get.greatlifebargains2024.com Open in urlscan Pro
108.178.23.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news-depihe.com/tds.php?sid=1003454
Effective URL:
https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9ae15-1ecc-4420-95a1-...
Submission: On January 20 via api (January 20th 2024, 4:27:21 am UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 9 domains to perform 35 HTTP transactions. The main IP is 108.178.23.115, located in and belongs to . The main domain is get.greatlifebargains2024.com.
TLS certificate: Issued by R3 on December 6th 2023. Valid for: 3 months.

This is the only time get.greatlifebargains2024.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.108.117.220 193.108.117.220	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
30	193.108.118.54 193.108.118.54	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1 1	89.38.97.71 89.38.97.71	49981 (WORLDSTREAM) (WORLDSTREAM)
1	88.212.201.202 88.212.201.202	39134 (UNITEDNET) (UNITEDNET)
1	2606:4700:303... 2606:4700:3032::ac43:9c3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.155.186.15 185.155.186.15	203639 (TEKNOLOGY) (TEKNOLOGY)
1 2	185.155.184.55 185.155.184.55	5398 (AS5398) (AS5398)
1	108.178.23.115 108.178.23.115	() ()
35	6

1 193.108.117.220 (Frankfurt am Main, Germany) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 220-117-108-193.clients.gthost.com

news-depihe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 193.108.118.54 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 54-118-108-193.clients.gthost.com

news-sapita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.news-sapita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.news-sapita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.news-sapita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.news-sapita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.38.97.71 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: henry.dgrad-host.com

lifefor.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.202 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host202.rax.ru

img0.liveinternet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:9c3b (United States)

ASN13335 (CLOUDFLARENET, US)

distie.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blossom.growsier.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.155.186.15 (Switzerland)

ASN203639 (TEKNOLOGY, CH)

yourcordialgirl.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.184.55 (Switzerland) 1 redirects

ASN5398 (AS5398, CH)

2027.theydayssay.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.178.23.115 (None, )

ASN- ()

get.greatlifebargains2024.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	news-sapita.com news-sapita.com 1.news-sapita.com 2.news-sapita.com 3.news-sapita.com 4.news-sapita.com	172 KB
2	theydayssay.live 1 redirects 2027.theydayssay.live	2 KB
1	greatlifebargains2024.com get.greatlifebargains2024.com	2 KB
1	yourcordialgirl.life yourcordialgirl.life	38 KB
1	growsier.shop 1 redirects blossom.growsier.shop	752 B
1	distie.shop distie.shop	519 B
1	liveinternet.ru img0.liveinternet.ru — Cisco Umbrella Rank: 907687	3 KB
1	lifefor.cc 1 redirects lifefor.cc	383 B
1	news-depihe.com 1 redirects news-depihe.com	162 B
35	9

	Domain	Requested by
6	4.news-sapita.com	3.news-sapita.com 4.news-sapita.com
6	3.news-sapita.com	2.news-sapita.com 3.news-sapita.com
6	2.news-sapita.com	1.news-sapita.com 2.news-sapita.com
6	1.news-sapita.com	news-sapita.com 1.news-sapita.com
6	news-sapita.com	news-sapita.com
2	2027.theydayssay.live	1 redirects yourcordialgirl.life
1	get.greatlifebargains2024.com	2027.theydayssay.live
1	yourcordialgirl.life	img0.liveinternet.ru
1	blossom.growsier.shop	1 redirects
1	distie.shop	img0.liveinternet.ru
1	img0.liveinternet.ru	4.news-sapita.com
1	lifefor.cc	1 redirects
1	news-depihe.com	1 redirects
35	13

This site contains no links.

Subject Issuer	Validity	Valid
news-sapita.com ZeroSSL ECC Domain Secure Site CA	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.liveinternet.ru AlphaSSL CA - SHA256 - G4	`2023-10-29` - `2024-11-29`	a year	crt.sh
distie.shop GTS CA 1P5	`2023-11-29` - `2024-02-27`	3 months	crt.sh
yourcordialgirl.life R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
theydayssay.live R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
get.greatlifebargains2024.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9ae15-1ecc-4420-95a1-797d35f0ded6&np=1
Frame ID: F2E5099B365409D389BA3B43AEC4D01D
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://news-depihe.com/tds.php?sid=1003454 HTTP 302
https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://lifefor.cc/go/Rqfd9rzp8Swy HTTP 302
https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Page URL
https://blossom.growsier.shop/help/?26641666013223 HTTP 302
https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710 Page URL
https://2027.theydayssay.live/hjplcjds/article2027.doc?u=bt1k60t&o=xqt63qn&t=cid%3A8897&cid=8897-0-2024012... Page URL
https://2027.theydayssay.live/web/?sid=t4~qplliswfkod5zooqfsv1wgph HTTP 302
https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9... Page URL

Page Statistics

35
Requests

100 %
HTTPS

22 %
IPv6

9
Domains

13
Subdomains

6
IPs

5
Countries

217 kB
Transfer

223 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news-depihe.com/tds.php?sid=1003454 HTTP 302
https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Page URL
https://lifefor.cc/go/Rqfd9rzp8Swy HTTP 302
https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Page URL
https://blossom.growsier.shop/help/?26641666013223 HTTP 302
https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710 Page URL
https://2027.theydayssay.live/hjplcjds/article2027.doc?u=bt1k60t&o=xqt63qn&t=cid%3A8897&cid=8897-0-202401200727180e5632710&f=1&sid=t4~qplliswfkod5zooqfsv1wgph&fp=vUf8vMGhhrB0xaxqRme3SA%3D%3D Page URL
https://2027.theydayssay.live/web/?sid=t4~qplliswfkod5zooqfsv1wgph HTTP 302
https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9ae15-1ecc-4420-95a1-797d35f0ded6&np=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://news-depihe.com/tds.php?sid=1003454 HTTP 302
https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4=

Request Chain 30

https://lifefor.cc/go/Rqfd9rzp8Swy HTTP 302
https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html

Request Chain 32

https://blossom.growsier.shop/help/?26641666013223 HTTP 302
https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710

35 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response news-sapita.com/lands/16/ Redirect Chain https://news-depihe.com/tds.php?sid=1003454 https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4=	3 KB 2 KB	143ms 45ms	Document text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `24b1bf4031bc8cc5bdc180cb16a0add6a36633284087d0de2107efa9645d6dc7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 04:27:15 GMT pragma no-cache server nginx Redirect headers cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 04:27:15 GMT location https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= pragma no-cache server nginx
GET H2	200	revopush.js Show response news-sapita.com/	10 KB 10 KB	40ms 39ms	Script application/javascript	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-sapita.com/revopush.js?v=4 Requested by Host: news-sapita.com URL: https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0` Request headers accept-language de-DE,de;q=0.9 Referer https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Thu, 15 Dec 2022 09:31:17 GMT server nginx etag "639ae965-26e2" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 9954 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	man.png news-sapita.com/lands/16/	10 KB 11 KB	78ms 77ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://news-sapita.com/lands/16/man.png Requested by Host: news-sapita.com URL: https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837` Request headers accept-language de-DE,de;q=0.9 Referer https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-295f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 10591 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.png news-sapita.com/lands/16/	1 KB 1 KB	79ms 78ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://news-sapita.com/lands/16/logo.png Requested by Host: news-sapita.com URL: https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5` Request headers accept-language de-DE,de;q=0.9 Referer https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-425" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 1061 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bot.png news-sapita.com/lands/16/	11 KB 11 KB	39ms 39ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://news-sapita.com/lands/16/bot.png Requested by Host: news-sapita.com URL: https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f` Request headers accept-language de-DE,de;q=0.9 Referer https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-2b23" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 11043 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	traffback.php news-sapita.com/	72 B 213 B	39ms 39ms	Fetch text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-sapita.com/traffback.php?site=1003454&sub1=&sub2=&sub3=&sub4=&land=16 Requested by Host: news-sapita.com URL: https://news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sat, 20 Jan 2024 04:27:15 GMT cache-control no-cache, must-revalidate content-encoding gzip server nginx content-type text/html; charset=UTF-8
GET H2	200	/ Show response 1.news-sapita.com/lands/16/	3 KB 2 KB	85ms 42ms	Document text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Requested by Host: news-sapita.com URL: https://news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `a97956426debab3ee71e6d3b27bd47a9e7461ba1f23bf40d7031c609b50beba9` Request headers Referer https://news-sapita.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 04:27:15 GMT pragma no-cache server nginx
GET H2	200	revopush.js Show response 1.news-sapita.com/	10 KB 10 KB	40ms 39ms	Script application/javascript	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://1.news-sapita.com/revopush.js?v=4 Requested by Host: 1.news-sapita.com URL: https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0` Request headers accept-language de-DE,de;q=0.9 Referer https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Thu, 15 Dec 2022 09:31:17 GMT server nginx etag "639ae965-26e2" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 9954 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	man.png 1.news-sapita.com/lands/16/	10 KB 11 KB	41ms 40ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://1.news-sapita.com/lands/16/man.png Requested by Host: 1.news-sapita.com URL: https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837` Request headers accept-language de-DE,de;q=0.9 Referer https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-295f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 10591 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.png 1.news-sapita.com/lands/16/	1 KB 1 KB	41ms 41ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://1.news-sapita.com/lands/16/logo.png Requested by Host: 1.news-sapita.com URL: https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5` Request headers accept-language de-DE,de;q=0.9 Referer https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-425" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 1061 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bot.png 1.news-sapita.com/lands/16/	11 KB 11 KB	39ms 39ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://1.news-sapita.com/lands/16/bot.png Requested by Host: 1.news-sapita.com URL: https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f` Request headers accept-language de-DE,de;q=0.9 Referer https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:15 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-2b23" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 11043 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	traffback.php 1.news-sapita.com/	72 B 213 B	39ms 39ms	Fetch text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://1.news-sapita.com/traffback.php?site=1003454&sub1=&sub2=&sub3=&sub4=&land=16 Requested by Host: 1.news-sapita.com URL: https://1.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sat, 20 Jan 2024 04:27:15 GMT cache-control no-cache, must-revalidate content-encoding gzip server nginx content-type text/html; charset=UTF-8
GET H2	200	/ Show response 2.news-sapita.com/lands/16/	3 KB 2 KB	56ms 41ms	Document text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Requested by Host: 1.news-sapita.com URL: https://1.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `0642a9b3867ecf7c44d204ea1e2705dfe6c5e9cfcf71f59885b6f08f2b80cb44` Request headers Referer https://1.news-sapita.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 04:27:16 GMT pragma no-cache server nginx
GET H2	200	revopush.js Show response 2.news-sapita.com/	10 KB 10 KB	42ms 39ms	Script application/javascript	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://2.news-sapita.com/revopush.js?v=4 Requested by Host: 2.news-sapita.com URL: https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0` Request headers accept-language de-DE,de;q=0.9 Referer https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Thu, 15 Dec 2022 09:31:17 GMT server nginx etag "639ae965-26e2" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 9954 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	man.png 2.news-sapita.com/lands/16/	10 KB 11 KB	42ms 41ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://2.news-sapita.com/lands/16/man.png Requested by Host: 2.news-sapita.com URL: https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837` Request headers accept-language de-DE,de;q=0.9 Referer https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-295f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 10591 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.png 2.news-sapita.com/lands/16/	1 KB 1 KB	43ms 42ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://2.news-sapita.com/lands/16/logo.png Requested by Host: 2.news-sapita.com URL: https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5` Request headers accept-language de-DE,de;q=0.9 Referer https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-425" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 1061 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bot.png 2.news-sapita.com/lands/16/	11 KB 11 KB	40ms 39ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://2.news-sapita.com/lands/16/bot.png Requested by Host: 2.news-sapita.com URL: https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f` Request headers accept-language de-DE,de;q=0.9 Referer https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-2b23" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 11043 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	traffback.php 2.news-sapita.com/	72 B 213 B	41ms 41ms	Fetch text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://2.news-sapita.com/traffback.php?site=1003454&sub1=&sub2=&sub3=&sub4=&land=16 Requested by Host: 2.news-sapita.com URL: https://2.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sat, 20 Jan 2024 04:27:16 GMT cache-control no-cache, must-revalidate content-encoding gzip server nginx content-type text/html; charset=UTF-8
GET H2	200	/ Show response 3.news-sapita.com/lands/16/	3 KB 2 KB	60ms 44ms	Document text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Requested by Host: 2.news-sapita.com URL: https://2.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `64580d4ae3a34934b7c8b20f66860b8f80179305fa2d76a92560f1b4b3770512` Request headers Referer https://2.news-sapita.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 04:27:16 GMT pragma no-cache server nginx
GET H2	200	revopush.js Show response 3.news-sapita.com/	10 KB 10 KB	42ms 40ms	Script application/javascript	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://3.news-sapita.com/revopush.js?v=4 Requested by Host: 3.news-sapita.com URL: https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0` Request headers accept-language de-DE,de;q=0.9 Referer https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Thu, 15 Dec 2022 09:31:17 GMT server nginx etag "639ae965-26e2" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 9954 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	man.png 3.news-sapita.com/lands/16/	10 KB 11 KB	43ms 41ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://3.news-sapita.com/lands/16/man.png Requested by Host: 3.news-sapita.com URL: https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837` Request headers accept-language de-DE,de;q=0.9 Referer https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-295f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 10591 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.png 3.news-sapita.com/lands/16/	1 KB 1 KB	43ms 42ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://3.news-sapita.com/lands/16/logo.png Requested by Host: 3.news-sapita.com URL: https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5` Request headers accept-language de-DE,de;q=0.9 Referer https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-425" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 1061 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bot.png 3.news-sapita.com/lands/16/	11 KB 11 KB	41ms 39ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://3.news-sapita.com/lands/16/bot.png Requested by Host: 3.news-sapita.com URL: https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f` Request headers accept-language de-DE,de;q=0.9 Referer https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-2b23" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 11043 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	traffback.php 3.news-sapita.com/	72 B 213 B	40ms 40ms	Fetch text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://3.news-sapita.com/traffback.php?site=1003454&sub1=&sub2=&sub3=&sub4=&land=16 Requested by Host: 3.news-sapita.com URL: https://3.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sat, 20 Jan 2024 04:27:16 GMT cache-control no-cache, must-revalidate content-encoding gzip server nginx content-type text/html; charset=UTF-8
GET H2	200	/ Show response 4.news-sapita.com/lands/16/	3 KB 2 KB	56ms 41ms	Document text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Requested by Host: 3.news-sapita.com URL: https://3.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `260f9a9b8db996ac2fe878862481f4d56f110577e294ed65a7cc297ac72ef4a7` Request headers Referer https://3.news-sapita.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 04:27:16 GMT pragma no-cache server nginx
GET H2	200	revopush.js Show response 4.news-sapita.com/	10 KB 10 KB	79ms 78ms	Script application/javascript	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://4.news-sapita.com/revopush.js?v=4 Requested by Host: 4.news-sapita.com URL: https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0` Request headers accept-language de-DE,de;q=0.9 Referer https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Thu, 15 Dec 2022 09:31:17 GMT server nginx etag "639ae965-26e2" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 9954 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	man.png 4.news-sapita.com/lands/16/	10 KB 11 KB	80ms 79ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://4.news-sapita.com/lands/16/man.png Requested by Host: 4.news-sapita.com URL: https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837` Request headers accept-language de-DE,de;q=0.9 Referer https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-295f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 10591 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.png 4.news-sapita.com/lands/16/	1 KB 1 KB	81ms 80ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://4.news-sapita.com/lands/16/logo.png Requested by Host: 4.news-sapita.com URL: https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5` Request headers accept-language de-DE,de;q=0.9 Referer https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-425" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 1061 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bot.png 4.news-sapita.com/lands/16/	11 KB 11 KB	39ms 39ms	Image image/png	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Show image Full URL https://4.news-sapita.com/lands/16/bot.png Requested by Host: 4.news-sapita.com URL: https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash `f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f` Request headers accept-language de-DE,de;q=0.9 Referer https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:16 GMT last-modified Mon, 16 Sep 2019 12:08:48 GMT server nginx etag "5d7f7b50-2b23" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 11043 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	traffback.php 4.news-sapita.com/	34 B 184 B	39ms 39ms	Fetch text/html	193.108.118.54 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://4.news-sapita.com/traffback.php?site=1003454&sub1=&sub2=&sub3=&sub4=&land=16 Requested by Host: 4.news-sapita.com URL: https://4.news-sapita.com/revopush.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.54 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 54-118-108-193.clients.gthost.com Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sat, 20 Jan 2024 04:27:16 GMT cache-control no-cache, must-revalidate content-encoding gzip server nginx content-type text/html; charset=UTF-8
GET H/1.1	200 OK	161161828_hh.html Show response img0.liveinternet.ru/images/attach/d/4/161/161/ Redirect Chain https://lifefor.cc/go/Rqfd9rzp8Swy https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html	3 KB 3 KB	441ms 74ms	Document text/html	88.212.201.202 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Requested by Host: 4.news-sapita.com URL: https://4.news-sapita.com/revopush.js?v=4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.212.201.202 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host202.rax.ru Software nginx/1.12.2 / Resource Hash `ee707d8b685f2d8e398390ef5ad4ec97932f7c66d18effa52c2087efd6ff72a1` Request headers Referer https://4.news-sapita.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=315360000 Connection keep-alive Content-Length 2839 Content-Type text/html Date Sat, 20 Jan 2024 04:27:17 GMT Expires Thu, 31 Dec 2037 23:55:55 GMT Last-Modified Sun, 03 Dec 2023 15:09:24 GMT Server nginx/1.12.2 Redirect headers Cache-Control max-age=0 Connection keep-alive Content-Length 0 Content-Type text/html; charset=utf-8 Date Sat, 20 Jan 2024 04:27:17 GMT Expires Thu, 21 Jul 1977 07:30:00 GMT LOCATION https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Last-Modified Sat, 20 Jan 2024 04:27:17 GMT Pragma no-cache Server nginx
GET H2	200	/ distie.shop/	52 B 519 B	441ms 335ms	Fetch text/html	2606:4700:3032::ac43:9c3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distie.shop/?t=json&i=5db631e98e4d364b3a4ca66cff0a4f87&a=26641666013223 Requested by Host: img0.liveinternet.ru URL: https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:9c3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.18 Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://img0.liveinternet.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 04:27:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.18 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK8pnef0gl0qYLzKKZQMZEoHvNs0XYI7BmgHTe0pKa61rSo8%2Bc3Wou6IjYm%2FKBOt1WrX9Xm%2FTyWuVNjdEvyMYn1sIF%2FDpwrCoSrxs98ovbvmq4%2FivEOtv2pdiNeOUsKjsJ4YIyp1yc1cBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 8484906c6a2d5d6d-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	/ Show response yourcordialgirl.life// Redirect Chain https://blossom.growsier.shop/help/?26641666013223 https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710	37 KB 38 KB	287ms 85ms	Document text/html	185.155.186.15 TEKNOLOGY
General Check archive.org Show headers Download Go to Full URL https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710 Requested by Host: img0.liveinternet.ru URL: https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 185.155.186.15 , Switzerland, ASN203639 (TEKNOLOGY, CH), Reverse DNS Software nginx / Resource Hash `fed0a845ca56c9b6b10da2376b2633e91e48cb6015a83bd06b1109c7ea360925` Request headers Referer https://img0.liveinternet.ru/images/attach/d/4/161/161/161161828_hh.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-transform Connection keep-alive Content-Length 38191 Content-Type text/html Date Sat, 20 Jan 2024 04:27:19 GMT Server nginx cache-control private Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 8484906f3f053612-FRA content-type text/html; charset=utf-8 date Sat, 20 Jan 2024 04:27:18 GMT expires Thu, 21 Jul 1977 07:30:00 GMT last-modified Sat, 20 Jan 2024 04:27:18 GMT location https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj2sUe%2BuG%2FDXgh5LDS9zzTDXARzNVib7JBo%2BZoGgBL%2F402ylT4P0k9lWsVyWLT7xawV6sHdHZBPkz3xOlLhdH60C4JMtHWsa9H4pgauPUbkgYf2W83XX8FA%2F582Uxx1jZkBoGrg7FfhwdV0pmtbtBeeht2M%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.0.33
GET H/1.1	200 OK	article2027.doc 2027.theydayssay.live/hjplcjds/	1 KB 2 KB	594ms 208ms	Document text/html	185.155.184.55 AS5398
General Check archive.org Show headers Download Go to Full URL https://2027.theydayssay.live/hjplcjds/article2027.doc?u=bt1k60t&o=xqt63qn&t=cid%3A8897&cid=8897-0-202401200727180e5632710&f=1&sid=t4~qplliswfkod5zooqfsv1wgph&fp=vUf8vMGhhrB0xaxqRme3SA%3D%3D Requested by Host: yourcordialgirl.life URL: https://yourcordialgirl.life//?u=bt1k60t&o=xqt63qn&t=cid:8897&cid=8897-0-202401200727180e5632710 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 185.155.184.55 , Switzerland, ASN5398 (AS5398, CH), Reverse DNS Software openresty / Resource Hash Request headers Referer https://yourcordialgirl.life/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 1415 Content-Type text/html Date Sat, 20 Jan 2024 04:27:19 GMT Server openresty cache-control private
GET H2	200	Primary Request / Show response get.greatlifebargains2024.com/ Redirect Chain https://2027.theydayssay.live/web/?sid=t4~qplliswfkod5zooqfsv1wgph https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9ae15-1ecc-4420-95a1-797d35f0ded6&np=1	6 KB 2 KB	489ms 155ms	Document text/html	108.178.23.115
General Check archive.org Show headers Download Go to Full URL https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9ae15-1ecc-4420-95a1-797d35f0ded6&np=1 Requested by Host: 2027.theydayssay.live URL: https://2027.theydayssay.live/hjplcjds/article2027.doc?u=bt1k60t&o=xqt63qn&t=cid%3A8897&cid=8897-0-202401200727180e5632710&f=1&sid=t4~qplliswfkod5zooqfsv1wgph&fp=vUf8vMGhhrB0xaxqRme3SA%3D%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.178.23.115 -, , ASN (), Reverse DNS Software nginx / PHP/8.3.1 Resource Hash `c9a086e8a0fd35bca16d11c5d9fda59cb403ad65f1a070fe1a684c05511c11cf` Request headers Referer https://2027.theydayssay.live/hjplcjds/article2027.doc?u=bt1k60t&o=xqt63qn&t=cid%3A8897&cid=8897-0-202401200727180e5632710&f=1&sid=t4~qplliswfkod5zooqfsv1wgph&fp=vUf8vMGhhrB0xaxqRme3SA%3D%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version cache-control no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Sat, 20 Jan 2024 04:27:20 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.3.1 Redirect headers Connection keep-alive Content-Length 280 Content-Type text/html; charset=utf-8 Date Sat, 20 Jan 2024 04:27:20 GMT Server openresty location https://get.greatlifebargains2024.com/?utm_medium=7c546697f77c362f087bd230a385a22a47b9f7ab&utm_campaign=m&cid=3ec9ae15-1ecc-4420-95a1-797d35f0ded6&np=1 referrer-policy no-referrer

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news-sapita.com/	1970-01-20 17:48:48	Name: clickdata Value: MTAwMzQ1NHw6fDE2fDp8fDp8fDp8fDp8
1.news-sapita.com/	1970-01-20 17:48:48	Name: clickdata Value: MTAwMzQ1NHw6fDE2fDp8fDp8fDp8fDp8
2.news-sapita.com/	1970-01-20 17:48:48	Name: clickdata Value: MTAwMzQ1NHw6fDE2fDp8fDp8fDp8fDp8
3.news-sapita.com/	1970-01-20 17:48:48	Name: clickdata Value: MTAwMzQ1NHw6fDE2fDp8fDp8fDp8fDp8
4.news-sapita.com/	1970-01-20 17:48:48	Name: clickdata Value: MTAwMzQ1NHw6fDE2fDp8fDp8fDp8fDp8
.blossom.growsier.shop/	1970-01-20 18:33:23	Name: 00831 Value: %7B%22streams%22%3A%5B1705724838%5D%2C%22campaigns%22%3A%7B%228897%22%3A1705724838%7D%2C%22time%22%3A1705724838%7D
yourcordialgirl.life/	1969-12-31 23:59:59	Name: sid Value: t4~qplliswfkod5zooqfsv1wgph
yourcordialgirl.life/	1969-12-31 23:59:59	Name: p1 Value: https://theydayssay.live/hjplcjds/
yourcordialgirl.life/	1969-12-31 23:59:59	Name: s1 Value: gx6egazps1tdob87

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://1.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://2.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://3.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://4.news-sapita.com/lands/16/?site=1003454&sub1=&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.news-sapita.com
2.news-sapita.com
2027.theydayssay.live
3.news-sapita.com
4.news-sapita.com
blossom.growsier.shop
distie.shop
get.greatlifebargains2024.com
img0.liveinternet.ru
lifefor.cc
news-depihe.com
news-sapita.com
yourcordialgirl.life
108.178.23.115
185.155.184.55
185.155.186.15
193.108.117.220
193.108.118.54
2606:4700:3032::ac43:9c3b
2a06:98c1:3120::3
88.212.201.202
89.38.97.71
0642a9b3867ecf7c44d204ea1e2705dfe6c5e9cfcf71f59885b6f08f2b80cb44
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0
24b1bf4031bc8cc5bdc180cb16a0add6a36633284087d0de2107efa9645d6dc7
260f9a9b8db996ac2fe878862481f4d56f110577e294ed65a7cc297ac72ef4a7
64580d4ae3a34934b7c8b20f66860b8f80179305fa2d76a92560f1b4b3770512
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
a97956426debab3ee71e6d3b27bd47a9e7461ba1f23bf40d7031c609b50beba9
c9a086e8a0fd35bca16d11c5d9fda59cb403ad65f1a070fe1a684c05511c11cf
ee707d8b685f2d8e398390ef5ad4ec97932f7c66d18effa52c2087efd6ff72a1
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
fed0a845ca56c9b6b10da2376b2633e91e48cb6015a83bd06b1109c7ea360925

get.greatlifebargains2024.com Open in urlscan Pro 108.178.23.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

35 Requests

100 %HTTPS

22 %IPv6

9 Domains

13 Subdomains

6 IPs

5 Countries

217 kBTransfer

223 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.greatlifebargains2024.com Open in urlscan Pro
108.178.23.115 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

22 %
IPv6

9
Domains

13
Subdomains

6
IPs

5
Countries

217 kB
Transfer

223 kB
Size

9
Cookies

35 HTTP transactions
0 data transactions