta.com Failed ipds.adrta.com Failed
43	14

	Domain	Requested by
14	cdn.mgid.com	clck.mgid.com cdn.mgid.com
5	s-img.mgid.com	atlantanews1.xyz clck.mgid.com
4	atlantanews1.xyz	1 redirects atlantanews1.xyz
2	sb.scorecardresearch.com	clck.mgid.com
2	jsc.mgid.com	clck.mgid.com jsc.mgid.com
2	a.mgid.com	clck.mgid.com
2	clck.mgid.com	atlantanews1.xyz clck.mgid.com
2	fonts.gstatic.com	fonts.googleapis.com
2	c.mgid.com	2 redirects clck.mgid.com
2	xml.pushsupreme.com	2 redirects
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	clck.mgid.com
1	ssl.google-analytics.com	clck.mgid.com
1	xml.rexsrv.com	1 redirects
1	fonts.googleapis.com	atlantanews1.xyz
1	freetrckr.com	1 redirects
1	chicagochronicles3.xyz	1 redirects
0	vc.hotjar.io Failed	script.hotjar.com
0	www.google.com Failed	clck.mgid.com
0	ipds.adrta.com Failed	clck.mgid.com
43	20

This site contains no links.

Subject Issuer	Validity	Valid
fresharticles3.xyz E5	`2024-06-25` - `2024-09-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
mgid.com E1	`2024-05-09` - `2024-08-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Frame ID: 776BC1C46A8AF70C6600D4D157C9C245
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Want to buy cryptocurrency?

Page URL History Show full URLs

http://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymi... HTTP 307
https://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymi... HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0Ex... Page URL
https://xml.pushsupreme.com/click?s=1&tid=1753&sid=98aa89ec7a781a6b52f87d22db5062c2&rnd=399529020 HTTP 302
https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QI... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

79 %
HTTPS

30 %
IPv6

14
Domains

20
Subdomains

10
IPs

3
Countries

601 kB
Transfer

1234 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqyltm0mtmymzy4oge5zgeyzjk4ogm5ztcxodayn2y0owjkltm5njktmc4wmdazmjylmjilnuqln0q%3d&t=1719153582479&rnd=217053...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 307
https://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqyltm0mtmymzy4oge5zgeyzjk4ogm5ztcxodayn2y0owjkltm5njktmc4wmdazmjylmjilnuqln0q%3d&t=1719153582479&rnd=217053...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.pushsupreme.com/click?s=1&tid=1753&sid=98aa89ec7a781a6b52f87d22db5062c2&rnd=399529020 HTTP 302
https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqyltm0mtmymzy4oge5zgeyzjk4ogm5ztcxodayn2y0owjkltm5njktmc4wmdazmjylmjilnuqln0q%3d&t=1719153582479&rnd=217053...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 307
https://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqyltm0mtmymzy4oge5zgeyzjk4ogm5ztcxodayn2y0owjkltm5njktmc4wmdazmjylmjilnuqln0q%3d&t=1719153582479&rnd=217053...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://atlantanews1.xyz/event_03db6ea1-451c-cfaa-e05d-2a6c28457a9f_533_3952_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaHN1cHJlbWUuY29tJTJGaWNvbiUzRnNpZCUzRDk4YWE4OWVjN2E3ODFhNmI1MmY4N2QyMmRiNTA2MmMyJTI2cm5kJTNEMTYwNzMzODcz&t=1719362606007&rnd=376984689&i=1 HTTP 302
https://xml.pushsupreme.com/icon?sid=98aa89ec7a781a6b52f87d22db5062c2&rnd=160733873 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&rid=18aade19-3355-11ef-b1e4-c84bd6826564&psid=178149&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTM2MjYwNS04a3kxS1A5UW9kdnJSUDk1MnhIS01YeW9TLVMxczZQRnJTb0FZUlJNWEp3 HTTP 301
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719362605-8ky1KP9QodvrRP952xHKMXyoS-S1s6PFrSoAYRRMXJw

Request Chain 4

https://xml.rexsrv.com/icon?sid=79f8c305b7364ddee7d41e2fc069b2f7&rnd=61128564 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&rid=18aabdb9-3355-11ef-a2db-c84bd6836428&psid=106801&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTM2MjYwNS04a3kxS1A5UW9kdnJSUDk1MnhIS01YeW9TLVMxczZQRnJTb0FZUlJNWEp3 HTTP 301
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719362605-8ky1KP9QodvrRP952xHKMXyoS-S1s6PFrSoAYRRMXJw

Request Chain 31

https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=18921166&publisherId=57905732&siteId=935692&kv1=492x328&kv2=https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=&kv3=-&kv4=-&kv5=178149&kv6=afrd_click_Ntrz&kv7=840045&kv11=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&kv12=18aade19-3355-11ef-b1e4-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36 HTTP 302
https://ipds.adrta.com/i?__x=NECJLJEODGFMCG@ILOINFKMFOIONMNPPHKCGMFNKMGMIFMIECIELJMNIJLNHOLJGEIQBFNIOIKGNHENLFAHLOIJKNNNLKMGLIMFLL@INFPKLHKFHNIGCFAE@H&clid=mgid&paid=mgid&avid=-&caid=-&plid=18921166&publisherId=57905732&siteId=935692&kv1=492x328&kv2=https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=&kv3=-&kv4=-&kv5=178149&kv6=afrd_click_Ntrz&kv7=840045&kv11=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&kv12=18aade19-3355-11ef-b1e4-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36

Request Chain 34

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271505363&utmhn=clck.mgid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Want%20to%20buy%20cryptocurrency%3F&utmhid=1363375791&utmr=-&utmp=%2Fproduct_transit_page&utmht=1719362610488&utmac=UA-7107067-1&utmcc=__utma%3D1.383421970.1719362610.1719362610.1719362610.1%3B%2B__utmz%3D1.1719362610.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1933149806&utmredir=1&utmu=qFCAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7107067-1&cid=383421970.1719362610&jid=1933149806&_v=5.7.2&z=1271505363 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7107067-1&cid=383421970.1719362610&jid=1933149806&_v=5.7.2&z=1271505363

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js Show response
atlantanews1.xyz/
Redirect Chain

http://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqyltm0mtmymzy4oge5zgeyzjk4o...
https://chicagochronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqyltm0mtmymzy4oge5zgeyzjk4...
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1
https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
2 KB

564ms
181ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 8563c226908d7a6acfe4c45a9f3c6eebce514e91a0a9e350c1e03492f207c795

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 26 Jun 2024 00:43:26 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Wed, 26 Jun 2024 00:43:25 GMT
location: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 204ms
50ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: atlantanews1.xyz
URL: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://atlantanews1.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jun 2024 00:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 00:30:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jun 2024 00:43:26 GMT

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain

https://atlantanews1.xyz/event_03db6ea1-451c-cfaa-e05d-2a6c28457a9f_533_3952_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaHN1cHJlbWUuY29tJTJGaWNvbiUzRnNpZCUzRDk4YWE4OWVjN2E3ODFhNmI1MmY4N2QyMmRiNTA2MmM...
https://xml.pushsupreme.com/icon?sid=98aa89ec7a781a6b52f87d22db5062c2&rnd=160733873
https://c.mgid.com/c?pv=2&v=0|0|0|Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J...
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...

8 KB
0

25ms
25ms

Image
image/webp

104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719362605-8ky1KP9QodvrRP952xHKMXyoS-S1s6PFrSoAYRRMXJw
Requested by: Host: atlantanews1.xyz
URL: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Server: 104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://atlantanews1.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 26 Jun 2024 00:43:26 GMT
cf-cache-status: HIT
last-modified: Mon, 20 May 2024 21:17:04 GMT
x-mg-request-uuid: 7c482241-3f2d-4c80-ba6b-abc16e15a79c
server: cloudflare
age: 75855
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 899929c53f66bbe2-WAW
content-length: 8376
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 26 Jun 2024 00:43:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 01c6c0a9-f8cd-4025-a8bc-c0774a986b50
server: cloudflare
location: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719362605-8ky1KP9QodvrRP952xHKMXyoS-S1s6PFrSoAYRRMXJw
cf-ray: 899929c4ef4ebbe2-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/453x227/-/ 8 KB
8 KB 138ms
73ms Image
image/webp 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18921166/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My80MTAyNjU1OWQyYjU0ZDIxZjBmMzk3YzE4YjU3YmJkYy5qcGc.webp?v=1719362605-EcDKbySQDUbJMhs2zQoMNmW2nbVvXotrt6oSaokLyLs

Requested by

Host: atlantanews1.xyz
URL: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://atlantanews1.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: e9960473-d4ce-4387-a956-e07728a123a3
age: 75842
alt-svc: h3=":443"; ma=86400
content-length: 7736
last-modified: Fri, 07 Jun 2024 11:57:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 899929c0ada3bbe2-WAW

GET
H3

200

https://xml.rexsrv.com/icon?sid=79f8c305b7364ddee7d41e2fc069b2f7&rnd=61128564
https://c.mgid.com/c?pv=2&v=0|0|0|Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&cid=1574325&f=1&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J...
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...

8 KB
8 KB

62ms
61ms

Image
image/webp

104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719362605-8ky1KP9QodvrRP952xHKMXyoS-S1s6PFrSoAYRRMXJw

Requested by

Host: atlantanews1.xyz
URL: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://atlantanews1.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 26 Jun 2024 00:43:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 7c482241-3f2d-4c80-ba6b-abc16e15a79c
age: 75855
alt-svc: h3=":443"; ma=86400
content-length: 8376
last-modified: Mon, 20 May 2024 21:17:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 899929c53f66bbe2-WAW

Redirect headers

date: Wed, 26 Jun 2024 00:43:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 64aa1e00-f14c-4286-9bf0-b3f5a2fa91ae
server: cloudflare
location: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719362605-8ky1KP9QodvrRP952xHKMXyoS-S1s6PFrSoAYRRMXJw
cf-ray: 899929c4af3cbbe2-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 177ms
51ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://atlantanews1.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 22:08:40 GMT
x-content-type-options: nosniff
age: 9286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 22:08:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 165ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://atlantanews1.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:43:19 GMT
x-content-type-options: nosniff
age: 36007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:43:19 GMT

GET
H2 404 favicon.ico
atlantanews1.xyz/ 548 B
245 B 181ms
181ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atlantanews1.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:27 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_03db6ea1-451c-cfaa-e05d-2a6c28457a9f_533_0_4001 Show response
atlantanews1.xyz/ 121 B
211 B 182ms
182ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atlantanews1.xyz/event_03db6ea1-451c-cfaa-e05d-2a6c28457a9f_533_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoc3VwcmVtZS5jb20lMjIlMkMlMjJ1JTIyJTNBJTVCJTIyMTc1My05OGFhODllYzdhNzgxYTZiNTJmODdkMjJkYjUwNjJjMi0zOTUyLTAuMDAwNDUxJTIyJTVEJTdE&t=1719362606007&rnd=671672764&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: atlantanews1.xyz
URL: https://atlantanews1.xyz/sw_c78219a3-848d-8611-068a-3cddc4ef7a89_533_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: bf42c4015f6e5afabfd9e1adc4311e67af775f2f507f98b3626d68a70fb1bfe2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:28 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H3

200

Primary Request 1 Show response
clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/
Redirect Chain

https://xml.pushsupreme.com/click?s=1&tid=1753&sid=98aa89ec7a781a6b52f87d22db5062c2&rnd=399529020
https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-1...

15 KB
5 KB

190ms
125ms

Document
text/html

104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=

Requested by

Host: atlantanews1.xyz
URL: https://atlantanews1.xyz/event_03db6ea1-451c-cfaa-e05d-2a6c28457a9f_533_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoc3VwcmVtZS5jb20lMjIlMkMlMjJ1JTIyJTNBJTVCJTIyMTc1My05OGFhODllYzdhNzgxYTZiNTJmODdkMjJkYjUwNjJjMi0zOTUyLTAuMDAwNDUxJTIyJTVEJTdE&t=1719362606007&rnd=671672764&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a0b5bb4fe9094353bec4f4b1536de28a6935434b39e6b20e903725bb1338fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 899929d20ea0bbc9-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Jun 2024 00:43:29 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-robots-tag: noindex

Redirect headers

date: Wed, 26 Jun 2024 00:43:28 GMT
location: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
server: nginx

GET
H3 200 new_desktop.css
cdn.mgid.com/css/tranzit/goods/mgid/ 9 KB
3 KB 71ms
63ms Stylesheet
text/css 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800

Requested by

Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10661c5570ad8e892529eb261134bb7b395bde91ebd72d382bb5f1b8ed83ccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GQXN1AH3C5T2QTQC
age: 4613
cf-polished: origSize=13317
alt-svc: h3=":443"; ma=86400
x-amz-id-2: btJhXzzsKsQexQiXBUmOvV5qs7c3KzPlkvpUsWfcOBMQ/G5kEdfwPB26M9KCCw3z/Sjlji1q03cxdRyFZnYncGNXkLvOfcnE
cf-bgj: minify
last-modified: Wed, 02 Jun 2021 14:35:47 GMT
x-amz-meta-s3cmd-attrs: atime:1622644538/ctime:1622644538/gid:0/gname:root/md5:462a72c8852f7f974e14188825b26ff8/mode:33206/mtime:1622644538/uid:0/uname:root
server: cloudflare
etag: W/"462a72c8852f7f974e14188825b26ff8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d2eefcbbc9-WAW
expires: Thu, 27 Jun 2024 00:43:29 GMT

GET
H3 200 jquery.min.js Show response
cdn.mgid.com/js/ 89 KB
32 KB 124ms
115ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/js/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GZ3GTVXTAB6Q9QAD
age: 3207
alt-svc: h3=":443"; ma=86400
x-amz-id-2: x5ThQCgVlNeeYR9KOTx/x0touWRAGIHjwcWdQBm3DBZ/54YGDIpmYYW79ty1raugJ9h6HaL51GY=
last-modified: Mon, 04 May 2020 12:18:10 GMT
server: cloudflare
etag: W/"a1a8cb16a060f6280a767187fd22e037"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d2eefdbbc9-WAW
expires: Thu, 27 Jun 2024 00:43:29 GMT

GET
H3 200 banner.js Show response
cdn.mgid.com/js/cookies/ 18 KB
7 KB 72ms
64ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/js/cookies/banner.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ae7e450865b8ae4a29e8c253f3dd839ac48632da39fd16ea16d91df5a2ed02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
x-amz-version-id: Th8hJvjaA21_DnaeFzY0yo1EdAXu_gDo
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GZ3SQ5484WYMY297
age: 3207
cf-polished: origSize=18304
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: brsDX1WWYg7z/d5vVzq1qOpTYCFtEMEPTQcVq8hrMfW9KtBmX09n81oPugPhUAnn/cOZM8ZqIb4=
cf-bgj: minify
last-modified: Wed, 12 Oct 2022 07:15:42 GMT
x-amz-meta-s3cmd-attrs: atime:1665558931/ctime:1665558931/gid:0/gname:root/md5:023fa59f04bd7278e43c542bc29cda3d/mode:33206/mtime:1665558931/uid:0/uname:root
server: cloudflare
etag: W/"023fa59f04bd7278e43c542bc29cda3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d2eefebbc9-WAW
expires: Thu, 27 Jun 2024 00:43:29 GMT

GET
H3 200 script.js Show response
cdn.mgid.com/js/tranzit/goods/mgid/desktop/ 6 KB
2 KB 1193ms
1185ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/js/tranzit/goods/mgid/desktop/script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a30834775f75e10794a149465a2bf1cd2b424caf0de4c772572f08f150797acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: 1fG_Hh8HbPsezjAhRlET.baFkOEfjW9p
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: PEKPRF1SFXVKTK7P
cf-polished: origSize=10982
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1DTsOvl+d5V/hpTxz0RtNvm/RIaGcN1C4U9tc9HMkwPFYpAgjAAhipzpu/7cItQ5ccPB/w3w/uQ=
cf-bgj: minify
last-modified: Mon, 29 Aug 2022 09:05:08 GMT
x-amz-meta-s3cmd-attrs: atime:1661763897/ctime:1661763897/gid:0/gname:root/md5:38b4e303087327ffe7b2f22f1a2bc384/mode:33206/mtime:1661763897/uid:0/uname:root
server: cloudflare
etag: W/"38b4e303087327ffe7b2f22f1a2bc384"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d2ef00bbc9-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 73ms
65ms Image
image/svg+xml 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5T6W39NV53R6TG2Y
age: 2101
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RkH5xPj44W792paudg5lUM2vDc/8VxOrsTtcODWCThmcs2j2rwCyTzmZLuX8GXZfuENzgcTWETM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d2eef7bbc9-WAW
expires: Thu, 27 Jun 2024 00:43:29 GMT

GET
H3 200 icon_white_shield_header.svg
cdn.mgid.com/images/tranzit/goods/mgid/ 2 KB
1 KB 1609ms
1601ms Image
image/svg+xml 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/tranzit/goods/mgid/icon_white_shield_header.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0232226e236d14a21f5001ac3735aef37c27644dd81d474dc3b101325942b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ETW09X77W0ER398A
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7p3ns5lJ0cj30CHEVhIs2X0s0M8QOgnjIqKaHzAhh7gu3nzrTp3qzXxkfgJb6Xr+NRspUR0iwCk=
last-modified: Mon, 04 May 2020 12:16:57 GMT
server: cloudflare
etag: W/"5985b195e10843d5848b6452d675d9ab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d2ef01bbc9-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/492x328/-/ 20 KB
21 KB 61ms
60ms Image
image/jpeg 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18921166/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My80MTAyNjU1OWQyYjU0ZDIxZjBmMzk3YzE4YjU3YmJkYy5qcGc.jpg?v=1719362608-mkswdt4-Hn_x6tkmY_mw574Jkk4q_6V2YAYifH0Hx-U

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cd0184c9a4f8e3caf6b3f65cd97c21384205eb495b8c9b546d15cc5a989e698

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 615d9081-aa0b-4eac-b27d-7a6dc4ea1718
age: 353390
cf-polished: origSize=21959
alt-svc: h3=":443"; ma=86400
content-length: 20969
cf-bgj: imgq:100,h2pri
last-modified: Fri, 21 Jun 2024 22:33:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 899929d3af52bbc9-WAW

GET
H3 200 img.png
cdn.mgid.com/images/tranzit/ 68 B
604 B 62ms
62ms Image
image/png 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/tranzit/img.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ETW92V459BXMG36W
age: 3206
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 68
x-amz-id-2: vpUVsjOhvFuODbseLyWSh2ihoNIyurJwrkBeETZtiKFs3r+Em9aEgpiRAXoEWVf3XbJRZIRn9gQ=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 24 Mar 2022 17:14:24 GMT
x-amz-meta-s3cmd-attrs: atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root
server: cloudflare
etag: "91e42db1c66c0b276abf6234dc50b2eb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 899929da5a9abbc9-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 tracking.js Show response
cdn.mgid.com/transit/ 2 KB
1 KB 62ms
62ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/transit/tracking.js?t=1719298800

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: J7ZZV4PJSZ425S2P
age: 5815
cf-polished: origSize=3494
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eqsfz+zFYBgdDjPIa8Oqcc04G5tpT324gHjPBmRzFZUw7TY9KI+cwlnXH7DK6scgB1oDzw72ajE=
cf-bgj: minify
last-modified: Mon, 04 May 2020 12:18:45 GMT
server: cloudflare
etag: W/"1c5cadbe93778de01d8453e269cb0be3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929d41f8dbbc9-WAW
expires: Thu, 27 Jun 2024 00:43:29 GMT

GET
H3 200 dojo-other.js Show response
clck.mgid.com/build/ 69 KB
28 KB 71ms
71ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.mgid.com/build/dojo-other.js?t=fc89bc18d7b35d3d60eb704619c9b16d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a2c1e232d431bc16f02193ceb8fcd82e9f20798ab430dffb12e2da41b0ca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.126"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Jun 2024 09:15:28 GMT
server: cloudflare
etag: W/"66715030-112df"
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 899929da5a9cbbc9-WAW
access-control-allow-headers: *
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 touchpoints-sensor.js Show response
a.mgid.com/ 3 KB
1 KB 183ms
175ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/touchpoints-sensor.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98c4f22c9c8dc6a974276ebf08497fdf1b5d12d581f9a29c83a22ff8801170f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-mg-request-uuid: 0243520a-3902-4a10-97c0-1a0e0e5cdd10
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 899929d49fbebbc9-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frpt.js Show response
cdn.mgid.com/js/ 77 KB
29 KB 65ms
65ms Script
application/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/js/frpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455c0cf3199c0d5eac170509b804776e1f18fb6c131f691660bf27a3952a335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: wH0_22p7dfcIxPdSIg4.3iu9LTGYLZqF
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: GZ3STDXXW57MBM6D
age: 3667
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b62Bx23yfn8yh+oCgLnXuSw8XLITK3zWa7d+Qv8Z+7TV/tSSe0oEQX1ggxejI67JsunFY0azCXI=
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 09:00:01 GMT
x-amz-meta-s3cmd-attrs: atime:1708937995/ctime:1708937995/gid:0/gname:root/md5:55ad86c8cb4471b5ab1c24760fe9a39b/mode:33188/mtime:1708937711/uid:0/uname:root
server: cloudflare
etag: W/"55ad86c8cb4471b5ab1c24760fe9a39b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 899929da5a9dbbc9-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 img.png
cdn.mgid.com/images/tranzit/ 68 B
0 61ms
61ms Image
image/png 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/tranzit/img.png
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: ETW92V459BXMG36W
age: 3206
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 68
x-amz-id-2: vpUVsjOhvFuODbseLyWSh2ihoNIyurJwrkBeETZtiKFs3r+Em9aEgpiRAXoEWVf3XbJRZIRn9gQ=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 24 Mar 2022 17:14:24 GMT
x-amz-meta-s3cmd-attrs: atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root
server: cloudflare
etag: "91e42db1c66c0b276abf6234dc50b2eb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 899929da5a9abbc9-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 mgid.com.700985.js Show response
jsc.mgid.com/m/g/ 6 KB
3 KB 118ms
109ms Script
text/javascript 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/g/mgid.com.700985.js?t=1245324330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee36b8e534b37def11de9fc374cacf02a89eccff3de519bea1f95ceb25145fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: KX8ahPgVDAEdi4vKIIaofm6CTPm5GA5g
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZTHH13BPHQY70N0P
age: 2614
cf-polished: origSize=6050
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Qbegxh8PVHAawKDQClMmQqrDh6k1UL3/TFQ6iqlHYgFgkgYAz2WE9P7g9ZHnE5cglmGQZqv8EoI=
cf-bgj: minify
last-modified: Mon, 27 May 2024 10:12:06 GMT
server: cloudflare
etag: W/"f95ddd9d675b0a90136710a96c605629"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 899929da6a9fbbc9-WAW
expires: Wed, 26 Jun 2024 03:43:30 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 142ms
44ms Script
text/javascript 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 04:34:53 GMT
content-encoding: gzip
via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 72518
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: yGtDL69_6oE9zLzl6knXAd-jnE4umT0_daiGs4AVtIDzzFEenT_mIw==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 142ms
42ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jun 2024 22:51:36 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6714
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 26 Jun 2024 00:51:36 GMT

GET
H2 200 hotjar-2590724.js Show response
static.hotjar.com/c/ 9 KB
4 KB 149ms
41ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2590724.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

36022956bb18d895882e1f1734d730035bf0945801c55cb62883c9737a2811d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 26 Jun 2024 00:42:51 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 42
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/4b8b66c71691e774633e9f041b011ccc
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: ONnV_PkAvzuJV9Byt2Jf9KjZ1gJJLUHn8eb6HwGTEUZe6Ed4n2zJ3A==

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/492x328/-/ 20 KB
0 0ms
0ms Image
image/jpeg 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/18921166/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My80MTAyNjU1OWQyYjU0ZDIxZjBmMzk3YzE4YjU3YmJkYy5qcGc.jpg?v=1719362608-mkswdt4-Hn_x6tkmY_mw574Jkk4q_6V2YAYifH0Hx-U
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd0184c9a4f8e3caf6b3f65cd97c21384205eb495b8c9b546d15cc5a989e698

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 615d9081-aa0b-4eac-b27d-7a6dc4ea1718
age: 353390
cf-polished: origSize=21959
alt-svc: h3=":443"; ma=86400
content-length: 20969
cf-bgj: imgq:100,h2pri
last-modified: Fri, 21 Jun 2024 22:33:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 899929d3af52bbc9-WAW

GET
H3 200 Roboto-Light.woff2
cdn.mgid.com/css/tranzit/goods/mgid/fonts/ 64 KB
65 KB 303ms
225ms Font
binary/octet-stream 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/css/tranzit/goods/mgid/fonts/Roboto-Light.woff2

Requested by

Host: cdn.mgid.com
URL: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7647a0d506e3254bb9329e259cf95630bdc9795052c8ff8badaa428c5e9d7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800
Origin: https://clck.mgid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0B5725RN0HZH7993
age: 6789
alt-svc: h3=":443"; ma=86400
content-length: 65512
x-amz-id-2: trpTaEqHLLmXQXFmHy4jWwgS2Z5L+CmkviDFVvn4N4FKhi4G/6Cdq0UtxGGXDq+CUNSd6ZPhaM8=
last-modified: Mon, 04 May 2020 12:16:33 GMT
server: cloudflare
etag: "ed4b08d2702fa26acc324ef1e89ae837"
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 899929dae802c40a-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 Roboto-Medium.woff2
cdn.mgid.com/css/tranzit/goods/mgid/fonts/ 65 KB
66 KB 353ms
276ms Font
binary/octet-stream 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/css/tranzit/goods/mgid/fonts/Roboto-Medium.woff2

Requested by

Host: cdn.mgid.com
URL: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800
Origin: https://clck.mgid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 0B5DRZ0NCDXBQ1X0
age: 6789
alt-svc: h3=":443"; ma=86400
content-length: 66792
x-amz-id-2: jqwSThisLOSCHc4YuopCD9UIU3yMZ3dVsKOgAYDPQW1xeMNzc8kJLGQAVl4EnyYyjI/wVIu30d8=
last-modified: Mon, 04 May 2020 12:16:33 GMT
server: cloudflare
etag: "50d01d3e6c994995bcaf829e63d53d1a"
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 899929dae803c40a-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 YSText-Regular.woff2
cdn.mgid.com/css/tranzit/goods/mgid/fonts/ 42 KB
43 KB 138ms
61ms Font
binary/octet-stream 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/css/tranzit/goods/mgid/fonts/YSText-Regular.woff2

Requested by

Host: cdn.mgid.com
URL: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

427f528f5d190e0e3275d8a1fc40bad36fede3da064b33f29dc8fe6e614ff2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800
Origin: https://clck.mgid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: ZWEKVTVJ7BSFHJE7
age: 3205
alt-svc: h3=":443"; ma=86400
content-length: 43112
x-amz-id-2: oaj0TiLK01ag52im73zJI8pKN4ea9zTQawoyNt5r9BlYQJXpHwv9dlLZzLirmXJNBbDFIHp6RLI=
last-modified: Mon, 04 May 2020 12:16:34 GMT
server: cloudflare
etag: "f8883ab9c4a452a0bfe3c5cf9619db86"
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 899929daeffdc40a-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET
H3 200 Roboto-Regular.woff2
cdn.mgid.com/css/tranzit/goods/mgid/fonts/ 64 KB
65 KB 242ms
165ms Font
binary/octet-stream 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/css/tranzit/goods/mgid/fonts/Roboto-Regular.woff2

Requested by

Host: cdn.mgid.com
URL: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.mgid.com/css/tranzit/goods/mgid/new_desktop.css?t=1719298800
Origin: https://clck.mgid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 92M5C1TXQBCYJ9ZF
age: 3206
alt-svc: h3=":443"; ma=86400
content-length: 65916
x-amz-id-2: urbOYMaXM6HLnUmVj2Nxfevx3xExaf9I5V2tSnxYg+ALOjpuMSJ8TLwb82fvFr3lrnzWuGJeSsE=
last-modified: Mon, 04 May 2020 12:16:33 GMT
server: cloudflare
etag: "9feb0110b6dff9ee2b9ebd17f7a1aee6"
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 899929daefffc40a-WAW
expires: Thu, 27 Jun 2024 00:43:30 GMT

GET

i
ipds.adrta.com/
Redirect Chain

https://adrta.com/i?clid=mgid&paid=mgid&avid=-&caid=-&plid=18921166&publisherId=57905732&siteId=935692&kv1=492x328&kv2=https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0o...
https://ipds.adrta.com/i?__x=NECJLJEODGFMCG@ILOINFKMFOIONMNPPHKCGMFNKMGMIFMIECIELJMNIJLNHOLJGEIQBFNIOIKGNHENLFAHLOIJKNNNLKMGLIMFLL@INFPKLHKFHNIGCFAE@H&clid=mgid&paid=mgid&avid=-&caid=-&plid=1892116...

0
0

GET
H3 200 mgid.com.700985.es6.js Show response
jsc.mgid.com/m/g/ 309 KB
96 KB 220ms
220ms Script
text/javascript 104.19.133.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/m/g/mgid.com.700985.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/g/mgid.com.700985.js?t=1245324330

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.133.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd681485c5979e520205635f271d3872fd2282d4c152129dabd442c3a677bc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Origin: https://clck.mgid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
x-amz-version-id: S.t.9mHDfsRgNZlM9wZOBxUHag1hDcdc
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: JJ42K6TSVP4P8DQ4
age: 2613
cf-polished: origSize=316147
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uMWuRYY7+DMIjej65Sv6t3KiXojQAG62TCTp60EKqOiLIMWg+GREkuy00sYMhlzDSE2PmlmVKIY=
cf-bgj: minify
last-modified: Mon, 27 May 2024 10:12:05 GMT
server: cloudflare
etag: W/"631e6f31554bca0aa71bf4eb42aab0ca"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 899929db4829c40a-WAW
expires: Wed, 26 Jun 2024 03:43:30 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 43ms
43ms Image
text/plain 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=7808155&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1719362610420&ns_c=UTF-8&c3=&c4=&c5=&c6=&c15=&c7=https%3A%2F%2Fclck.mgid.com%2Fghits%2F18921166%2Fi%2F57905732%2F0%2Fsrc%2F37083%2Fpp%2F1%2F1%3Fh%3DPxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*%26rid%3D18aade19-3355-11ef-b1e4-c84bd6826564%26tt%3DDirect%26att%3D3%26pubsrcid%3D178149%26cpm%3D1%26ct%3D1%26st%3D120%26h2%3DvlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L%26euid%3D&c8=Want%20to%20buy%20cryptocurrency%3F&c9=
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: jW2_et0b095We4NjCkj6_kyuS-2J7bynTEiSH0bWoX6QWCZuxGllLA==
x-cache: Miss from cloudfront

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271505363&utmhn=clck.mgid.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Want%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7107067-1&cid=383421970.1719362610&jid=1933149806&_v=5.7.2&z=1271505363
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7107067-1&cid=383421970.1719362610&jid=1933149806&_v=5.7.2&z=1271505363

0
0

GET
H2 200 modules.de6b9e294c29aa146ba1.js Show response
script.hotjar.com/ 223 KB
56 KB 220ms
44ms Script
application/javascript 13.33.187.92

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.de6b9e294c29aa146ba1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.92 -, , ASN (),

Reverse DNS

Software

Resource Hash

743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 137663
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56329
last-modified: Mon, 24 Jun 2024 10:28:38 GMT
etag: "008a76cf1200a93494425164a6546e72"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Xix8Z1gS17HTpMrJqnT0tOKQRTstfaPQOr-BMya5s45gfEfPTo6ZOw==

GET
H3 200 pixel.gif
a.mgid.com/ 43 B
184 B 169ms
169ms Image
image/gif 104.19.130.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/pixel.gif?utm_content=&utm_term=&utm_source=&utm_campaign=&utm_medium=&frpt=7d0f59b61276d3f472308830f16aae15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://clck.mgid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 00:43:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 899929dc3b25bbc9-WAW
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 2b4f3d39-13d2-4587-b980-107b08f8c7fb
https://clck.mgid.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clck.mgid.com/2b4f3d39-13d2-4587-b980-107b08f8c7fb
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK f4e63932-d5c7-4876-a8de-eb6441e2e2b2
https://clck.mgid.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clck.mgid.com/f4e63932-d5c7-4876-a8de-eb6441e2e2b2
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 206
Partial Content 4056ae3c-d0dd-444e-86db-eb30370b7665
https://clck.mgid.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clck.mgid.com/4056ae3c-d0dd-444e-86db-eb30370b7665
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET /
c.mgid.com/pv/ 0
0

GET 2590724
vc.hotjar.io/sessions/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipds.adrta.com
URL: https://ipds.adrta.com/i?__x=NECJLJEODGFMCG@ILOINFKMFOIONMNPPHKCGMFNKMGMIFMIECIELJMNIJLNHOLJGEIQBFNIOIKGNHENLFAHLOIJKNNNLKMGLIMFLL@INFPKLHKFHNIGCFAE@H&clid=mgid&paid=mgid&avid=-&caid=-&plid=18921166&publisherId=57905732&siteId=935692&kv1=492x328&kv2=https://clck.mgid.com/ghits/18921166/i/57905732/0/src/37083/pp/1/1?h=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&rid=18aade19-3355-11ef-b1e4-c84bd6826564&tt=Direct&att=3&pubsrcid=178149&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L&euid=&kv3=-&kv4=-&kv5=178149&kv6=afrd_click_Ntrz&kv7=840045&kv11=Pxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*&kv12=18aade19-3355-11ef-b1e4-c84bd6826564&kv24=Desktop&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7107067-1&cid=383421970.1719362610&jid=1933149806&_v=5.7.2&z=1271505363

Domain: c.mgid.com
URL: https://c.mgid.com/pv/?lu=https%3A%2F%2Fclck.mgid.com%2Fghits%2F18921166%2Fi%2F57905732%2F0%2Fsrc%2F37083%2Fpp%2F1%2F1%3Fh%3DPxu2K7H0olVGv2KT9zY4MyMLrl_QIGxt4R1fRRdFPMKOe9QMrVv0-OlCvITS_IGcT7Yjim-xUWGVXYTAlDWdui8xxBRV5TMjC2l7xVsvUGQ*%26rid%3D18aade19-3355-11ef-b1e4-c84bd6826564%26tt%3DDirect%26att%3D3%26pubsrcid%3D178149%26cpm%3D1%26ct%3D1%26st%3D120%26h2%3DvlJ0RdnMYFlD0pCQy6adPrmkLhdwwlmaR3J7WcOuQX8HR8pSUPvgtXfPfYszt80L%26euid%3D&cbuster=171936261076095008495&pvid=19051ff66489b1f2f6f&implVersion=11&cxurl=https%3A%2F%2Fmgid.com%2Fghits%2F18921166%2Fi%2F57905732%2F0%2Fsrc%2F37083%2Fpp%2F1%2F1&site=43844&i=1&scua=%22x86%22&scub=%2264%22&scu=%22Google%20Chrome%22%3Bv%3D%22126%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22126%22&scufvl=%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%20%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22&scum=%3F0&scup=%22Win32%22&scupv=%2210.0.0%22&scufv=%22126.0.6478.126%22&scuw=%3F0

Domain: vc.hotjar.io
URL: https://vc.hotjar.io/sessions/2590724?s=0.25&r=0.06293807789325867

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 21:36:04	Name: __cf_bm Value: X2GMY2LWXONaM1YtwrjKsxcCwjEmr4H8zcbqcJfFDiM-1719362606-1.0.1.1-lYrZkvS9R1vACuhaOy4xYm03M1vzhWN3BXPe9bpjwnSPKytRlKmBlDTX2eiAO0riMihdxE_WhKl2alz9t6eEqw
clck.mgid.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22206%22%3A%7B%7D%7D
.mgid.com/	1970-01-21 07:12:02	Name: __utma Value: 1.383421970.1719362610.1719362610.1719362610.1
.mgid.com/	1970-01-20 21:36:04	Name: __utmb Value: 1.0.10.1719362610

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://atlantanews1.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
atlantanews1.xyz
c.mgid.com
cdn.mgid.com
chicagochronicles3.xyz
clck.mgid.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
ipds.adrta.com
jsc.mgid.com
s-img.mgid.com
sb.scorecardresearch.com
script.hotjar.com
ssl.google-analytics.com
static.hotjar.com
vc.hotjar.io
www.google.com
xml.pushsupreme.com
xml.rexsrv.com
c.mgid.com
ipds.adrta.com
vc.hotjar.io
www.google.com
104.19.130.76
104.19.133.76
13.33.187.92
173.214.240.15
18.244.18.38
18.66.102.51
199.182.164.180
2a00:1450:4001:803::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
10661c5570ad8e892529eb261134bb7b395bde91ebd72d382bb5f1b8ed83ccb2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
36022956bb18d895882e1f1734d730035bf0945801c55cb62883c9737a2811d1
3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5
427f528f5d190e0e3275d8a1fc40bad36fede3da064b33f29dc8fe6e614ff2f7
455c0cf3199c0d5eac170509b804776e1f18fb6c131f691660bf27a3952a335f
4cd0184c9a4f8e3caf6b3f65cd97c21384205eb495b8c9b546d15cc5a989e698
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68ae7e450865b8ae4a29e8c253f3dd839ac48632da39fd16ea16d91df5a2ed02
6a0b5bb4fe9094353bec4f4b1536de28a6935434b39e6b20e903725bb1338fa2
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa
8563c226908d7a6acfe4c45a9f3c6eebce514e91a0a9e350c1e03492f207c795
85a2c1e232d431bc16f02193ceb8fcd82e9f20798ab430dffb12e2da41b0ca1b
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
a30834775f75e10794a149465a2bf1cd2b424caf0de4c772572f08f150797acf
a98c4f22c9c8dc6a974276ebf08497fdf1b5d12d581f9a29c83a22ff8801170f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
b7647a0d506e3254bb9329e259cf95630bdc9795052c8ff8badaa428c5e9d7cb
bd681485c5979e520205635f271d3872fd2282d4c152129dabd442c3a677bc34
bf42c4015f6e5afabfd9e1adc4311e67af775f2f507f98b3626d68a70fb1bfe2
c0232226e236d14a21f5001ac3735aef37c27644dd81d474dc3b101325942b0a
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee36b8e534b37def11de9fc374cacf02a89eccff3de519bea1f95ceb25145fb9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

clck.mgid.com Open in urlscan Pro 104.19.130.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

79 %HTTPS

30 %IPv6

14 Domains

20 Subdomains

10 IPs

3 Countries

601 kBTransfer

1234 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

clck.mgid.com Open in urlscan Pro
104.19.130.76 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

79 %
HTTPS

30 %
IPv6

14
Domains

20
Subdomains

10
IPs

3
Countries

601 kB
Transfer

1234 kB
Size

4
Cookies

43 HTTP transactions
0 data transactions