9ac6e14419.news-xtejako.com Open in urlscan Pro
144.76.106.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news-rebapa.cc/tds
Effective URL:
https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Submission: On July 05 via api (July 5th 2024, 10:33:34 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 34 HTTP transactions. The main IP is 144.76.106.61, located in Hamm, Germany and belongs to HETZNER-AS, DE. The main domain is 9ac6e14419.news-xtejako.com.
TLS certificate: Issued by E5 on June 12th 2024. Valid for: 3 months.

This is the only time 9ac6e14419.news-xtejako.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.108.118.16 193.108.118.16	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1 1	142.202.51.61 142.202.51.61	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1 6	23.158.56.201 23.158.56.201	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
12	136.243.42.50 136.243.42.50	24940 (HETZNER-AS) (HETZNER-AS)
2	144.76.56.162 144.76.56.162	24940 (HETZNER-AS) (HETZNER-AS)
1	148.251.138.178 148.251.138.178	24940 (HETZNER-AS) (HETZNER-AS)
1	188.34.194.114 188.34.194.114	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.115.66 46.4.115.66	24940 (HETZNER-AS) (HETZNER-AS)
11	144.76.106.61 144.76.106.61	24940 (HETZNER-AS) (HETZNER-AS)
1 1	136.243.32.106 136.243.32.106	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:b48:207:... 2a02:b48:207:1::2	() ()
1	45.133.44.32 45.133.44.32	() ()
34	8

1 193.108.118.16 (Frankfurt am Main, Germany) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com

news-rebapa.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.202.51.61 (London, United Kingdom) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 61-51-202-142.clients.gthost.com

partners-tds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.158.56.201 (Frankfurt am Main, Germany) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com

news-cunazu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fb9d7e0842.news-xpatete.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.42.50 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.42.243.136.clients.your-server.de

adb0d0f1d3.news-xnifepo.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.56.162 (Hamm, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: revopush-show-84.t.push.house

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.138.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-69.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.34.194.114 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.114.194.34.188.clients.your-server.de

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.115.66 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-102.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 144.76.106.61 (Hamm, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.106.76.144.clients.your-server.de

9ac6e14419.news-xtejako.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.32.106 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-206.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b48:207:1::2 (None, ) 1 redirects

ASN- ()

bcnkul.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.32 (None, )

ASN- ()

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	news-xnifepo.cc adb0d0f1d3.news-xnifepo.cc	59 KB
11	news-xtejako.com 9ac6e14419.news-xtejako.com	59 KB
5	news-xpatete.com fb9d7e0842.news-xpatete.com	28 KB
3	cdn.house 1 redirects img.cdn.house — Cisco Umbrella Rank: 8483	6 KB
3	partners-show.com show.partners-show.com	3 KB
1	wmgtr.com i.wmgtr.com	28 KB
1	bcnkul.xyz 1 redirects bcnkul.xyz	137 B
1	news-cunazu.com 1 redirects news-cunazu.com — Cisco Umbrella Rank: 909329	135 B
1	partners-tds.com 1 redirects partners-tds.com — Cisco Umbrella Rank: 704219	731 B
1	news-rebapa.cc 1 redirects news-rebapa.cc	110 B
34	10

	Domain	Requested by
12	adb0d0f1d3.news-xnifepo.cc	adb0d0f1d3.news-xnifepo.cc
11	9ac6e14419.news-xtejako.com	fb9d7e0842.news-xpatete.com 9ac6e14419.news-xtejako.com
5	fb9d7e0842.news-xpatete.com	adb0d0f1d3.news-xnifepo.cc fb9d7e0842.news-xpatete.com
3	img.cdn.house	1 redirects
3	show.partners-show.com	adb0d0f1d3.news-xnifepo.cc fb9d7e0842.news-xpatete.com 9ac6e14419.news-xtejako.com
1	i.wmgtr.com
1	bcnkul.xyz	1 redirects
1	news-cunazu.com	1 redirects
1	partners-tds.com	1 redirects
1	news-rebapa.cc	1 redirects
34	10

This site contains no links.

Subject Issuer	Validity	Valid
*.news-xnifepo.cc R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
show.partners-show.com E6	`2024-06-15` - `2024-09-13`	3 months	crt.sh
img.cdn.house E6	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.news-xpatete.com E6	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.news-xtejako.com E5	`2024-06-12` - `2024-09-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Frame ID: C35A67DC94092880A5970328C9769C70
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Загрузка

Page URL History Show full URLs

http://news-rebapa.cc/tds HTTP 307
https://news-rebapa.cc/tds HTTP 302
https://partners-tds.com/WzJQVS HTTP 302
https://news-cunazu.com/tds?id=1218914904&p1=&p2=&p3=&p4= HTTP 302
https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4= Page URL
https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4= Page URL
https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4= Page URL

Page Statistics

34
Requests

97 %
HTTPS

8 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

182 kB
Transfer

274 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news-rebapa.cc/tds HTTP 307
https://news-rebapa.cc/tds HTTP 302
https://partners-tds.com/WzJQVS HTTP 302
https://news-cunazu.com/tds?id=1218914904&p1=&p2=&p3=&p4= HTTP 302
https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4= Page URL
https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4= Page URL
https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://news-rebapa.cc/tds HTTP 307
https://news-rebapa.cc/tds HTTP 302
https://partners-tds.com/WzJQVS HTTP 302
https://news-cunazu.com/tds?id=1218914904&p1=&p2=&p3=&p4= HTTP 302
https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=

Request Chain 32

https://img.cdn.house/i/1/EP7pHJBArD1TY3ifw4A_Xb_9aXPRwm-8pBRVF45Px2j7WGmZZVXgNW6SkXBeDuoBKZBomtIdvzovvjb0y-4KKYLlDnSC04q6w4rwKF7LCu7Luzv8AGkPhtM4JszqqaGa9uoYD61Mi89b7ybSiTeYhjBwiQWtDYUysjrUqNYIZY3jKWbLazITtlc_-z77VW6G3pXnAkIV7_zSL2y1bcC10ksYVE8_VBXy3DoCud-wBa3xRq8mvvJN4UWhXumlkj1hPXykVf1SZfj9IrZgQsB9xdmlfT72-ip2xnKiKPQajfPcOoPRSwPwDf9Ba__1dcthyqyIj9Cx8ETgLQ== HTTP 307
https://bcnkul.xyz/dsp/ph/icm?aid=16975133624010558083&mid=0&sid=992&t=1720218812&subid=1218914904 HTTP 302
https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
adb0d0f1d3.news-xnifepo.cc/
Redirect Chain

http://news-rebapa.cc/tds
https://news-rebapa.cc/tds
https://partners-tds.com/WzJQVS
https://news-cunazu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=

3 KB
3 KB

179ms
39ms

Document
text/html

136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.42.243.136.clients.your-server.de

Software

nginx /

Resource Hash

af7b089333ed362a14807d305c010c75ca95db421f5851842c4307603df5b7e5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 05 Jul 2024 22:33:30 GMT
server: nginx
vary: Origin
x-frame-options: DENY

Redirect headers

content-length: 0
date: Fri, 05 Jul 2024 22:33:28 GMT
location: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 process.js Show response
adb0d0f1d3.news-xnifepo.cc/ 30 KB
11 KB 81ms
80ms Script
application/javascript 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adb0d0f1d3.news-xnifepo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 582b8e0ab1fcedb098f91ff52e3cb25dce96d0023b0972dff69a23eda126ef0c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Jul 2024 22:33:30 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 revopush.js Show response
adb0d0f1d3.news-xnifepo.cc/ 19 KB
7 KB 40ms
39ms Script
application/javascript 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adb0d0f1d3.news-xnifepo.cc/revopush.js
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 488ff7f817de53aaac1fb07ef145e3f751a5b5cc79bf72d8c8caeae9e290a33d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
etag: "6687fc27-1aa9"
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 6825

GET
H2 200 icon1.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 7 KB
7 KB 80ms
79ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon1.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-1c54"
content-length: 7252
content-type: image/png

GET
H2 200 icon2.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 4 KB
5 KB 80ms
80ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon2.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-11e0"
content-length: 4576
content-type: image/png

GET
H2 200 icon3.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 8 KB
8 KB 74ms
73ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon3.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-1ea7"
content-length: 7847
content-type: image/png

GET
H2 200 icon4.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 7 KB
7 KB 75ms
73ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon4.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-1b78"
content-length: 7032
content-type: image/png

GET
H2 200 icon5.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 3 KB
3 KB 75ms
74ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon5.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-cc0"
content-length: 3264
content-type: image/png

GET
H2 200 icon7.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 3 KB
3 KB 76ms
75ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon7.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-cd3"
content-length: 3283
content-type: image/png

GET
H2 200 icon8.png
adb0d0f1d3.news-xnifepo.cc/lands/39/img/ 4 KB
4 KB 76ms
75ms Image
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/img/icon8.png
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-fe0"
content-length: 4064
content-type: image/png

GET
H2 200 / Show response
show.partners-show.com/api/v1/inpage/show/ 752 B
917 B 255ms
142ms Fetch
application/json 144.76.56.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=2
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.56.162 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: revopush-show-84.t.push.house
Software: nginx /
Resource Hash: 2accbe3023d9fabb4da33e9596cdd533b557f1605d07dbe3ff1aebb05a969e40

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://adb0d0f1d3.news-xnifepo.cc
date: Fri, 05 Jul 2024 22:33:29 GMT
content-encoding: br
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server: nginx
vary: Origin
content-type: application/json

GET
H2 200 favicon.png
adb0d0f1d3.news-xnifepo.cc/lands/39/ 589 B
710 B 39ms
39ms Other
image/png 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adb0d0f1d3.news-xnifepo.cc/lands/39/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-24d"
content-length: 589
content-type: image/png

GET
H2 200 bd6B5YBv1JI70dStbqwC5MZzSq5yC8kCEaxM_OYGYt7um4GNZEagtu0I9l7Wcacjw34eMUK2MR--WstTFPmMOpSxtT9ZP1a0rpmx9YNNnaCzB8qIb7E2VlHhtn5xTWw8jvtpb_5q3OeoZPXOfEaFGViZwiHUJv0ivCvKl8axE0s7kuIhF2FT71WFTg97r_34jNqqwwhF
img.cdn.house/i/1/ 1 KB
2 KB 146ms
38ms Image
image/webp 148.251.138.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/i/1/bd6B5YBv1JI70dStbqwC5MZzSq5yC8kCEaxM_OYGYt7um4GNZEagtu0I9l7Wcacjw34eMUK2MR--WstTFPmMOpSxtT9ZP1a0rpmx9YNNnaCzB8qIb7E2VlHhtn5xTWw8jvtpb_5q3OeoZPXOfEaFGViZwiHUJv0ivCvKl8axE0s7kuIhF2FT71WFTg97r_34jNqqwwhF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.138.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: push-house-cdn-69.t.push.house
Software: nginx /
Resource Hash: fa209930317184a0cb01a4de7f07ef5e3da7cf29796925cdb32b689ddbaf2eba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://adb0d0f1d3.news-xnifepo.cc/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:29 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Thu, 06 Jun 2024 14:26:00 GMT
server: nginx
accept-ranges: bytes
content-length: 1428
content-type: image/webp

POST
H2 200 reject Show response
adb0d0f1d3.news-xnifepo.cc/ 5 B
117 B 39ms
39ms Fetch
application/json 136.243.42.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adb0d0f1d3.news-xnifepo.cc/reject
Requested by: Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/revopush.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.42.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 Jul 2024 22:33:31 GMT
server: nginx
content-length: 5
vary: Origin
content-type: application/json; charset=UTF-8

GET
H2 200 / Show response
fb9d7e0842.news-xpatete.com/ 9 KB
9 KB 171ms
39ms Document
text/html 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=

Requested by

Host: adb0d0f1d3.news-xnifepo.cc
URL: https://adb0d0f1d3.news-xnifepo.cc/revopush.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

201-56-158-23.clients.gthost.com

Software

nginx /

Resource Hash

8ac1cba42d50e2708eedd5fbef5d0ba1c88da5ad8c4fb0a043c1089ee7184357

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://adb0d0f1d3.news-xnifepo.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 05 Jul 2024 22:33:30 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 process.js Show response
fb9d7e0842.news-xpatete.com/ 30 KB
11 KB 44ms
43ms Script
application/javascript 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://fb9d7e0842.news-xpatete.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
Requested by: Host: fb9d7e0842.news-xpatete.com
URL: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: b49c08b1b60ef1fb603fb2399aa6c3278e32668bffa7b8856b7ed5bef877bbfc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Jul 2024 22:33:30 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 revopush.js Show response
fb9d7e0842.news-xpatete.com/ 19 KB
7 KB 39ms
39ms Script
application/javascript 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://fb9d7e0842.news-xpatete.com/revopush.js
Requested by: Host: fb9d7e0842.news-xpatete.com
URL: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: 488ff7f817de53aaac1fb07ef145e3f751a5b5cc79bf72d8c8caeae9e290a33d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
etag: "6687fc27-1aa9"
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 6825

GET
H2 200 / Show response
show.partners-show.com/api/v1/inpage/show/ 760 B
966 B 222ms
147ms Fetch
application/json 188.34.194.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=2
Requested by: Host: fb9d7e0842.news-xpatete.com
URL: https://fb9d7e0842.news-xpatete.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.34.194.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.114.194.34.188.clients.your-server.de
Software: nginx /
Resource Hash: 6716637cbad28764874b0acd31860523372e385cf003db02457990f54061a595

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fb9d7e0842.news-xpatete.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://fb9d7e0842.news-xpatete.com
date: Fri, 05 Jul 2024 22:33:30 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server: nginx
vary: Origin
content-type: application/json

GET
H2 200 v_F.ico
fb9d7e0842.news-xpatete.com/lands/21/ 1 KB
1 KB 40ms
40ms Other
image/x-icon 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://fb9d7e0842.news-xpatete.com/lands/21/v_F.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-47e"
content-length: 1150
content-type: image/x-icon

GET
H2 200 zfvdyYdVn9cJIzOXwKv1xto0CMJycadWFIWdG5a6fa-hmXzhFdj-Jj0rebmSBekhVSLpSnrHQHH6A-6bhdXdfKmsYg8BJbt5vU7vk5WeKzJRGZtng_RV5qu_WTLHLKs3ZMERR0qfoNa_UHKjNaAvku3Vkrj_T5dO8RAdBemEpJ3JVf-zx2OWk9QoIqx5ekynoP3dBetQ
img.cdn.house/i/1/ 4 KB
4 KB 118ms
39ms Image
image/webp 46.4.115.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/i/1/zfvdyYdVn9cJIzOXwKv1xto0CMJycadWFIWdG5a6fa-hmXzhFdj-Jj0rebmSBekhVSLpSnrHQHH6A-6bhdXdfKmsYg8BJbt5vU7vk5WeKzJRGZtng_RV5qu_WTLHLKs3ZMERR0qfoNa_UHKjNaAvku3Vkrj_T5dO8RAdBemEpJ3JVf-zx2OWk9QoIqx5ekynoP3dBetQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.115.66 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: push-house-cdn-102.t.push.house
Software: nginx /
Resource Hash: a59a409d900c03e164414932cc215944409eec23583cc188e15c2a409bd1126a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fb9d7e0842.news-xpatete.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:30 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Fri, 31 May 2024 12:32:12 GMT
server: nginx
accept-ranges: bytes
content-length: 3858
content-type: image/webp

POST
H2 200 reject Show response
fb9d7e0842.news-xpatete.com/ 5 B
117 B 40ms
39ms Fetch
application/json 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://fb9d7e0842.news-xpatete.com/reject
Requested by: Host: fb9d7e0842.news-xpatete.com
URL: https://fb9d7e0842.news-xpatete.com/revopush.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: 38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 05 Jul 2024 22:33:32 GMT
server: nginx
content-length: 5
vary: Origin
content-type: application/json; charset=UTF-8

GET
H2 200 Primary Request / Show response
9ac6e14419.news-xtejako.com/ 3 KB
3 KB 168ms
40ms Document
text/html 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=

Requested by

Host: fb9d7e0842.news-xpatete.com
URL: https://fb9d7e0842.news-xpatete.com/revopush.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.61.106.76.144.clients.your-server.de

Software

nginx /

Resource Hash

4d55792f013c61ff7ef1125715b11d8b1e38330f221a67547a11e93e6aba48a4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://fb9d7e0842.news-xpatete.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 05 Jul 2024 22:33:32 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 process.js Show response
9ac6e14419.news-xtejako.com/ 30 KB
11 KB 79ms
78ms Script
application/javascript 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://9ac6e14419.news-xtejako.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 9399926637e7d45542ca82cdc7e7277b52649cd76ccefcb32202e619f7341fd9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Jul 2024 22:33:32 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 revopush.js Show response
9ac6e14419.news-xtejako.com/ 19 KB
7 KB 40ms
39ms Script
application/javascript 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://9ac6e14419.news-xtejako.com/revopush.js
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 488ff7f817de53aaac1fb07ef145e3f751a5b5cc79bf72d8c8caeae9e290a33d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
etag: "6687fc27-1aa9"
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 6825

GET
H2 200 icon1.png
9ac6e14419.news-xtejako.com/lands/39/img/ 7 KB
7 KB 40ms
39ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon1.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-1c54"
content-length: 7252
content-type: image/png

GET
H2 200 icon2.png
9ac6e14419.news-xtejako.com/lands/39/img/ 4 KB
5 KB 78ms
77ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon2.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-11e0"
content-length: 4576
content-type: image/png

GET
H2 200 icon3.png
9ac6e14419.news-xtejako.com/lands/39/img/ 8 KB
8 KB 39ms
38ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon3.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-1ea7"
content-length: 7847
content-type: image/png

GET
H2 200 icon4.png
9ac6e14419.news-xtejako.com/lands/39/img/ 7 KB
7 KB 73ms
72ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon4.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-1b78"
content-length: 7032
content-type: image/png

GET
H2 200 icon5.png
9ac6e14419.news-xtejako.com/lands/39/img/ 3 KB
3 KB 73ms
72ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon5.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-cc0"
content-length: 3264
content-type: image/png

GET
H2 200 icon7.png
9ac6e14419.news-xtejako.com/lands/39/img/ 3 KB
3 KB 74ms
73ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon7.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-cd3"
content-length: 3283
content-type: image/png

GET
H2 200 icon8.png
9ac6e14419.news-xtejako.com/lands/39/img/ 4 KB
4 KB 74ms
73ms Image
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/img/icon8.png
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-fe0"
content-length: 4064
content-type: image/png

GET
H2 200 / Show response
show.partners-show.com/api/v1/inpage/show/ 1 KB
1 KB 220ms
142ms Fetch
application/json 144.76.56.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=2
Requested by: Host: 9ac6e14419.news-xtejako.com
URL: https://9ac6e14419.news-xtejako.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.56.162 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: revopush-show-84.t.push.house
Software: nginx /
Resource Hash: 882ba3efd4dc9f60d874d2e01b5642c240d9a650aafb8ad5fc4a45fb22186d3e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://9ac6e14419.news-xtejako.com
date: Fri, 05 Jul 2024 22:33:32 GMT
content-encoding: br
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server: nginx
vary: Origin
content-type: application/json

GET
H2 200 favicon.png
9ac6e14419.news-xtejako.com/lands/39/ 589 B
710 B 39ms
38ms Other
image/png 144.76.106.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://9ac6e14419.news-xtejako.com/lands/39/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.106.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 22:33:32 GMT
last-modified: Fri, 05 Jul 2024 13:59:03 GMT
server: nginx
accept-ranges: bytes
etag: "6687fc27-24d"
content-length: 589
content-type: image/png

GET
H2

200

_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png
i.wmgtr.com/cic/
Redirect Chain

https://img.cdn.house/i/1/EP7pHJBArD1TY3ifw4A_Xb_9aXPRwm-8pBRVF45Px2j7WGmZZVXgNW6SkXBeDuoBKZBomtIdvzovvjb0y-4KKYLlDnSC04q6w4rwKF7LCu7Luzv8AGkPhtM4JszqqaGa9uoYD61Mi89b7ybSiTeYhjBwiQWtDYUysjrUqNYIZY3...
https://bcnkul.xyz/dsp/ph/icm?aid=16975133624010558083&mid=0&sid=992&t=1720218812&subid=1218914904
https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png

28 KB
28 KB

154ms
48ms

Image
image/png

45.133.44.32

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png

Protocol

Server

45.133.44.32 -, , ASN (),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

09959f401dbec86370932a57cc491685741bd4b6c7df2f344e680a0bb4b6177d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://9ac6e14419.news-xtejako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 06 Jul 2024 21:33:33 GMT
date: Fri, 05 Jul 2024 22:33:33 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png
date: Fri, 05 Jul 2024 22:33:33 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partners-tds.com/	1970-01-20 22:34:57	Name: _subid Value: 33fq9cj1521tbi
			partners-tds.com/	1970-01-21 07:26:18	Name: 933eb Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzIwMjE4ODA4fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzIwMjE4ODA4fSxcInRpbWVcIjoxNzIwMjE4ODA4fSJ9.DMnf_nW0cFtB-wz7b581uue9lxQogoEvo8_rqFth8AU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://adb0d0f1d3.news-xnifepo.cc/?id=1218914904&p1=&p2=&p3=&p4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://fb9d7e0842.news-xpatete.com/?i=1&id=1218914904&p1=&p2=&p3=&p4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://9ac6e14419.news-xtejako.com/?i=2&id=1218914904&p1=&p2=&p3=&p4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ac6e14419.news-xtejako.com
adb0d0f1d3.news-xnifepo.cc
bcnkul.xyz
fb9d7e0842.news-xpatete.com
i.wmgtr.com
img.cdn.house
news-cunazu.com
news-rebapa.cc
partners-tds.com
show.partners-show.com
136.243.32.106
136.243.42.50
142.202.51.61
144.76.106.61
144.76.56.162
148.251.138.178
188.34.194.114
193.108.118.16
23.158.56.201
2a02:b48:207:1::2
45.133.44.32
46.4.115.66
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
09959f401dbec86370932a57cc491685741bd4b6c7df2f344e680a0bb4b6177d
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
2accbe3023d9fabb4da33e9596cdd533b557f1605d07dbe3ff1aebb05a969e40
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
488ff7f817de53aaac1fb07ef145e3f751a5b5cc79bf72d8c8caeae9e290a33d
4d55792f013c61ff7ef1125715b11d8b1e38330f221a67547a11e93e6aba48a4
53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5
582b8e0ab1fcedb098f91ff52e3cb25dce96d0023b0972dff69a23eda126ef0c
6716637cbad28764874b0acd31860523372e385cf003db02457990f54061a595
882ba3efd4dc9f60d874d2e01b5642c240d9a650aafb8ad5fc4a45fb22186d3e
8ac1cba42d50e2708eedd5fbef5d0ba1c88da5ad8c4fb0a043c1089ee7184357
9399926637e7d45542ca82cdc7e7277b52649cd76ccefcb32202e619f7341fd9
a59a409d900c03e164414932cc215944409eec23583cc188e15c2a409bd1126a
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
af7b089333ed362a14807d305c010c75ca95db421f5851842c4307603df5b7e5
b49c08b1b60ef1fb603fb2399aa6c3278e32668bffa7b8856b7ed5bef877bbfc
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
fa209930317184a0cb01a4de7f07ef5e3da7cf29796925cdb32b689ddbaf2eba

9ac6e14419.news-xtejako.com Open in urlscan Pro 144.76.106.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

34 Requests

97 %HTTPS

8 %IPv6

10 Domains

10 Subdomains

8 IPs

2 Countries

182 kBTransfer

274 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

9ac6e14419.news-xtejako.com Open in urlscan Pro
144.76.106.61 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

8 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

182 kB
Transfer

274 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions