urlscan.io logo urlscan.io
SecurityTrails logo

bestcasin3.xyz Open in urlscan Pro
173.214.240.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21...
Effective URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBM...
Submission: On April 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 11 domains to perform 19 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is bestcasin3.xyz.
TLS certificate: Issued by R3 on February 18th 2024. Valid for: 3 months.
This is the only time bestcasin3.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 10 173.214.240.15 15317 (SERVEREL-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 199.182.164.180 15317 (SERVEREL-AS)
1 3 2606:4700:1::... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700:1::... 13335 (CLOUDFLAR...)
19 7
10    173.214.240.15 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
bestreceipe3.xyz
freetrckr.com
sundayjournal2.xyz
bestcasin3.xyz
hotsalad3.xyz
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    199.182.164.180 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
xml.rexsrv.com
xml.adpicmedia.net
3    2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
4    2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
s-img.adskeeper.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
Apex Domain
Subdomains		 Transfer
6 mgid.com
c.mgid.com — Cisco Umbrella Rank: 6985
s-img.mgid.com — Cisco Umbrella Rank: 9893
119 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 26111
s-img.adskeeper.com — Cisco Umbrella Rank: 27100
32 KB
4 sundayjournal2.xyz
sundayjournal2.xyz
3 KB
2 bestcasin3.xyz
bestcasin3.xyz
3 KB
2 adpicmedia.net
xml.adpicmedia.net — Cisco Umbrella Rank: 615400
554 B
2 rexsrv.com
xml.rexsrv.com — Cisco Umbrella Rank: 93289
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 freetrckr.com
freetrckr.com
680 B
1 hotsalad3.xyz
hotsalad3.xyz
111 B
1 bestreceipe3.xyz
bestreceipe3.xyz
120 B
19 11
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
4 s-img.mgid.com sundayjournal2.xyz
bestcasin3.xyz
4 sundayjournal2.xyz 1 redirects sundayjournal2.xyz
2 bestcasin3.xyz 1 redirects sundayjournal2.xyz
2 s-img.adskeeper.com sundayjournal2.xyz
bestcasin3.xyz
2 c.adskeeper.com sundayjournal2.xyz
bestcasin3.xyz
2 xml.adpicmedia.net 2 redirects
2 c.mgid.com 2 redirects
2 xml.rexsrv.com 2 redirects
2 fonts.googleapis.com sundayjournal2.xyz
bestcasin3.xyz
2 freetrckr.com 2 redirects
1 hotsalad3.xyz 1 redirects
1 bestreceipe3.xyz 1 redirects
19 13

This site contains no links.

Subject Issuer Validity Valid
newstodai3.xyz
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
mgid.com
E1		 2024-03-10 -
2024-06-08		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-03-26 -
2024-06-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
extranew3.xyz
R3		 2024-02-18 -
2024-05-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: 3860A7DCE5DC0324B11259CBFA85F896
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

  1. http://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiu... HTTP 307
    https://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiu... HTTP 302
    https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
    https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJT... Page URL
  2. https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
    https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

74 %
HTTPS

71 %
IPv6

11
Domains

13
Subdomains

7
IPs

2
Countries

220 kB
Transfer

234 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwvhzdzlmtrhmda0ndgynjkxnmfmmdy2owuwodiymzbmltm2mdqtmc4wmdawmzmlmjilmkmlmjixmdcylta0ywvhnzlhzde4nzfkmwe3zdfkndgy...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 307
    https://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwvhzdzlmtrhmda0ndgynjkxnmfmmdy2owuwodiymzbmltm2mdqtmc4wmdawmzmlmjilmkmlmjixmdcylta0ywvhnzlhzde4nzfkmwe3zdfkndgy...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 302
    https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
    https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
    https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwvhzdzlmtrhmda0ndgynjkxnmfmmdy2owuwodiymzbmltm2mdqtmc4wmdawmzmlmjilmkmlmjixmdcylta0ywvhnzlhzde4nzfkmwe3zdfkndgy...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 307
  • https://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwvhzdzlmtrhmda0ndgynjkxnmfmmdy2owuwodiymzbmltm2mdqtmc4wmdawmzmlmjilmkmlmjixmdcylta0ywvhnzlhzde4nzfkmwe3zdfkndgy...~311~...fanbfdxnfzgvzayuymiu3ra==&if=1 HTTP 302
  • https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
  • https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://sundayjournal2.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RmMDdkZGZhMjgwNTE4NzI2NWEyNTU3M2ZlZDY1ZDVkNyUyNnJuZCUzRDQ2OTU3MDQ2Mg%3D%3D&t=1713041451380&rnd=59365155&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=f07ddfa2805187265a25573fed65d5d7&rnd=469570462 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|qipMk9o-NBDNPdWrAhhxannsVrBUXkEPa7jXJ6MkPpS1xqJc6ms7klagU3qILI0ZYI7T6wt2cr-z3l4u8DkU6aIYXFG6bRruXLeUjKnwwSc*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7Ovd3ULWUbX02IwmgBY6_znzN5VK5Jx1F3-t9PPBYwP&rid=82ba9871-f9d7-11ee-ba65-c84bd68370b4&psid=101625&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTI0Mzg5LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6UXhOU3g1WHpJMU15OW9kSFJ3T2k4dmFXMW5hRzl6ZEhNdVkyOXRMM1F2TWpBeU5DMHdNeTgzTVRrMk56TXZOVGs1WVdVNE1UY3lZMlZoT1dRNFlqVTFPREV5WmpZek5XUmpNalUyTWpndWFuQm4ud2VicD92PTE3MTMwNDE0NTAtSUdjd1RSMC11c3hhTXdIQXJZRnRrMFZOUnN1aHZCNUVpNkU2Q0l3UU1Wcw== HTTP 301
  • https://s-img.mgid.com/g/18924389/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxNSx5XzI1My9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMy83MTk2NzMvNTk5YWU4MTcyY2VhOWQ4YjU1ODEyZjYzNWRjMjU2MjguanBn.webp?v=1713041450-IGcwTR0-usxaMwHArYFtk0VNRsuhvB5Ei6E6CIwQMVs
Request Chain 4
  • https://xml.adpicmedia.net/icon?sid=4de03886183c2f0eee7f7c09cfb9c58c&rnd=291917192 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|qipMk9o-NBDNPdWrAhhxakJdtLJK4nbm9WvCzmo5EnsSBZJLJ_aSO8EFW4zlaCwUqzwVJ3bK7e_LTHlrUt8Z9vREb1iHLhjG1inFIkUsW3I*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ1CQVd6akjJNR6D41HyVCWMhRwqbBbaMz27&rid=82ba8348-f9d7-11ee-9fd2-c84bd6836428&psid=2608914
Request Chain 11
  • https://bestcasin3.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_54_3451_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwuYWRwaWNtZWRpYS5uZXQlMkZpY29uJTNGc2lkJTNEZmZhN2NlMjIyNjdiOGNkODUzOTBjYjVkOWRmZjA5ZDAlMjZybmQlM0Q2MzU0NDkxMTM%3D&t=1713041454784&rnd=461971540&i=1 HTTP 302
  • https://xml.adpicmedia.net/icon?sid=ffa7ce22267b8cd85390cb5d9dff09d0&rnd=635449113 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|LmUv-SEzwbq1omTw91ok2v9BUnQ6yKe7XN9o9r5pqD9W07NijYsxwLJD-smngr4xqzwVJ3bK7e_LTHlrUt8Z9gCP1xuZg4H9miAtF04qD1M*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ1CQVd6akjJNR7hCfAfycbuDPnvlpk4kVuz&rid=84d02ba0-f9d7-11ee-b1ff-c84bd68370c0&psid=2608837
Request Chain 12
  • https://hotsalad3.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RiYzk1Zjc3Zjk0NTkxZTc3NzJlZTEzM2FjMDJiY2E1NyUyNnJuZCUzRDcwNDMzMjE4Ng%3D%3D&t=1713041454784&rnd=175224127&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=bc95f77f94591e7772ee133ac02bca57&rnd=704332186 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|LmUv-SEzwbq1omTw91ok2lOFaWYCQSk3AbQ80BFEnDmOe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6ZoY8ZAeWorUKMH35CESDq0*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7Ovd3ULWUbX02IwmgBY6_xj3q30EpK8nBadbfDkYzZI&rid=84d09bb1-f9d7-11ee-b1ff-c84bd68370c0&psid=101607&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4NzkyOTAwLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpRdE1ETXZOekU1Tmpjekx6a3hObVpqWWprMFltRTNNemN6TVRrNU5tRTRNek5oTTJZd1ltRTJaR00zTG1wd1p3LndlYnA_dj0xNzEzMDQxNDUzLWFfV2tabnoweURnQ0NiOWxlUXIwUTdsclZwdzRGaHhUdXpOdmlwTTJhNzA= HTTP 301
  • https://s-img.mgid.com/g/18792900/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzkxNmZjYjk0YmE3MzczMTk5NmE4MzNhM2YwYmE2ZGM3LmpwZw.webp?v=1713041453-a_WkZnz0yDgCCb9leQr0Q7lrVpw4FhxTuzNvipM2a70

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js
sundayjournal2.xyz/
Redirect Chain
  • http://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwvhzdzlmtrhmda0ndgynjkxnmfmmdy2...
  • https://bestreceipe3.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_54_0_4002?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcylwvhzdzlmtrhmda0ndgynjkxnmfmmdy...
  • https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1
  • https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
a85d92b01ef160991ba1386cf69f390e6a231fb2d8fcb81dab6f1660135561dd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 13 Apr 2024 20:50:51 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Sat, 13 Apr 2024 20:50:50 GMT
location
https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sundayjournal2.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 20:50:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 19:02:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 20:50:51 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxNSx5XzI1My9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMy83M...
s-img.mgid.com/g/18924389/328x328/-/
Redirect Chain
  • https://sundayjournal2.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RmMDdkZGZhMjgwNTE4NzI2NWEyNTU3M2ZlZDY1ZDVkNyUyNnJ...
  • https://xml.rexsrv.com/icon?sid=f07ddfa2805187265a25573fed65d5d7&rnd=469570462
  • https://c.mgid.com/c?pv=2&v=0|0|0|qipMk9o-NBDNPdWrAhhxannsVrBUXkEPa7jXJ6MkPpS1xqJc6ms7klagU3qILI0ZYI7T6wt2cr-z3l4u8DkU6aIYXFG6bRruXLeUjKnwwSc*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7Ovd3ULWUbX02I...
  • https://s-img.mgid.com/g/18924389/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxNSx5XzI1M...
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18924389/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxNSx5XzI1My9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMy83MTk2NzMvNTk5YWU4MTcyY2VhOWQ4YjU1ODEyZjYzNWRjMjU2MjguanBn.webp?v=1713041450-IGcwTR0-usxaMwHArYFtk0VNRsuhvB5Ei6E6CIwQMVs
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9858e7f5ba1c0d910a2d38826342a3a93801bb3bdf7c215ccee5e809ed0518
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sundayjournal2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 20:50:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
615eac39-5708-4cbf-a1f5-caac7f3614dd
age
1773049
alt-svc
h3=":443"; ma=86400
content-length
28560
last-modified
Mon, 18 Mar 2024 19:46:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
873e54b4786d3650-FRA

Redirect headers

date
Sat, 13 Apr 2024 20:50:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
c66c07b8-ad2d-41b2-8ceb-0f68a983c7cf
server
cloudflare
location
https://s-img.mgid.com/g/18924389/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxNSx5XzI1My9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMy83MTk2NzMvNTk5YWU4MTcyY2VhOWQ4YjU1ODEyZjYzNWRjMjU2MjguanBn.webp?v=1713041450-IGcwTR0-usxaMwHArYFtk0VNRsuhvB5Ei6E6CIwQMVs
cf-ray
873e54b448423650-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF80MTUseV8yNTMvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18924389/453x227/-/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18924389/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF80MTUseV8yNTMvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzU5OWFlODE3MmNlYTlkOGI1NTgxMmY2MzVkYzI1NjI4LmpwZw.webp?v=1713041450-lRxZs6ldHkLvcFdXh0X01SN602gHOSh_QDDnF3r7y8w
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d75a5666973cc4b9c4eca95b9eea032c972315910436bda3ab0ea25fe724b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sundayjournal2.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 20:50:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
a6bd9753-495a-4737-936f-b8aed6727844
age
2250251
alt-svc
h3=":443"; ma=86400
content-length
25516
last-modified
Mon, 18 Mar 2024 19:46:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
873e54b0abed3650-FRA
c
c.adskeeper.com/
Redirect Chain
  • https://xml.adpicmedia.net/icon?sid=4de03886183c2f0eee7f7c09cfb9c58c&rnd=291917192
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|qipMk9o-NBDNPdWrAhhxakJdtLJK4nbm9WvCzmo5EnsSBZJLJ_aSO8EFW4zlaCwUqzwVJ3bK7e_LTHlrUt8Z9vREb1iHLhjG1inFIkUsW3I*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ...
43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|qipMk9o-NBDNPdWrAhhxakJdtLJK4nbm9WvCzmo5EnsSBZJLJ_aSO8EFW4zlaCwUqzwVJ3bK7e_LTHlrUt8Z9vREb1iHLhjG1inFIkUsW3I*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ1CQVd6akjJNR6D41HyVCWMhRwqbBbaMz27&rid=82ba8348-f9d7-11ee-9fd2-c84bd6836428&psid=2608914
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sundayjournal2.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 20:50:52 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
1f367c90-b28d-4706-92da-9310c1d65285
server
cloudflare
content-type
image/gif
cf-ray
873e54b3dc749061-FRA
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.adskeeper.com/c?pv=2&v=0|0|0|qipMk9o-NBDNPdWrAhhxakJdtLJK4nbm9WvCzmo5EnsSBZJLJ_aSO8EFW4zlaCwUqzwVJ3bK7e_LTHlrUt8Z9vREb1iHLhjG1inFIkUsW3I*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ1CQVd6akjJNR6D41HyVCWMhRwqbBbaMz27&rid=82ba8348-f9d7-11ee-9fd2-c84bd6836428&psid=2608914
date
Sat, 13 Apr 2024 20:50:52 GMT
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzc0MjUzMC9lNzNlN...
s-img.adskeeper.com/g/18761646/492x328/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/18761646/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzc0MjUzMC9lNzNlN2JmYWUzODJmYTcwNmQ1NDA5ZTY5Y2UxMzI1ZS5qcGc.webp?v=1713041450-El0p-63DL45DNrPYxqmOwBgocS0XMFmDd8Q4LyBg9eM
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316ad146c87e9483dbe87d6bf60e8f20ccfa06913ed99d4203854d1465458e36

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sundayjournal2.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 20:50:51 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Apr 2024 05:31:56 GMT
x-mg-request-uuid
a058739e-1fad-4044-88fd-a1f56feed738
server
cloudflare
age
1091935
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
873e54b11a3f9061-FRA
content-length
16142
alt-svc
h3=":443"; ma=86400
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://sundayjournal2.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
72328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://sundayjournal2.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
61205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:50:46 GMT
favicon.ico
sundayjournal2.xyz/ 		548 B
245 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sundayjournal2.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 20:50:52 GMT
content-encoding
gzip
server
nginx
content-type
text/html
event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_0_4001
sundayjournal2.xyz/ 		114 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sundayjournal2.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjQ2Ny1mMDdkZGZhMjgwNTE4NzI2NWEyNTU3M2ZlZDY1ZDVkNy0zNzQ3LTAuMDAwNDgxJTIyJTVEJTdE&t=1713041451380&rnd=978304338&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 20:50:53 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js
bestcasin3.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1
  • https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: sundayjournal2.xyz
URL: https://sundayjournal2.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjQ2Ny1mMDdkZGZhMjgwNTE4NzI2NWEyNTU3M2ZlZDY1ZDVkNy0zNzQ3LTAuMDAwNDgxJTIyJTVEJTdE&t=1713041451380&rnd=978304338&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
f816914320d9b3c6f62b80c9fdc80c18c2c583d35b1c69cb5d19eca5bd6f095c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"123.0.6312.122"
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 13 Apr 2024 20:50:54 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Sat, 13 Apr 2024 20:50:54 GMT
location
https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: bestcasin3.xyz
URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bestcasin3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 20:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 19:27:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 20:50:54 GMT
c
c.adskeeper.com/
Redirect Chain
  • https://bestcasin3.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_54_3451_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwuYWRwaWNtZWRpYS5uZXQlMkZpY29uJTNGc2lkJTNEZmZhN2NlMjIyNjdiOGNkODUzOTBjYjVkOWRmZjA5ZDAlMj...
  • https://xml.adpicmedia.net/icon?sid=ffa7ce22267b8cd85390cb5d9dff09d0&rnd=635449113
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|LmUv-SEzwbq1omTw91ok2v9BUnQ6yKe7XN9o9r5pqD9W07NijYsxwLJD-smngr4xqzwVJ3bK7e_LTHlrUt8Z9gCP1xuZg4H9miAtF04qD1M*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ...
43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|LmUv-SEzwbq1omTw91ok2v9BUnQ6yKe7XN9o9r5pqD9W07NijYsxwLJD-smngr4xqzwVJ3bK7e_LTHlrUt8Z9gCP1xuZg4H9miAtF04qD1M*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ1CQVd6akjJNR7hCfAfycbuDPnvlpk4kVuz&rid=84d02ba0-f9d7-11ee-b1ff-c84bd68370c0&psid=2608837
Requested by
Host: bestcasin3.xyz
URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bestcasin3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 20:50:55 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
d4331d5b-39d6-487c-8a8f-bd6b86d871b7
server
cloudflare
content-type
image/gif
cf-ray
873e54c93a5f5d46-FRA
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://c.adskeeper.com/c?pv=2&v=0|0|0|LmUv-SEzwbq1omTw91ok2v9BUnQ6yKe7XN9o9r5pqD9W07NijYsxwLJD-smngr4xqzwVJ3bK7e_LTHlrUt8Z9gCP1xuZg4H9miAtF04qD1M*&cid=1156920&f=1&h2=lhYiY_ofmgUB0niIDuRJV5e3CKtRyZ1CQVd6akjJNR7hCfAfycbuDPnvlpk4kVuz&rid=84d02ba0-f9d7-11ee-b1ff-c84bd68370c0&psid=2608837
date
Sat, 13 Apr 2024 20:43:42 GMT
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzkxNmZjY...
s-img.mgid.com/g/18792900/328x328/-/
Redirect Chain
  • https://hotsalad3.xyz/event_fe613555-a1a0-59f6-bc57-cbc7da7a82f0_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RiYzk1Zjc3Zjk0NTkxZTc3NzJlZTEzM2FjMDJiY2E1NyUyNnJuZCUz...
  • https://xml.rexsrv.com/icon?sid=bc95f77f94591e7772ee133ac02bca57&rnd=704332186
  • https://c.mgid.com/c?pv=2&v=0|0|0|LmUv-SEzwbq1omTw91ok2lOFaWYCQSk3AbQ80BFEnDmOe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6ZoY8ZAeWorUKMH35CESDq0*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7Ovd3ULWUbX02I...
  • https://s-img.mgid.com/g/18792900/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ...
31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18792900/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzkxNmZjYjk0YmE3MzczMTk5NmE4MzNhM2YwYmE2ZGM3LmpwZw.webp?v=1713041453-a_WkZnz0yDgCCb9leQr0Q7lrVpw4FhxTuzNvipM2a70
Requested by
Host: bestcasin3.xyz
URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c84b60529f62e3c067c0a63cee70d46e829673d0a23c2ef3c2524cb7873973b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bestcasin3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 20:50:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
97efdb7e-f3d1-406c-ab47-da2ea17580a4
age
1854261
alt-svc
h3=":443"; ma=86400
content-length
31822
last-modified
Sat, 23 Mar 2024 09:46:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
873e54cba9344d44-FRA

Redirect headers

date
Sat, 13 Apr 2024 20:50:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
09752672-49fe-4c36-a0a9-8b4920e97a4d
server
cloudflare
location
https://s-img.mgid.com/g/18792900/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzkxNmZjYjk0YmE3MzczMTk5NmE4MzNhM2YwYmE2ZGM3LmpwZw.webp?v=1713041453-a_WkZnz0yDgCCb9leQr0Q7lrVpw4FhxTuzNvipM2a70
cf-ray
873e54cb690f4d44-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzc0MjUzMC80ZDQxM...
s-img.adskeeper.com/g/18948559/492x328/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/18948559/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzc0MjUzMC80ZDQxMmNlYWI3YzBjZGM5MjI4MWMzNzNmZTQ3ZTg1Zi5qcGc.webp?v=1713041453-PupJQxlBoi5vF3mk0qxk5Hq0nr6bDu0qrKPm_GKCAy4
Requested by
Host: bestcasin3.xyz
URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1698ec7b8b9787cc4c50d60f28cbeb00520c00f296c2f0bbf659d0019380f98

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bestcasin3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 20:50:55 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Apr 2024 07:52:28 GMT
x-mg-request-uuid
c6aebd8e-19e4-4540-b7b7-7bd404a1b267
server
cloudflare
age
46707
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
873e54c63f245d46-FRA
content-length
15184
alt-svc
h3=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My85MTZmY...
s-img.mgid.com/g/18792900/453x227/-/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/18792900/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My85MTZmY2I5NGJhNzM3MzE5OTZhODMzYTNmMGJhNmRjNy5qcGc.webp?v=1713041453-ENeUFN0eSTCk9t_yMkIlNI18hrNPpgCTRC4i1njMKCo
Requested by
Host: bestcasin3.xyz
URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e00aed6a468bd8ae244113563718d77b3c6a10780710348bf59224ef5ef1296
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bestcasin3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 20:50:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
874c4ded-0778-4f03-9a9d-67cc0358710e
age
2693294
alt-svc
h3=":443"; ma=86400
content-length
33492
last-modified
Mon, 04 Mar 2024 17:05:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
873e54c62ac14d44-FRA
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bestcasin3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
72332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://bestcasin3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
61209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:50:46 GMT
favicon.ico
bestcasin3.xyz/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bestcasin3.xyz
URL
https://bestcasin3.xyz/favicon.ico

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isIframe function| go

1 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: M5geF6WYXVEpciv.iSoqFTPkxO9BibEUV3sXLwUd8EY-1713041451-1.0.1.1-wfM.sy8EA420KW7J6y7j653iHiBLe4tfN8VowyfHH8kF5PpA3J7m0F1ediertOtyB267cRqkEb6OqFyS8xfI_w

7 Console Messages

Source Level URL
Text
other warning URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sundayjournal2.xyz/sw_2b5b928a-a72f-fe9f-cf83-f68d3cbaa9c9_7_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sundayjournal2.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bestcasin3.xyz/sw_75f433d8-29eb-8327-5f4b-3b378f6346e9_54_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.