urlscan.io logo urlscan.io
SecurityTrails logo

2u.modern-app.one Open in urlscan Pro
172.67.145.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Submission: On June 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 10 domains to perform 17 HTTP transactions. The main IP is 172.67.145.211, located in and belongs to . The main domain is 2u.modern-app.one.
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.
This is the only time 2u.modern-app.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 13 173.214.240.15 15317 (SERVEREL-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 199.182.164.180 15317 (SERVEREL-AS)
1 3 172.64.152.106 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.19.132.76 13335 (CLOUDFLAR...)
1 1 2001:1af8:510... 60781 (LEASEWEB-...)
5 172.67.145.211 ()
17 7
13    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
shopsalepolitics4.xyz
freetrckr.com
latestnewsnow3.xyz
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.rexsrv.com
3    172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
s-img.adskeeper.com
clck.adskeeper.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.19.132.76 (None, )

ASN13335 (CLOUDFLARENET, US)
clck.mgid.com
1    2001:1af8:5100:a003:2:: (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
not.just-in-case.wiki
5    172.67.145.211 (None, )

ASN- ()
2u.modern-app.one
Apex Domain
Subdomains		 Transfer
6 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 653319
2 KB
5 modern-app.one
2u.modern-app.one
224 KB
4 latestnewsnow3.xyz
latestnewsnow3.xyz
3 KB
3 gstatic.com
fonts.gstatic.com
46 KB
3 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 27973
s-img.adskeeper.com — Cisco Umbrella Rank: 26851
clck.adskeeper.com — Cisco Umbrella Rank: 122997
11 KB
3 shopsalepolitics4.xyz
shopsalepolitics4.xyz
726 B
2 rexsrv.com
xml.rexsrv.com — Cisco Umbrella Rank: 73793
599 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 just-in-case.wiki
not.just-in-case.wiki
994 B
1 mgid.com
clck.mgid.com — Cisco Umbrella Rank: 37644
2 KB
17 10
Domain Requested by
6 freetrckr.com 6 redirects
5 2u.modern-app.one clck.mgid.com
2u.modern-app.one
4 latestnewsnow3.xyz 1 redirects latestnewsnow3.xyz
3 fonts.gstatic.com fonts.googleapis.com
3 shopsalepolitics4.xyz 3 redirects
2 xml.rexsrv.com 2 redirects
2 fonts.googleapis.com latestnewsnow3.xyz
2u.modern-app.one
1 not.just-in-case.wiki 1 redirects
1 clck.mgid.com latestnewsnow3.xyz
1 clck.adskeeper.com 1 redirects
1 s-img.adskeeper.com latestnewsnow3.xyz
1 c.adskeeper.com latestnewsnow3.xyz
17 12

This site contains no links.

Subject Issuer Validity Valid
freshnewsnow3.xyz
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
mgid.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
modern-app.one
GTS CA 1P5		 2024-06-04 -
2024-09-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Frame ID: 4A6A70160267C60FB912ED91CE2168AB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymi... HTTP 307
    https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://game-max2.xyz/sw_390498a4-3d80-c83d-5f81-ca2c615aca0d_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... HTTP 307
    http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymi... HTTP 301
    https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJT... Page URL
  2. https://xml.rexsrv.com/click?s=1&tid=1496&sid=aa0e7092cac2bb60c2adac693a8047b8&rnd=870651546 HTTP 302
    https://clck.adskeeper.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7V... HTTP 301
    https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7V... Page URL
  3. https://not.just-in-case.wiki/65969250cc4ab40001673d60?sub1=57959453s3558971&sub2=18871687&sub3=11627362&s... HTTP 302
    https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

88 %
HTTPS

38 %
IPv6

10
Domains

12
Subdomains

7
IPs

4
Countries

286 kB
Transfer

375 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 307
    https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://game-max2.xyz/sw_390498a4-3d80-c83d-5f81-ca2c615aca0d_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D HTTP 307
    http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 301
    https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://xml.rexsrv.com/click?s=1&tid=1496&sid=aa0e7092cac2bb60c2adac693a8047b8&rnd=870651546 HTTP 302
    https://clck.adskeeper.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC HTTP 301
    https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rdrct=1 Page URL
  3. https://not.just-in-case.wiki/65969250cc4ab40001673d60?sub1=57959453s3558971&sub2=18871687&sub3=11627362&sub4=149&sub5=DE&ref_id=021a9f857d8a0edbef8d75b0c891b621&cost=0.25&adclida=ref_id HTTP 302
    https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 307
  • https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://game-max2.xyz/sw_390498a4-3d80-c83d-5f81-ca2c615aca0d_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D HTTP 307
  • http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 301
  • https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyju0nzkwzwqwzdy0ltmyodutmc4wmdazmtclmjilnuqln0q%3d&t=1718580881248&rnd=852856605&j...~311~...fywxsx2rlx2rlc2slmjiln0q=&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://latestnewsnow3.xyz/event_f10bab0a-1b09-6033-1cd4-8dbce3783eb4_70_3926_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RhYTBlNzA5MmNhYzJiYjYwYzJhZGFjNjkzYTgwNDdiOCUyNnJuZCUzRDc3NjY2NDg5OA%3D%3D&t=1718704345637&rnd=356920024&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=aa0e7092cac2bb60c2adac693a8047b8&rnd=776664898 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&cid=1628497&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rid=76cab49e-2d58-11ef-9613-c84bd6836428&psid=3558971
Request Chain 8
  • https://xml.rexsrv.com/click?s=1&tid=1496&sid=aa0e7092cac2bb60c2adac693a8047b8&rnd=870651546 HTTP 302
  • https://clck.adskeeper.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC HTTP 301
  • https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rdrct=1

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
latestnewsnow3.xyz/
Redirect Chain
  • http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyj...
  • https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiy...
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://game-max2.xyz/sw_390498a4-3d80-c83d-5f81-ca2c615aca0d_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
  • http://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiyj...
  • https://shopsalepolitics4.xyz/event_efc5f8ff-6930-bd1f-8e2a-ffd5ab5b2d1e_101_0_3000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltzkzwjlmzg1nta5nzzkm2jizddiy...
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
0ec6f47d8dfe9fc7b0bfdf64c856364f41484dbd21bd01b891a8ca26edeff5b7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 18 Jun 2024 09:52:25 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 18 Jun 2024 09:52:24 GMT
location
https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: latestnewsnow3.xyz
URL: https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://latestnewsnow3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 09:52:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 09:49:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 09:52:26 GMT
c
c.adskeeper.com/
Redirect Chain
  • https://latestnewsnow3.xyz/event_f10bab0a-1b09-6033-1cd4-8dbce3783eb4_70_3926_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RhYTBlNzA5MmNhYzJiYjYwYzJhZGFjNjkzYTgwNDdiOCUyNn...
  • https://xml.rexsrv.com/icon?sid=aa0e7092cac2bb60c2adac693a8047b8&rnd=776664898
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&cid=1628497&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-...
43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&cid=1628497&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rid=76cab49e-2d58-11ef-9613-c84bd6836428&psid=3558971
Requested by
Host: latestnewsnow3.xyz
URL: https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://latestnewsnow3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 18 Jun 2024 09:52:26 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
7e5c26b5-3419-445f-ad57-fe17c0c5bd8a
server
cloudflare
content-type
image/gif
cf-ray
895a62f6c93bbf34-WAW
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.adskeeper.com/c?pv=2&v=0|0|0|Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&cid=1628497&f=1&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rid=76cab49e-2d58-11ef-9613-c84bd6836428&psid=3558971
date
Tue, 18 Jun 2024 09:52:26 GMT
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzQ3NTgyMS9iZTZkM...
s-img.adskeeper.com/g/18871687/200x200/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/18871687/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzQ3NTgyMS9iZTZkMzQzYTBjN2NiYWE1YmJlMTc4ODM1OGIzMDI2Yy5qcGc.webp?v=1718704344-lEk67U3T45td65uxthdIlu8xPivW7M9pj7fb285fhIU
Requested by
Host: latestnewsnow3.xyz
URL: https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9bac20b10fc2bb1f675ac2648bb80a485f861025c30a8b25aeabaf9b706ee4d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://latestnewsnow3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:52:26 GMT
cf-cache-status
HIT
last-modified
Thu, 02 May 2024 13:22:52 GMT
x-mg-request-uuid
b54813a8-d7b6-4365-9858-954a210148d6
server
cloudflare
age
90327
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
895a62f2885cbf34-WAW
content-length
9196
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://latestnewsnow3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 20:32:44 GMT
x-content-type-options
nosniff
age
393582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 20:32:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://latestnewsnow3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 05:20:49 GMT
x-content-type-options
nosniff
age
448297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 05:20:49 GMT
favicon.ico
latestnewsnow3.xyz/ 		13 B
258 B 		Other
General
Check archive.org
Download Go to
Full URL
https://latestnewsnow3.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
pragma
no-cache
date
Tue, 18 Jun 2024 09:52:26 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
event_f10bab0a-1b09-6033-1cd4-8dbce3783eb4_70_0_2998
latestnewsnow3.xyz/ 		116 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://latestnewsnow3.xyz/event_f10bab0a-1b09-6033-1cd4-8dbce3783eb4_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtYWEwZTcwOTJjYWMyYmI2MGMyYWRhYzY5M2E4MDQ3YjgtMzkyNi0wLjA3NDg0NiUyMiU1RCU3RA%3D%3D&t=1718704345637&rnd=441261788&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: latestnewsnow3.xyz
URL: https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://latestnewsnow3.xyz/?sid=9961ff61a7f3518b422ccee2ea4fd4ba_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:52:28 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
1
clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/
Redirect Chain
  • https://xml.rexsrv.com/click?s=1&tid=1496&sid=aa0e7092cac2bb60c2adac693a8047b8&rnd=870651546
  • https://clck.adskeeper.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8*&rid=76cab49e...
  • https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rdrct=1
Requested by
Host: latestnewsnow3.xyz
URL: https://latestnewsnow3.xyz/event_f10bab0a-1b09-6033-1cd4-8dbce3783eb4_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtYWEwZTcwOTJjYWMyYmI2MGMyYWRhYzY5M2E4MDQ3YjgtMzkyNi0wLjA3NDg0NiUyMiU1RCU3RA%3D%3D&t=1718704345637&rnd=441261788&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://latestnewsnow3.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
895a63056e4db615-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 09:52:29 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-mg-click-uuid
d6582be8-3321-01fe-8cea-43ca1c9624ee
x-robots-tag
noindex

Redirect headers

accept-ch
sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
895a6303ddbdbf43-WAW
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 09:52:28 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rdrct=1
server
cloudflare
x-robots-tag
noindex
Primary Request /
2u.modern-app.one/bitcoin_bank_m_s_de/
Redirect Chain
  • https://not.just-in-case.wiki/65969250cc4ab40001673d60?sub1=57959453s3558971&sub2=18871687&sub3=11627362&sub4=149&sub5=DE&ref_id=021a9f857d8a0edbef8d75b0c891b621&cost=0.25&adclida=ref_id
  • https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Requested by
Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rdrct=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.211 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5e72f8c4cb5571ba02f0ed7af838c16e837393af07511bf2aa5a995384254cbb
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://clck.mgid.com/ghits/18871687/i/57959453/2/src/3558971/pp/1/1?h=Q8-lWllQTfemtdZiORYC7oRWz7VDtPq8FbBSyMPQ3u34idZ6JAw4bEblAQOCHZH8T7Yjim-xUWGVXYTAlDWduiYpb5QY9FUVp7t_IArfP-8%2A&rid=76cab49e-2d58-11ef-9613-c84bd6836428&tt=Direct&att=3&pubsrcid=3558971&cpm=1&ct=1&st=120&h2=vlJ0RdnMYFlD0pCQy6adPn47APUww-qhf1HpEWF79SE8PcLwk8uInxe749gv77IC&rdrct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895a6308bc3e71b2-FRA
content-encoding
br
content-type
text/html
date
Tue, 18 Jun 2024 09:52:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEZRYn2jFoviYgp7VAqhH3TOWGWCkHjb7vAAQKQBV7F%2BUh18X1m3PrIoTE%2FmnO4%2B8BuqF39d6zOUppNLp6JeHTBT8%2BJLpxWx%2BiTX3O87uP7k6Vav1f5Yuj8quksfemPb0R5iSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1

Redirect headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Jun 2024 09:52:29 GMT
Location
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Server
nginx/1.20.2
baa3.css
2u.modern-app.one/bitcoin_bank_m_s_de/css/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2u.modern-app.one/bitcoin_bank_m_s_de/css/baa3.css
Requested by
Host: 2u.modern-app.one
URL: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.211 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
01ca018fcaf002b19ddaa71e691574ef341f718954d077881023512c7f6f53d2
Security Headers
Name Value
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:52:29 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
cf-cache-status
EXPIRED
last-modified
Mon, 17 Jun 2024 09:26:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tgb1tnBxbyJlHIQS%2BQ%2Be%2BGYka%2FIRJrS%2F4EgfptSE4bKpxe%2Fb4aKatWGY2bYvHNVudrba4soNqJR5mrXrkwrQQFjp8G3lTgZc6wy13VpDeXXOczID0t04KLndTDjtVCuq%2FPBdAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
895a630a2e1a71b2-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
expires
Wed, 19 Jun 2024 09:52:29 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@700&display=swap
Requested by
Host: 2u.modern-app.one
URL: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9fa5d0bbd15673fc89d14ab0dd4f7f7903178b57f5b0b1bb3ac2d9076684d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 09:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 07:56:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 09:52:29 GMT
jquery-3.4.1.min.js
2u.modern-app.one/bitcoin_bank_m_s_de/js/ 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2u.modern-app.one/bitcoin_bank_m_s_de/js/jquery-3.4.1.min.js
Requested by
Host: 2u.modern-app.one
URL: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.211 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
33ff7db4c83d29b9cc5836ac36ae445ee6764fa775c24add743bdcd0013051cb
Security Headers
Name Value
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:52:29 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
cf-cache-status
EXPIRED
last-modified
Mon, 17 Jun 2024 09:26:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wnvO3hDv4Q2VKoD6RFLRffzbMXQ%2BuZr%2B3bftHQpCIyK%2BsZqnMi5e%2BQv%2FUZjtoJNN9EBhaBbEpQG8PatJ6qUFQls977GoK6nqInZuvGJb45qd0UdO8fv%2FlRL%2BDeZcMtrPkZlg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
895a630a2e1d71b2-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
expires
Wed, 19 Jun 2024 09:52:29 GMT
script.js
2u.modern-app.one/bitcoin_bank_m_s_de/js/ 		716 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2u.modern-app.one/bitcoin_bank_m_s_de/js/script.js
Requested by
Host: 2u.modern-app.one
URL: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.211 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3edef81c0a40bfd6296214002d38d9c662bc91b021fce81a09027442ee585308
Security Headers
Name Value
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:52:29 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11790
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jun 2024 06:35:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XABteCTiwojBG8SpGOQBUca27IeIZVHyzbJx9u6seg7wJnj7bjAyNkBIzaeskbmGS690O6N0V2egvXqpqMVL4k8VL9Ma9qTMlIfsko5grD55rztb6OjG1smTcHgxRhIjADUe%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
895a630a2e2071b2-FRA
expires
Wed, 19 Jun 2024 06:35:59 GMT
female.webp
2u.modern-app.one/bitcoin_bank_m_s_de/img/ 		173 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2u.modern-app.one/bitcoin_bank_m_s_de/img/female.webp
Requested by
Host: 2u.modern-app.one
URL: https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.145.211 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
802310939af3de1f3167853966be11a97ee5d733fcfc7e180c4cc1f54faf80a4
Security Headers
Name Value
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2u.modern-app.one/bitcoin_bank_m_s_de/?rtkcid=667158dd6446c20001d49c9f&rtkcmpid=65969250cc4ab40001673d60
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:52:29 GMT
referrer-policy
no-referrer-when-downgrade
cf-cache-status
EXPIRED
last-modified
Tue, 18 Jun 2024 06:35:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKbYePuKVr6sUf8A18dsIgv4jwgc3Pq3YqAv3I8VE867abb0ZsRwdl53BZpqxa%2BgLq%2FdEq4lV8CoKoxkhVMq0WPiIgNqSjH73soz9RKSNNjlK6E5Hjq5nPTXvb%2BmqDaQdU1Eeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
cf-ray
895a630a2e2571b2-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d531d2326ba02994a585f666486d2bbb664425608a707fe1ea0a6d5935f30806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://2u.modern-app.one
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 03:23:19 GMT
x-content-type-options
nosniff
age
368951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14240
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Jun 2025 03:23:19 GMT
favicon.ico
2u.modern-app.one/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
2u.modern-app.one
URL
https://2u.modern-app.one/favicon.ico

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

14 Cookies

Domain/Path Name / Value
latestnewsnow3.xyz/ Name: sid
Value: pn7eupafjssr9v7fbst9555650
.adskeeper.com/ Name: mgid
Value: 18871687
.adskeeper.com/ Name: mtid
Value: 57959453
.adskeeper.com/ Name: mtuid
Value: 57959453s3558971
.adskeeper.com/ Name: mstatus
Value: 0
.adskeeper.com/ Name: mghd
Value: not.just-in-case.wiki
.mgid.com/ Name: mgid
Value: 18871687
.mgid.com/ Name: mtid
Value: 57959453
.mgid.com/ Name: mtuid
Value: 57959453s3558971
.mgid.com/ Name: mstatus
Value: 0
.mgid.com/ Name: mghd
Value: not.just-in-case.wiki
.mgid.com/ Name: __cf_bm
Value: KO6cyvZ.0wOiyNHxaKZSGt_8R2u3Z8YckC7OAAjEcZc-1718704349-1.0.1.1-rjarEEcC2oI2nMtL2GdWOQwYmOmR7lq_R5gZ59DWgwg3_1sGqZdTkIxwVxcY.pt..biGQM3gz_YnTyMZdNOFBw
.not.just-in-case.wiki/ Name: redcmps
Value: W3siaWQiOiI2NTk2OTI1MGNjNGFiNDAwMDE2NzNkNjAiLCJ0IjoiMjAyNC0wNi0xOFQwOTo1MjoyOS40MzE4Nzg3MzlaIn1d
.not.just-in-case.wiki/ Name: redhash
Value: NjY3MTU4ZGQ2NDQ2YzIwMDAxZDQ5YzlmfDN8NjU5NjkyNTBjYzRhYjQwMDAxNjczZDYwfDY1ODU3ZGNjNDRiMjQ1MDAwMTI2NGIxY3xjM2JhYWIwZS0zZGExLTQ5NjgtYTVmYi02MjA1ZTFlZWIzYWJ8MTcxODcwNDM0OQ==

2 Console Messages

Source Level URL
Text
network error URL: https://latestnewsnow3.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://2u.modern-app.one/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()