sfdaily1.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxheh...
Effective URL:
https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNB...
Submission: On June 30 via api (June 30th 2024, 1:53:35 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 17 domains to perform 21 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is sfdaily1.xyz.
TLS certificate: Issued by E5 on June 25th 2024. Valid for: 3 months.

This is the only time sfdaily1.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 12	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
6 6	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
2 5	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a01:9580:477... 2a01:9580:4771::12	49544 (I3DNET) (I3DNET)
2	2a01:9580:477... 2a01:9580:4771::11	49544 (I3DNET) (I3DNET)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 5	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3038::6815:eabf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	7

12 173.214.240.15 (United States) 7 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

freshchronicles3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
washingtonjournal2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sfdaily1.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
darkday3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.182.164.180 (United States) 6 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.galaxypush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.rexsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.adpicmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.pushsupreme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.justpush.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:1::6813:854c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:9580:4771::12 (Settimo Milanese, Italy) 1 redirects

ASN49544 (I3DNET, NL)

eu.boxif.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:9580:4771::11 (Settimo Milanese, Italy)

ASN49544 (I3DNET, NL)

cdn.amnew.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:1::6813:844c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

feed-33879.feedfinder23.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eabf (United States)

ASN13335 (CLOUDFLARENET, US)

notifypicture.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mgid.com 4 redirects c.mgid.com — Cisco Umbrella Rank: 5892 s-img.mgid.com — Cisco Umbrella Rank: 8542	35 KB
5	freshchronicles3.xyz 2 redirects freshchronicles3.xyz	3 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	sfdaily1.xyz 1 redirects sfdaily1.xyz	3 KB
2	notifypicture.info notifypicture.info — Cisco Umbrella Rank: 45355	74 KB
2	amnew.net cdn.amnew.net — Cisco Umbrella Rank: 11380	28 KB
2	rexsrv.com 2 redirects xml.rexsrv.com — Cisco Umbrella Rank: 77461	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
2	freetrckr.com 2 redirects freetrckr.com — Cisco Umbrella Rank: 672301	681 B
1	feedfinder23.info 1 redirects feed-33879.feedfinder23.info	524 B
1	justpush.pro 1 redirects xml.justpush.pro — Cisco Umbrella Rank: 154979	206 B
1	darkday3.xyz 1 redirects darkday3.xyz	111 B
1	pushsupreme.com 1 redirects xml.pushsupreme.com — Cisco Umbrella Rank: 105576	670 B
1	boxif.xyz 1 redirects eu.boxif.xyz	117 B
1	adpicmedia.net 1 redirects xml.adpicmedia.net — Cisco Umbrella Rank: 430836	214 B
1	washingtonjournal2.xyz 1 redirects washingtonjournal2.xyz	110 B
1	galaxypush.com 1 redirects xml.galaxypush.com — Cisco Umbrella Rank: 140711	669 B
21	17

	Domain	Requested by
6	s-img.mgid.com	freshchronicles3.xyz sfdaily1.xyz
5	freshchronicles3.xyz	2 redirects freshchronicles3.xyz
4	fonts.gstatic.com	fonts.googleapis.com
4	c.mgid.com	4 redirects
3	sfdaily1.xyz	1 redirects freshchronicles3.xyz
2	notifypicture.info	sfdaily1.xyz
2	cdn.amnew.net	freshchronicles3.xyz
2	xml.rexsrv.com	2 redirects
2	fonts.googleapis.com	freshchronicles3.xyz sfdaily1.xyz
2	freetrckr.com	2 redirects
1	feed-33879.feedfinder23.info	1 redirects
1	xml.justpush.pro	1 redirects
1	darkday3.xyz	1 redirects
1	xml.pushsupreme.com	1 redirects
1	eu.boxif.xyz	1 redirects
1	xml.adpicmedia.net	1 redirects
1	washingtonjournal2.xyz	1 redirects
1	xml.galaxypush.com	1 redirects
21	18

This site contains no links.

Subject Issuer	Validity	Valid
fresharticles3.xyz E5	`2024-06-25` - `2024-09-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
mgid.com E1	`2024-05-09` - `2024-08-07`	3 months	crt.sh
*.amnew.net R3	`2024-05-05` - `2024-08-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
notifypicture.info GTS CA 1P5	`2024-05-28` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: 46ADAC80D00B6ADFFEC54E2D9161A14A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser before accessing

Page URL History Show full URLs

http://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymi... HTTP 307
https://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymi... HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0Ex... Page URL
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0Ey... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

71 %
HTTPS

80 %
IPv6

17
Domains

18
Subdomains

7
IPs

3
Countries

206 kB
Transfer

237 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylta5owmxogjlmgm5zdblmtk2nju0nguym2m2odk0n2qxltm5ntetmc4wmdq3mtmlmjilnuqln0q%3d&t=1719603141812&rnd=45922752...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 307
https://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylta5owmxogjlmgm5zdblmtk2nju0nguym2m2odk0n2qxltm5ntetmc4wmdq3mtmlmjilnuqln0q%3d&t=1719603141812&rnd=45922752...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylta5owmxogjlmgm5zdblmtk2nju0nguym2m2odk0n2qxltm5ntetmc4wmdq3mtmlmjilnuqln0q%3d&t=1719603141812&rnd=45922752...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 307
https://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylta5owmxogjlmgm5zdblmtk2nju0nguym2m2odk0n2qxltm5ntetmc4wmdq3mtmlmjilnuqln0q%3d&t=1719603141812&rnd=45922752...~311~...lcl9qcf91c19kzxnrjtiyjtde&if=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://freshchronicles3.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_301_3951_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwuZ2FsYXh5cHVzaC5jb20lMkZpY29uJTNGc2lkJTNENmNlODk2YWY1NTgzMDcwYjJjYzFhMTQwNWVhZDViMzUlMjZybmQlM0QyMjU5MDgyODg%3D&t=1719712410959&rnd=495890191&i=1 HTTP 302
https://xml.galaxypush.com/icon?sid=6ce896af5583070b2cc1a1405ead5b35&rnd=225908288 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|oUdF-dHFTTiJobTEZRAeRPjR3X5o8H2CWQsArOBSLe-Oe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6Sv2pGHnHA1Bjza8-5lB0-o*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J7WcOuQX_KbNky0GlMNJxG62YXUI2V&rid=8ca89c09-3683-11ef-82ff-c84bd6836428&psid=670578&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTcxMjQxMC1idk1YSzhXMmxXcVVRRzczWm05WUVWYV9zZlJxM0tKZlY1ZHgwVmtFZEpN HTTP 301
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712410-bvMXK8W2lWqUQG73Zm9YEVa_sfRq3KJfV5dx0VkEdJM

Request Chain 3

https://washingtonjournal2.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QxY2UyMGIyNDhkZTk0Yjk2YTllOTk3MzEwZGExY2NmZCUyNnJuZCUzRDM3NjcwMDcxOQ%3D%3D&t=1719712410959&rnd=463031373&i=1 HTTP 302
https://xml.rexsrv.com/icon?sid=1ce20b248de94b96a9e997310da1ccfd&rnd=376700719 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|oUdF-dHFTTiJobTEZRAeRPjR3X5o8H2CWQsArOBSLe-Oe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6Sv2pGHnHA1Bjza8-5lB0-o*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J7WcOuQX_KbNky0GlMNJxG62YXUI2V&rid=8ca96811-3683-11ef-9bf3-c84bd6826564&psid=107101&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTcxMjQxMC1idk1YSzhXMmxXcVVRRzczWm05WUVWYV9zZlJxM0tKZlY1ZHgwVmtFZEpN HTTP 301
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712410-bvMXK8W2lWqUQG73Zm9YEVa_sfRq3KJfV5dx0VkEdJM

Request Chain 5

https://xml.adpicmedia.net/icon?sid=726bc50c1ded587132171f688eb5a7cd&rnd=561550144 HTTP 302
https://eu.boxif.xyz/nty/metrics/save.img?event=impressions&bid-id=v2-1719712410185-7-5583-1354045-8a36b29a-8c1e-55e9-4344-e3bfa8021997&img=https%3A%2F%2Fcdn.amnew.net%2Ffiles%2F666eeba923f2f_2024_06_16_01_42_01_image.webp HTTP 302
https://cdn.amnew.net/files/666eeba923f2f_2024_06_16_01_42_01_image.webp

Request Chain 12

https://sfdaily1.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_533_3952_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaHN1cHJlbWUuY29tJTJGaWNvbiUzRnNpZCUzRDAwMGQzYjYyNTFmNjIyMDZlNmM4NDJlZTg1MzU1NDQ2JTI2cm5kJTNENDQ1Mzk2NjM1&t=1719712414171&rnd=851512653&i=1 HTTP 302
https://xml.pushsupreme.com/icon?sid=000d3b6251f62206e6c842ee85355446&rnd=445396635 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|vRf4POzhDdvud9uV8xEBOvjR3X5o8H2CWQsArOBSLe-Oe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6ejpzA9dFu513RRc6yYk8so*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J7WcOuQX_KbNky0GlMNJxG62YXUI2V&rid=8eac4115-3683-11ef-9bf3-c84bd6826564&psid=178307&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTcxMjQxMy14bEVuTDBxS2JnckJRM2JfdVZEQkpqcE12SWZKdTE4LWR6TUxFMUsxNzdB HTTP 301
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712413-xlEnL0qKbgrBQ3b_uVDBJjpMvIfJu18-dzMLE1K177A

Request Chain 13

https://darkday3.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QxOTYwMjkzYTZjYWNhMTBkMGM1Y2JhNTkwYzE0NWUyYSUyNnJuZCUzRDkzODY1NzgzMw%3D%3D&t=1719712414171&rnd=440618076&i=1 HTTP 302
https://xml.rexsrv.com/icon?sid=1960293a6caca10d0c5cba590c145e2a&rnd=938657833 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|vRf4POzhDdvud9uV8xEBOvjR3X5o8H2CWQsArOBSLe-1xqJc6ms7klagU3qILI0ZYI7T6wt2cr-z3l4u8DkU6bUxzHhbgmvy3BWHFkd20bs*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J7WcOuQX_KbNky0GlMNJxG62YXUI2V&rid=8eab0779-3683-11ef-96d1-c84bd68370b4&psid=107077&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4OTIxMTY2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDNoNVgyTmxiblJsY2l4eFgyRjFkRzg2WjI5dlpDeDNYemsyTUN4NFh6RXhNRFFzZVY4ek5UY3ZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qUXRNRE12TnpFNU5qY3pMelF4TURJMk5UVTVaREppTlRSa01qRm1NR1l6T1Rkak1UaGlOVGRpWW1SakxtcHdady53ZWJwP3Y9MTcxOTcxMjQxMy14bEVuTDBxS2JnckJRM2JfdVZEQkpqcE12SWZKdTE4LWR6TUxFMUsxNzdB HTTP 301
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712413-xlEnL0qKbgrBQ3b_uVDBJjpMvIfJu18-dzMLE1K177A

Request Chain 15

https://xml.justpush.pro/icon?sid=f7285f779f616cfd46545772f22e17ec&rnd=38646000 HTTP 302
https://feed-33879.feedfinder23.info/api/push/track?id=51-140yq6h&event=1&sig=28f1fc0e43bb1358392b66c301a1d3&u=aHR0cHM6Ly9ub3RpZnlwaWN0dXJlLmluZm8vcC9jcmVhdGl2ZS1pY29uLzU1ODI1MC5wbmc%3D&time=1719712413 HTTP 302
https://notifypicture.info/p/creative-icon/558250.png

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js Show response
freshchronicles3.xyz/
Redirect Chain

http://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylta5owmxogjlmgm5zdblmtk2nju...
https://freshchronicles3.xyz/event_d3fe6a30-ead9-4985-68cc-75506e7f73fc_301_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5nywxhehlwdxnolmnvbsuymiuyqyuymnulmjilm0elnuilmjixnjqylta5owmxogjlmgm5zdblmtk2nj...
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1
https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
2 KB

158ms
158ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 8c4119c16bcc3215664b79075329b41f318ef205a3f018aeed1771e28e4ef33a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 30 Jun 2024 01:53:30 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Sun, 30 Jun 2024 01:53:30 GMT
location: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: freshchronicles3.xyz
URL: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://freshchronicles3.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jun 2024 01:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jun 2024 00:02:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jun 2024 01:53:31 GMT

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvN...
s-img.mgid.com/g/18921166/328x328/-/
Redirect Chain

https://freshchronicles3.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_301_3951_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwuZ2FsYXh5cHVzaC5jb20lMkZpY29uJTNGc2lkJTNENmNlODk2YWY1NTgzMDcwYjJjYzFhMTQwNWVhZDV...
https://xml.galaxypush.com/icon?sid=6ce896af5583070b2cc1a1405ead5b35&rnd=225908288
https://c.mgid.com/c?pv=2&v=0|0|0|oUdF-dHFTTiJobTEZRAeRPjR3X5o8H2CWQsArOBSLe-Oe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6Sv2pGHnHA1Bjza8-5lB0-o*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J...
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...

8 KB
8 KB

16ms
15ms

Image
image/webp

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712410-bvMXK8W2lWqUQG73Zm9YEVa_sfRq3KJfV5dx0VkEdJM

Requested by

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://freshchronicles3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 30 Jun 2024 01:53:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: cfadfc06-43d2-423e-87f4-2505d926d93a
age: 2561606
alt-svc: h3=":443"; ma=86400
content-length: 8376
last-modified: Mon, 20 May 2024 21:17:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 89ba85ecfcd82bdf-FRA

Redirect headers

date: Sun, 30 Jun 2024 01:53:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: b3008585-c3ce-4899-8dd6-bd1db26a21c6
server: cloudflare
location: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712410-bvMXK8W2lWqUQG73Zm9YEVa_sfRq3KJfV5dx0VkEdJM
cf-ray: 89ba85ecccc32bdf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

https://washingtonjournal2.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QxY2UyMGIyNDhkZTk0Yjk2YTllOTk3MzEwZGExY2NmZCU...
https://xml.rexsrv.com/icon?sid=1ce20b248de94b96a9e997310da1ccfd&rnd=376700719
https://c.mgid.com/c?pv=2&v=0|0|0|oUdF-dHFTTiJobTEZRAeRPjR3X5o8H2CWQsArOBSLe-Oe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6Sv2pGHnHA1Bjza8-5lB0-o*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J...
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...

8 KB
0

0ms
0ms

Image
image/webp

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712410-bvMXK8W2lWqUQG73Zm9YEVa_sfRq3KJfV5dx0VkEdJM
Requested by: Host: freshchronicles3.xyz
URL: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Server: 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://freshchronicles3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 30 Jun 2024 01:53:31 GMT
cf-cache-status: HIT
last-modified: Mon, 20 May 2024 21:17:04 GMT
x-mg-request-uuid: cfadfc06-43d2-423e-87f4-2505d926d93a
server: cloudflare
age: 2561606
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 89ba85ecfcd82bdf-FRA
content-length: 8376
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 30 Jun 2024 01:53:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 53dabe51-8539-4138-879a-10ebd97e420b
server: cloudflare
location: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712410-bvMXK8W2lWqUQG73Zm9YEVa_sfRq3KJfV5dx0VkEdJM
cf-ray: 89ba85ef0db12bdf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/453x227/-/ 8 KB
8 KB 31ms
18ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18921166/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzLzcxOTY3My80MTAyNjU1OWQyYjU0ZDIxZjBmMzk3YzE4YjU3YmJkYy5qcGc.webp?v=1719712410-AwTa4fyomJG__OQLBeUlaCz80hNrLa4oUtMeyGd-P-g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://freshchronicles3.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:53:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 2afe0285-a560-410f-9543-a7e6e5af0ead
age: 8932448
alt-svc: h3=":443"; ma=86400
content-length: 7736
last-modified: Mon, 18 Mar 2024 16:38:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 89ba85e95ae62bdf-FRA

GET
H2

200

666eeba923f2f_2024_06_16_01_42_01_image.webp
cdn.amnew.net/files/
Redirect Chain

https://xml.adpicmedia.net/icon?sid=726bc50c1ded587132171f688eb5a7cd&rnd=561550144
https://eu.boxif.xyz/nty/metrics/save.img?event=impressions&bid-id=v2-1719712410185-7-5583-1354045-8a36b29a-8c1e-55e9-4344-e3bfa8021997&img=https%3A%2F%2Fcdn.amnew.net%2Ffiles%2F666eeba923f2f_2024_...
https://cdn.amnew.net/files/666eeba923f2f_2024_06_16_01_42_01_image.webp

7 KB
7 KB

29ms
28ms

Image
image/webp

2a01:9580:4771::11
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amnew.net/files/666eeba923f2f_2024_06_16_01_42_01_image.webp
Requested by: Host: freshchronicles3.xyz
URL: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 2a01:9580:4771::11 Settimo Milanese, Italy, ASN49544 (I3DNET, NL),
Reverse DNS
Software: /
Resource Hash: c205317345343c6d80b5abe30453cb696f51a8d876384010e54a84f9b3d93359

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://freshchronicles3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

last-modified: Sun, 16 Jun 2024 13:42:02 GMT
accept-ranges: bytes
etag: "c8c048df44dff6824b3157369d1537ba"
content-length: 6960
content-type: image/webp

Redirect headers

location: https://cdn.amnew.net/files/666eeba923f2f_2024_06_16_01_42_01_image.webp
date: Sun, 30 Jun 2024 01:53:31 GMT
server: openresty/1.21.4.1
content-length: 0

GET
H2 200 666eeba88102b_2024_06_16_01_42_00_image.webp
cdn.amnew.net/files/ 21 KB
21 KB 164ms
28ms Image
image/webp 2a01:9580:4771::11
I3DNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.amnew.net/files/666eeba88102b_2024_06_16_01_42_00_image.webp
Requested by: Host: freshchronicles3.xyz
URL: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:9580:4771::11 Settimo Milanese, Italy, ASN49544 (I3DNET, NL),
Reverse DNS
Software: /
Resource Hash: bb95cfc554f95961ad157ecc05281a136b923d781e7898e49a357747cdfc632e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://freshchronicles3.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

last-modified: Sun, 16 Jun 2024 13:42:01 GMT
accept-ranges: bytes
etag: "ea432c8a1aab0834f472b77609da7ea2"
content-length: 21306
content-type: image/webp

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://freshchronicles3.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:43:41 GMT
x-content-type-options: nosniff
age: 238190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 07:43:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://freshchronicles3.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:31:01 GMT
x-content-type-options: nosniff
age: 202950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:31:01 GMT

GET
H2 404 favicon.ico
freshchronicles3.xyz/ 548 B
245 B 157ms
157ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freshchronicles3.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:53:32 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9414e9b4-c0fc-4812-1aa6-b25800248751_301_0_4001 Show response
freshchronicles3.xyz/ 114 B
208 B 158ms
157ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://freshchronicles3.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_301_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5nYWxheHlwdXNoLmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIxNjQyLTZjZTg5NmFmNTU4MzA3MGIyY2MxYTE0MDVlYWQ1YjM1LTM5NTEtMC4wMDA0NDElMjIlNUQlN0Q%3D&t=1719712410959&rnd=648289483&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: freshchronicles3.xyz
URL: https://freshchronicles3.xyz/sw_cddc8236-1a40-184d-40d5-25369b3a66e5_301_0_4001.js?h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 2c60fe2c9cfedf2c075729e2c04f490e6fab0d1e1c5975f0a9acc01cd4a9cca8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:53:33 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

Primary Request sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js Show response
sfdaily1.xyz/
Redirect Chain

https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1
https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

6 KB
2 KB

500ms
154ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: freshchronicles3.xyz
URL: https://freshchronicles3.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_301_0_4001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5nYWxheHlwdXNoLmNvbSUyMiUyQyUyMnUlMjIlM0ElNUIlMjIxNjQyLTZjZTg5NmFmNTU4MzA3MGIyY2MxYTE0MDVlYWQ1YjM1LTM5NTEtMC4wMDA0NDElMjIlNUQlN0Q%3D&t=1719712410959&rnd=648289483&js=1&io=0&h=JTdCJTIycmMlMjIlM0ExJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 6edcee1f33b4e30db1362b3cafa89e3ce72b4399ca70fcfc2aa3bcbc69abc4f5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "126.0.6478.126"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-wow64: ?0

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 30 Jun 2024 01:53:34 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Sun, 30 Jun 2024 01:53:33 GMT
location: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 37ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: sfdaily1.xyz
URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sfdaily1.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jun 2024 01:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jun 2024 00:11:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jun 2024 01:53:34 GMT

GET
H3

200

https://sfdaily1.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_533_3952_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaHN1cHJlbWUuY29tJTJGaWNvbiUzRnNpZCUzRDAwMGQzYjYyNTFmNjIyMDZlNmM4NDJlZTg1MzU1NDQ2JTI...
https://xml.pushsupreme.com/icon?sid=000d3b6251f62206e6c842ee85355446&rnd=445396635
https://c.mgid.com/c?pv=2&v=0|0|0|vRf4POzhDdvud9uV8xEBOvjR3X5o8H2CWQsArOBSLe-Oe9QMrVv0-OlCvITS_IGcYI7T6wt2cr-z3l4u8DkU6ejpzA9dFu513RRc6yYk8so*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J...
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...

8 KB
8 KB

18ms
17ms

Image
image/webp

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: sfdaily1.xyz
URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sfdaily1.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 30 Jun 2024 01:53:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: cfadfc06-43d2-423e-87f4-2505d926d93a
age: 2561609
alt-svc: h3=":443"; ma=86400
content-length: 8376
last-modified: Mon, 20 May 2024 21:17:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 89ba86012c0f65a9-FRA

Redirect headers

date: Sun, 30 Jun 2024 01:53:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 21a8eaa5-ac33-4c3a-a0bf-e4fcbe6c1587
server: cloudflare
location: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712413-xlEnL0qKbgrBQ3b_uVDBJjpMvIfJu18-dzMLE1K177A
cf-ray: 89ba8600fbfb65a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

https://darkday3.xyz/event_9414e9b4-c0fc-4812-1aa6-b25800248751_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QxOTYwMjkzYTZjYWNhMTBkMGM1Y2JhNTkwYzE0NWUyYSUyNnJuZCUzR...
https://xml.rexsrv.com/icon?sid=1960293a6caca10d0c5cba590c145e2a&rnd=938657833
https://c.mgid.com/c?pv=2&v=0|0|0|vRf4POzhDdvud9uV8xEBOvjR3X5o8H2CWQsArOBSLe-1xqJc6ms7klagU3qILI0ZYI7T6wt2cr-z3l4u8DkU6bUxzHhbgmvy3BWHFkd20bs*&cid=1574325&f=1&h2=lhYiY_ofmgUB0niIDuRJV7mkLhdwwlmaR3J...
https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zN...

8 KB
0

0ms
0ms

Image
image/webp

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712413-xlEnL0qKbgrBQ3b_uVDBJjpMvIfJu18-dzMLE1K177A
Requested by: Host: sfdaily1.xyz
URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Server: 2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sfdaily1.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 30 Jun 2024 01:53:34 GMT
cf-cache-status: HIT
last-modified: Mon, 20 May 2024 21:17:04 GMT
x-mg-request-uuid: cfadfc06-43d2-423e-87f4-2505d926d93a
server: cloudflare
age: 2561609
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 89ba86012c0f65a9-FRA
content-length: 8376
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 30 Jun 2024 01:53:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6e14eccc-0a9a-49d0-99ac-1b66fff07bc1
server: cloudflare
location: https://s-img.mgid.com/g/18921166/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzExMDQseV8zNTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMDMvNzE5NjczLzQxMDI2NTU5ZDJiNTRkMjFmMGYzOTdjMThiNTdiYmRjLmpwZw.webp?v=1719712413-xlEnL0qKbgrBQ3b_uVDBJjpMvIfJu18-dzMLE1K177A
cf-ray: 89ba86034cf965a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTA0LHlfMzU3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAzL...
s-img.mgid.com/g/18921166/453x227/-/ 8 KB
8 KB 27ms
18ms Image
image/webp 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: sfdaily1.xyz
URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sfdaily1.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:53:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 2afe0285-a560-410f-9543-a7e6e5af0ead
age: 8932451
alt-svc: h3=":443"; ma=86400
content-length: 7736
last-modified: Mon, 18 Mar 2024 16:38:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 89ba85fd7a1265a9-FRA

GET
H2

200

558250.png
notifypicture.info/p/creative-icon/
Redirect Chain

https://xml.justpush.pro/icon?sid=f7285f779f616cfd46545772f22e17ec&rnd=38646000
https://feed-33879.feedfinder23.info/api/push/track?id=51-140yq6h&event=1&sig=28f1fc0e43bb1358392b66c301a1d3&u=aHR0cHM6Ly9ub3RpZnlwaWN0dXJlLmluZm8vcC9jcmVhdGl2ZS1pY29uLzU1ODI1MC5wbmc%3D&time=171971...
https://notifypicture.info/p/creative-icon/558250.png

6 KB
7 KB

19ms
19ms

Image
image/png

2606:4700:3038::6815:eabf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notifypicture.info/p/creative-icon/558250.png
Requested by: Host: sfdaily1.xyz
URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Server: 2606:4700:3038::6815:eabf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fca4daabb1f6e22675b4301a9c846e9feefba42a0f65739e3cbc760c0ca36dc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 30 Jun 2024 01:53:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 851388
content-disposition: inline; filename="creative-icon-558250.png"
alt-svc: h3=":443"; ma=86400
content-length: 6317
pragma: public
last-modified: Tue, 21 May 2024 04:52:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3We%2BOIOnYYlHalGc83Q4of2hIvITIcceM3i5RAJDmZs2PmNIwnuOlb435yIf2Bp3BdNSYT3OtA2RhaSaA0fE6mnCLIlpl3FxjXIIDj5%2Ba9hdrOEE7rBb04qvO85bfLtiP4Ht1usiP1CDWj1OnNomAGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 89ba8600ca252bae-FRA
expires: 0

Redirect headers

date: Sun, 30 Jun 2024 01:53:34 GMT
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQqf8botibUP2z2ng8C7FhLuuj3GSA7t%2Fs9uLzd9gcsWnNNaKxGYDsFOJZ88m3WoCf4PaoGIHkR7Tk0M1XuBB1LunyFxxmyNZm0W%2FZHD5m8XipPv5rWbeOwvWGSZns094JKmQaoIRV%2BJYxadfhQVzHLCaD0fPaEmQk32"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
location: https://notifypicture.info/p/creative-icon/558250.png
cf-ray: 89ba86008c83361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 558250.png
notifypicture.info/p/creative-image/ 67 KB
68 KB 44ms
18ms Image
image/png 2606:4700:3038::6815:eabf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notifypicture.info/p/creative-image/558250.png
Requested by: Host: sfdaily1.xyz
URL: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eabf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7549e484d9ea4b217aef0654bfbea6d318b3422fc60eb90038191414ce91f575

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sfdaily1.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:53:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 851388
content-disposition: inline; filename="creative-image-558250.png"
alt-svc: h3=":443"; ma=86400
content-length: 68540
pragma: public
last-modified: Tue, 21 May 2024 05:08:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4%2FcytHY6OHl96OEha7G%2BZ3pksbP9PzySy7yiP%2BIqaBu6Bugiyhy504%2F2j2GD2q70euHoObSeK%2BHn8tqAE9DCsU4%2BbnDOksdOGhcJbhkMDwnUCBwhDhIG064vMSyO0W0iMFT7w9n%2FDSEK%2Bp8OwZZmGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 89ba85fd989f2bae-FRA
expires: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 27ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://sfdaily1.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:43:41 GMT
x-content-type-options: nosniff
age: 238193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 07:43:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://sfdaily1.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:31:01 GMT
x-content-type-options: nosniff
age: 202953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:31:01 GMT

GET
H2 404 favicon.ico
sfdaily1.xyz/ 548 B
246 B 153ms
153ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfdaily1.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sfdaily1.xyz/sw_67cc8e27-b963-38c7-8c85-c314d45fcc11_533_0_4001.js?h=JTdCJTIycmMlMjIlM0EyJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:53:35 GMT
content-encoding: gzip
server: nginx
content-type: text/html

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mgid.com/	1970-01-20 21:41:54	Name: __cf_bm Value: xY_yltiYZSBEuacRZs5iStYWCi9w2CNsdK10AQVrxWw-1719712411-1.0.1.1-FN.0Y6Oj9a2yL58maalh1k.bUen8F6BxubQ_aVr0OPiWPsrhi_4cAca26SaBtLJSCcDukgRMMEJMS_823zCmwQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://freshchronicles3.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sfdaily1.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
cdn.amnew.net
darkday3.xyz
eu.boxif.xyz
feed-33879.feedfinder23.info
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
freshchronicles3.xyz
notifypicture.info
s-img.mgid.com
sfdaily1.xyz
washingtonjournal2.xyz
xml.adpicmedia.net
xml.galaxypush.com
xml.justpush.pro
xml.pushsupreme.com
xml.rexsrv.com
173.214.240.15
199.182.164.180
2606:4700:1::6813:844c
2606:4700:1::6813:854c
2606:4700:3038::6815:eabf
2a00:1450:4001:802::200a
2a00:1450:4001:829::2003
2a01:9580:4771::11
2a01:9580:4771::12
2a06:98c1:3121::3
2c60fe2c9cfedf2c075729e2c04f490e6fab0d1e1c5975f0a9acc01cd4a9cca8
2fca4daabb1f6e22675b4301a9c846e9feefba42a0f65739e3cbc760c0ca36dc
3d301780ee7d567c8fe0b1ce66b0cef8e7c1c2979246130dc85941e094866cd5
6edcee1f33b4e30db1362b3cafa89e3ce72b4399ca70fcfc2aa3bcbc69abc4f5
7549e484d9ea4b217aef0654bfbea6d318b3422fc60eb90038191414ce91f575
822a111baef0867e5d1871de0aec9085165513bc0c11831d444d9055246c9efa
8c4119c16bcc3215664b79075329b41f318ef205a3f018aeed1771e28e4ef33a
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
bb95cfc554f95961ad157ecc05281a136b923d781e7898e49a357747cdfc632e
c205317345343c6d80b5abe30453cb696f51a8d876384010e54a84f9b3d93359
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

sfdaily1.xyz Open in urlscan Pro 173.214.240.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

71 %HTTPS

80 %IPv6

17 Domains

18 Subdomains

7 IPs

3 Countries

206 kBTransfer

237 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

sfdaily1.xyz Open in urlscan Pro
173.214.240.15 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

71 %
HTTPS

80 %
IPv6

17
Domains

18
Subdomains

7
IPs

3
Countries

206 kB
Transfer

237 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions