urlscan.io logo urlscan.io
SecurityTrails logo

news-xagedi.cc Open in urlscan Pro
144.76.106.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ap.lc/sstqg
Effective URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Submission: On December 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 15 domains to perform 17 HTTP transactions. The main IP is 144.76.106.61, located in Germany and belongs to HETZNER-AS, DE. The main domain is news-xagedi.cc. The Cisco Umbrella rank of the primary domain is 941415.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.
This is the only time news-xagedi.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 67.212.173.75 32475 (SINGLEHOP...)
1 1 88.99.165.85 24940 (HETZNER-AS)
1 185.162.87.220 39572 (ADVANCEDH...)
3 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 1 138.68.123.185 14061 (DIGITALOC...)
1 1 18.210.103.13 14618 (AMAZON-AES)
1 2 192.133.142.177 15317 (SERVEREL-AS)
1 199.182.164.165 15317 (SERVEREL-AS)
1 1 173.214.244.181 15317 (SERVEREL-AS)
1 1 172.67.196.180 13335 (CLOUDFLAR...)
6 144.76.106.61 24940 (HETZNER-AS)
1 46.4.134.147 ()
1 2a04:4e42:200... ()
17 9
1    2606:4700:3032::6815:547c (United States)

ASN13335 (CLOUDFLARENET, US)
ap.lc
2    67.212.173.75 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
tr.urlverkorten.nl
1    88.99.165.85 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85.165.99.88.clients.your-server.de
mobilesmon.org
1    185.162.87.220 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
fmqrsj.com
3    2a02:b4a:1:7::9167:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
mdakky.com
1    138.68.123.185 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
tratbc.com
1    18.210.103.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-103-13.compute-1.amazonaws.com
track.wbdpnz.com
2    192.133.142.177 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 177.142.133.192.serverel.net
bstnwsgwrld4.xyz
1    199.182.164.165 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 165.164.182.199.serverel.net
rexpush.club
1    173.214.244.181 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.244.181.serverel.net
gpshtb.com
1    172.67.196.180 (United States)

ASN13335 (CLOUDFLARENET, US)
ykrvt.bestssp.top
6    144.76.106.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.106.76.144.clients.your-server.de
news-xagedi.cc
1    46.4.134.147 (None, )

ASN- ()
errors.house
1    2a04:4e42:200::729 (None, )

ASN- ()
browser.sentry-cdn.com
Apex Domain
Subdomains		 Transfer
6 news-xagedi.cc
news-xagedi.cc — Cisco Umbrella Rank: 941415
45 KB
3 mdakky.com
mdakky.com — Cisco Umbrella Rank: 42437
301 B
2 bstnwsgwrld4.xyz
bstnwsgwrld4.xyz
5 KB
2 urlverkorten.nl
tr.urlverkorten.nl
4 KB
1 sentry-cdn.com
browser.sentry-cdn.com
20 KB
1 errors.house
errors.house
2 KB
1 bestssp.top
ykrvt.bestssp.top
477 B
1 gpshtb.com
gpshtb.com
116 B
1 rexpush.club
rexpush.club — Cisco Umbrella Rank: 477611
30 KB
1 wbdpnz.com
track.wbdpnz.com — Cisco Umbrella Rank: 447119
594 B
1 tratbc.com
tratbc.com — Cisco Umbrella Rank: 936102
403 B
1 fmqrsj.com
fmqrsj.com
12 KB
1 mobilesmon.org
mobilesmon.org
413 B
1 ap.lc
ap.lc
677 B
0 news-jenima.com Failed
765e7bbf4e.news-jenima.com Failed
17 15
Domain Requested by
6 news-xagedi.cc rexpush.club
news-xagedi.cc
3 mdakky.com fmqrsj.com
2 bstnwsgwrld4.xyz 1 redirects fmqrsj.com
2 tr.urlverkorten.nl tr.urlverkorten.nl
1 browser.sentry-cdn.com errors.house
1 errors.house news-xagedi.cc
1 ykrvt.bestssp.top 1 redirects
1 gpshtb.com 1 redirects
1 rexpush.club bstnwsgwrld4.xyz
1 track.wbdpnz.com 1 redirects
1 tratbc.com 1 redirects
1 fmqrsj.com tr.urlverkorten.nl
1 mobilesmon.org 1 redirects
1 ap.lc 1 redirects
0 765e7bbf4e.news-jenima.com Failed news-xagedi.cc
17 15

This site contains no links.

Subject Issuer Validity Valid
tr.urlverkorten.nl
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
fmqrsj.com
R3		 2023-10-26 -
2024-01-24		 3 months crt.sh
mdakky.com
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.eu.rplnd60.com
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.druzya-push.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.news-xagedi.cc
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
errors.house
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh

This page contains 1 frames:

Frame: https://765e7bbf4e.news-jenima.com/?i=1&id=1218717456&p1=tk_main
Frame ID: BBC810B5156243A7C3D5575C2BEECEC6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ap.lc/sstqg HTTP 301
    https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_mul... Page URL
  2. https://tr.urlverkorten.nl/proc.php?31ff86c502ee80a7e5882b187de42bd42cefef56 Page URL
  3. https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=25099-8566a70z&pu=25099&br=Chrome&sid=... HTTP 302
    https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ... Page URL
  4. https://tratbc.com/tb?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bb... HTTP 302
    https://track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a17923&campaign_id=&country=&... HTTP 302
    https://bstnwsgwrld4.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaetht... HTTP 302
    https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaet... Page URL
  5. https://gpshtb.com/go/707?source=2898 HTTP 302
    https://ykrvt.bestssp.top/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898 HTTP 302
    https://news-xagedi.cc/?id=1218717456&p1=tk_main Page URL

Page Statistics

17
Requests

94 %
HTTPS

21 %
IPv6

15
Domains

15
Subdomains

9
IPs

3
Countries

119 kB
Transfer

232 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ap.lc/sstqg HTTP 301
    https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589 Page URL
  2. https://tr.urlverkorten.nl/proc.php?31ff86c502ee80a7e5882b187de42bd42cefef56 Page URL
  3. https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=25099-8566a70z&pu=25099&br=Chrome&sid=M7309589628305014952 HTTP 302
    https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689 Page URL
  4. https://tratbc.com/tb?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689 HTTP 302
    https://track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a17923&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1000851&sub_period=&cost=&click_id=7VN8HBBAp00bc3Qn HTTP 302
    https://bstnwsgwrld4.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&fullscreen=1 HTTP 302
    https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&fullscreen=1 Page URL
  5. https://gpshtb.com/go/707?source=2898 HTTP 302
    https://ykrvt.bestssp.top/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898 HTTP 302
    https://news-xagedi.cc/?id=1218717456&p1=tk_main Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ap.lc/sstqg HTTP 301
  • https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589
Request Chain 2
  • https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=25099-8566a70z&pu=25099&br=Chrome&sid=M7309589628305014952 HTTP 302
  • https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
Request Chain 6
  • https://tratbc.com/tb?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689 HTTP 302
  • https://track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a17923&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1000851&sub_period=&cost=&click_id=7VN8HBBAp00bc3Qn HTTP 302
  • https://bstnwsgwrld4.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&fullscreen=1 HTTP 302
  • https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&fullscreen=1

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tr.urlverkorten.nl/
Redirect Chain
  • https://ap.lc/sstqg
  • https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.75 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 06 Dec 2023 21:00:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
831776159ce2d9f9-MIA
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:00:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkbGujJVU2clrZlW6xuON1wt3XO3dAQWI9AMZ4%2B%2FiW27zJ1pJZxHbeghPHFqtbRYu161MMVWQb%2FAP9Q%2BKFV5cdIU6I8p%2BcVbJUAPxy%2BHlsKLzJQbhWNK26K%2FaHMtLk5Ooi01Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
proc.php
tr.urlverkorten.nl/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.urlverkorten.nl/proc.php?31ff86c502ee80a7e5882b187de42bd42cefef56
Requested by
Host: tr.urlverkorten.nl
URL: https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.75 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.12
Resource Hash

Request headers

Referer
https://tr.urlverkorten.nl/?utm_medium=ee699e573d07b8fc439bc6813da4b3d4b087a50e&utm_campaign=target_multigeo_eed589
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:00:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=25099-8566a70z&pu=25099&br=Chrome&sid=M7309589628305014952
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.12
download-1
fmqrsj.com/
Redirect Chain
  • https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=25099-8566a70z&pu=25099&br=Chrome&sid=M7309589628305014952
  • https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
23 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
Requested by
Host: tr.urlverkorten.nl
URL: https://tr.urlverkorten.nl/proc.php?31ff86c502ee80a7e5882b187de42bd42cefef56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.87.220 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
d6fe7d4e5a65959eb56cad638fcea58f5f3c2bdd14e3bceeb6bf3518da97834b

Request headers

Referer
https://tr.urlverkorten.nl/proc.php?31ff86c502ee80a7e5882b187de42bd42cefef56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:01:00 GMT
server
nginx/1.25.0
vary
Accept-Encoding
x-zone
eu4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:00:59 GMT
location
https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
server
nginx/1.14.2
strict-transport-security
max-age=31536000
rpe
mdakky.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1000851&st=1007080&wd=17923&d=fmqrsj.com&tpl=25&rnd=0.6218939769247178&sbid=&sbid2=
Requested by
Host: fmqrsj.com
URL: https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9167:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fmqrsj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 06 Dec 2023 21:01:00 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
rpe
mdakky.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdakky.com/rpe?a=1&s=1&act=12&src=2&p=1000851&st=1007080&wd=17923&d=fmqrsj.com&tpl=25&rnd=0.6634227522122345&sbid=&sbid2=
Requested by
Host: fmqrsj.com
URL: https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9167:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fmqrsj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 06 Dec 2023 21:01:00 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
rpe
mdakky.com/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mdakky.com/rpe?a=1&s=1&act=7&src=2&p=1000851&st=1007080&wd=17923&d=fmqrsj.com&tpl=25&rnd=0.519991451052215&sbid=&sbid2=
Requested by
Host: fmqrsj.com
URL: https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9167:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fmqrsj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 06 Dec 2023 21:01:00 GMT
accept-ch
Sec-CH-UA-Platform-Version
server
nginx/1.18.0
content-length
0
/
bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/
Redirect Chain
  • https://tratbc.com/tb?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
  • https://track.wbdpnz.com/7e39237b-016a-417b-a894-f3eeab5fe410?source_id=a17923&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1000851&sub_period=&cost=&click_id=7VN8HBB...
  • https://bstnwsgwrld4.xyz/rotator/348/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&fullscreen=1
  • https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&fullscreen=1
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&fullscreen=1
Requested by
Host: fmqrsj.com
URL: https://fmqrsj.com/download-1?h=waWQiOjEwMDA4NTEsInNpZCI6MTAwNzA4MCwid2lkIjoxNzkyMywic3JjIjoyfQ==eyJ&bbr=1&click_id=4230bd5ocrndu0689
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.133.142.177 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
177.142.133.192.serverel.net
Software
nginx /
Resource Hash
af45f12bea87616304754b76164ff9a1d47046f47adf7176b26a67118107bcbf

Request headers

Referer
https://fmqrsj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:01:02 GMT
permissions-policy
ch-ua=(self "https://rexpush.club"), ch-ua-mobile=(self "https://rexpush.club"), ch-ua-platform=(self "https://rexpush.club"), ch-ua-full-version=(self "https://rexpush.club"), ch-ua-full-version-list=(self "https://rexpush.club"), ch-ua-platform-version=(self "https://rexpush.club"), ch-ua-arch=(self "https://rexpush.club"), ch-ua-wow64=(self "https://rexpush.club"), ch-ua-bitness=(self "https://rexpush.club"), ch-ua-model=(self "https://rexpush.club")
server
nginx

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:01:02 GMT
location
https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&fullscreen=1
server
nginx
s_192eafde99bb3a62708eb78ff65ee537.min.js
rexpush.club/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rexpush.club/js/s_192eafde99bb3a62708eb78ff65ee537.min.js?tag=2898&attempt=0&rnd=295229884&lnd=check_browser&v=2&token=b0d424bbf54ce8cabb7d18b1dc2a36b7&click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&t_rdr=
Requested by
Host: bstnwsgwrld4.xyz
URL: https://bstnwsgwrld4.xyz/check_browser/2898/b0d424bbf54ce8cabb7d18b1dc2a36b7/?click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&fullscreen=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.182.164.165 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
165.164.182.199.serverel.net
Software
nginx /
Resource Hash
fdabd098b88a3ad7ddea0705536f4699dcbbc35472761aa3dbbb089d01bd2595

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bstnwsgwrld4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:02 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
Primary Request /
news-xagedi.cc/
Redirect Chain
  • https://gpshtb.com/go/707?source=2898
  • https://ykrvt.bestssp.top/?pl=epbJxbtxQEuIs1LQXyqFHg&sub_id=2898
  • https://news-xagedi.cc/?id=1218717456&p1=tk_main
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news-xagedi.cc/?id=1218717456&p1=tk_main
Requested by
Host: rexpush.club
URL: https://rexpush.club/js/s_192eafde99bb3a62708eb78ff65ee537.min.js?tag=2898&attempt=0&rnd=295229884&lnd=check_browser&v=2&token=b0d424bbf54ce8cabb7d18b1dc2a36b7&click_id=w6imsqg98vkaethti1aqq1rk&sub1=a17923&sub2=&sub3=&tb=&t_rdr=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.106.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
c1ddd9065aa1424dd82502893c3c71669a23f1ed48c1709fc33cf56ae59848f6

Request headers

Referer
https://bstnwsgwrld4.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 21:01:04 GMT
server
nginx
vary
Origin

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
831776440ccf31ef-MIA
content-length
0
date
Wed, 06 Dec 2023 21:01:04 GMT
location
https://news-xagedi.cc/?id=1218717456&p1=tk_main
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87u9fqx9s9zq2M%2FPA38w3G%2FzpNZ8SZS%2B3VBnyLmZYjJ%2FhDMSqNL3M9Rk3leIobxsd6rjie%2F6p2lil3CLGDJdl5yZiCV3%2B9gkRs%2F%2FcNXv2Lbhi6Of9qbeYcFghqH9lr8TqXy%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
c682bf15f58a4ecea9ff491233690e22.min.js
errors.house/js-sdk-loader/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://errors.house/js-sdk-loader/c682bf15f58a4ecea9ff491233690e22.min.js
Requested by
Host: news-xagedi.cc
URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.4.134.147 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
58664ef4f18d3763e07cf7c74738b3a1089fc115331ce34bfe300be3e125b510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news-xagedi.cc/
Origin
https://news-xagedi.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 21:01:05 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Surrogate-Key
project/7 sdk/7.15.0 sdk-loader
Server
nginx/1.23.1
X-Frame-Options
deny
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
Connection
close
Content-Length
1855
X-XSS-Protection
1; mode=block
revopush.js
news-xagedi.cc/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xagedi.cc/revopush.js
Requested by
Host: news-xagedi.cc
URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.106.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
a35876c74a7686acc90ac9e198313f89062cf1e0e22cac557b623c92f69f19d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news-xagedi.cc/?id=1218717456&p1=tk_main
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:04 GMT
last-modified
Fri, 01 Dec 2023 12:50:34 GMT
server
nginx
accept-ranges
bytes
etag
"6569d69a-4701"
content-length
18177
content-type
application/javascript; charset=utf-8
man.png
news-xagedi.cc/lands/16/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xagedi.cc/lands/16/man.png
Requested by
Host: news-xagedi.cc
URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.106.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news-xagedi.cc/?id=1218717456&p1=tk_main
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:04 GMT
last-modified
Fri, 01 Dec 2023 12:50:34 GMT
server
nginx
accept-ranges
bytes
etag
"6569d69a-295f"
content-length
10591
content-type
image/png
logo.png
news-xagedi.cc/lands/16/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xagedi.cc/lands/16/logo.png
Requested by
Host: news-xagedi.cc
URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.106.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news-xagedi.cc/?id=1218717456&p1=tk_main
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:04 GMT
last-modified
Fri, 01 Dec 2023 12:50:34 GMT
server
nginx
accept-ranges
bytes
etag
"6569d69a-425"
content-length
1061
content-type
image/png
bot.png
news-xagedi.cc/lands/16/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xagedi.cc/lands/16/bot.png
Requested by
Host: news-xagedi.cc
URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.106.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://news-xagedi.cc/?id=1218717456&p1=tk_main
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:05 GMT
last-modified
Fri, 01 Dec 2023 12:50:34 GMT
server
nginx
accept-ranges
bytes
etag
"6569d69a-2b23"
content-length
11043
content-type
image/png
bundle.es5.min.js
browser.sentry-cdn.com/7.15.0/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.15.0/bundle.es5.min.js
Requested by
Host: errors.house
URL: https://errors.house/js-sdk-loader/c682bf15f58a4ecea9ff491233690e22.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 -, , ASN (),
Reverse DNS
Software
Fastly /
Resource Hash
cab38c92e159d807e061b6e26849de7e32ce1b6e7cbd155aa8d755b8290cd333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://news-xagedi.cc/
Origin
https://news-xagedi.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:01:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 10 Oct 2022 12:23:16 GMT
server
Fastly
age
1933406
etag
"630573cba95f68cf0b327187fb13c020"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20163
expires
Tue, 17 Sep 2024 16:31:01 GMT
reject
news-xagedi.cc/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news-xagedi.cc/reject
Requested by
Host: news-xagedi.cc
URL: https://news-xagedi.cc/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.106.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
https://news-xagedi.cc/?id=1218717456&p1=tk_main
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 06 Dec 2023 21:01:05 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
/
765e7bbf4e.news-jenima.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
765e7bbf4e.news-jenima.com
URL
https://765e7bbf4e.news-jenima.com/?i=1&id=1218717456&p1=tk_main

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Domain/Path Name / Value
ap.lc/ Name: PHPSESSID
Value: n509qaj7b9f53ho8hk26rfa4s4
mobilesmon.org/ Name: uclick
Value: d5ocrndu0
mobilesmon.org/ Name: uclickhash
Value: d5ocrndu0-d5ocrndu0-bzfe-0-1nwj-wfbgvr-pmojwj-ab9fb4
.fmqrsj.com/ Name: truniq
Value: 1
.fmqrsj.com/ Name: tracking
Value: 1
.fmqrsj.com/ Name: prompt
Value: 1
.track.wbdpnz.com/ Name: 7e39237b-016a-417b-a894-f3eeab5fe410-v4
Value: TZbX8YeJA2VtGksUkig8RobADOqNO6_u6lcCNWJbKhM
.track.wbdpnz.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22w6imsqg98vkaethti1aqq1rk%22%2C%22caid%22%3A%227e39237b-016a-417b-a894-f3eeab5fe410%22%7D
.rexpush.club/ Name: _f_30d9ff6106b5fe28d448dd5186c64932
Value: 2
news-xagedi.cc/ Name: clickdata
Value: eyJzdWJhY2MiOjEyMTg3MTc0NTYsImxhbmQiOjE2LCJwMSI6InRrX21haW4ifQ==

1 Console Messages

Source Level URL
Text
other error URL: https://news-xagedi.cc/?id=1218717456&p1=tk_main
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.