Submitted URL: http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2...
Effective URL: https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMS...
Submission: On May 14 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 14 domains to perform 30 HTTP transactions. The main IP is 173.214.240.15, located in United States and belongs to SERVEREL-AS, US. The main domain is weightlosshouse4.xyz.
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.
This is the only time weightlosshouse4.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 19 173.214.240.15 15317 (SERVEREL-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 199.182.164.180 15317 (SERVEREL-AS)
2 2 2a00:1d26:c77... 49544 (I3DNET)
2 2 88.214.205.55 46636 (NATCOWEB)
4 5.9.105.245 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1d26:877... ()
2 2 88.214.195.153 ()
30 5
Apex Domain
Subdomains
Transfer
8 trackingtraffo.com
track.trackingtraffo.com — Cisco Umbrella Rank: 183521
ads.trackingtraffo.com — Cisco Umbrella Rank: 223674
374 KB
7 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 729711
2 KB
4 thechronicles3.xyz
thechronicles3.xyz
3 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 skated.co
us.skated.co — Cisco Umbrella Rank: 47119
2 KB
4 spectrumtop1.xyz
spectrumtop1.xyz
3 KB
3 shopfinanciai2.xyz
shopfinanciai2.xyz
726 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 weightlosshouse4.xyz
weightlosshouse4.xyz
4 KB
1 rexsrv.com
xml.rexsrv.com
663 B
1 planetpush.net
xml.planetpush.net — Cisco Umbrella Rank: 141283
664 B
0 ppctraffic.co Failed
xml.ppctraffic.co Failed
0 wmgtr.com Failed
i.wmgtr.com Failed
0 adskeeper.com Failed
s-img.adskeeper.com Failed
30 14
Domain Requested by
7 freetrckr.com 7 redirects
4 thechronicles3.xyz 1 redirects spectrumtop1.xyz
thechronicles3.xyz
4 fonts.gstatic.com fonts.googleapis.com
4 ads.trackingtraffo.com spectrumtop1.xyz
thechronicles3.xyz
4 track.trackingtraffo.com 4 redirects
4 us.skated.co 4 redirects weightlosshouse4.xyz
4 spectrumtop1.xyz 1 redirects spectrumtop1.xyz
3 shopfinanciai2.xyz 3 redirects
2 fonts.googleapis.com spectrumtop1.xyz
thechronicles3.xyz
weightlosshouse4.xyz
1 weightlosshouse4.xyz thechronicles3.xyz
weightlosshouse4.xyz
1 xml.rexsrv.com 1 redirects
1 xml.planetpush.net 1 redirects
0 xml.ppctraffic.co Failed weightlosshouse4.xyz
0 i.wmgtr.com Failed weightlosshouse4.xyz
0 s-img.adskeeper.com Failed weightlosshouse4.xyz
30 15

This site contains no links.

Subject Issuer Validity Valid
roselocation1.xyz
R3
2024-04-05 -
2024-07-04
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
freshnewsnow3.xyz
R3
2024-03-15 -
2024-06-13
3 months crt.sh
homepig4.xyz
R3
2024-04-08 -
2024-07-07
3 months crt.sh

This page contains 1 frames:

Primary Page: https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Frame ID: B93009D720022D4F3F43FBBFB305055A
Requests: 30 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymi... HTTP 307
    https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 307
    http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymi... HTTP 301
    https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymi... HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
  2. https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJT... Page URL
  3. https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJT... Page URL

Page Statistics

30
Requests

43 %
HTTPS

44 %
IPv6

14
Domains

15
Subdomains

5
IPs

2
Countries

448 kB
Transfer

467 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 307
    https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 307
    http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 301
    https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 302
    https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  3. https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 307
  • https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 307
  • http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 301
  • https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmmtk1mjqyndc3ltmyodutmc4wmdqzndylmjilnuqln0q%3d&t=1715454404045&rnd=456752992&js=1...~311~...5nnb4ev9yzxhfdxmlmjiln0q=&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://spectrumtop1.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_102_2124_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNENDZiNWM2NjA2NTAyZmVkM2JlYWUwMDU4MTkyYzlmYzclMjZybmQlM0Q3NDUzMjAxMzc%3D&t=1715723605571&rnd=74957950&i=1 HTTP 302
  • https://xml.planetpush.net/icon?sid=46b5c6606502fed3beae0058192c9fc7&rnd=745320137 HTTP 302
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715723604858-7-3167-1338968-7dcb28e6-0554-d2e8-8ef2-91c6fbdeb6c9&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3DMjjEepaAhI5j7hgZhb2w22_1EzjXM0-bH-ygvSE_kFVqriXFcV5OcgKZdEYf-4wOh_hiuYcXHAtzytpInceoO4LI7s5YRRYTg2Pa4liWqf7xfRPaVlIHQfGUu3JvkU2_ZB-uqUf7HH2cnCxBsh1oMaU6KxirgmAiTwbMI8tpIOLW3mHNMKvPf1VdPXtbYvcSQfRxIYTXYqMBE_01sydVm6mYaF6dLsLzmUbKXoOxUxHvsykBYmglSR6WIBYuv0xxOmkTtXjFW5iNOu2dt60KqSEMFdgIqgiQcCnoOcfvhSYCZ0thCEtRByD5a2EdTHoRh65DEPjVpZxK3psKFQtSPBdQyfyD5ltrNbc-6WWZG6k-XOuSBmCCVaGGsnvRMiB38ed6aLXoWtXbD6SeTpXfLrjixnqFxwxJrlF2rn0M7Mp-sfkBYtXXCTTObMeBb7vxOU0fOa9scVBKjJbc4cDhfxA_cM03M7ycEpt_92BX7vtQibCFayYQsyCZez43yeCDz5jQGRhrFGGMkb51ShZaEPH9iPRHjJL38xIuk_RLjDNIhHYTSSb4AQ HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=MjjEepaAhI5j7hgZhb2w22_1EzjXM0-bH-ygvSE_kFVqriXFcV5OcgKZdEYf-4wOh_hiuYcXHAtzytpInceoO4LI7s5YRRYTg2Pa4liWqf7xfRPaVlIHQfGUu3JvkU2_ZB-uqUf7HH2cnCxBsh1oMaU6KxirgmAiTwbMI8tpIOLW3mHNMKvPf1VdPXtbYvcSQfRxIYTXYqMBE_01sydVm6mYaF6dLsLzmUbKXoOxUxHvsykBYmglSR6WIBYuv0xxOmkTtXjFW5iNOu2dt60KqSEMFdgIqgiQcCnoOcfvhSYCZ0thCEtRByD5a2EdTHoRh65DEPjVpZxK3psKFQtSPBdQyfyD5ltrNbc-6WWZG6k-XOuSBmCCVaGGsnvRMiB38ed6aLXoWtXbD6SeTpXfLrjixnqFxwxJrlF2rn0M7Mp-sfkBYtXXCTTObMeBb7vxOU0fOa9scVBKjJbc4cDhfxA_cM03M7ycEpt_92BX7vtQibCFayYQsyCZez43yeCDz5jQGRhrFGGMkb51ShZaEPH9iPRHjJL38xIuk_RLjDNIhHYTSSb4AQ HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
Request Chain 3
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723604858-7-3167-1338968-7dcb28e6-0554-d2e8-8ef2-91c6fbdeb6c9&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3D5CpzZDL4qFJCEBAzlBn4loSeZ3DNJNWBWoWGMB3BtcOqAXm_ysL36-aVGReBHNPRUZFa3sIH6IS8WpyPGFc1w7hDCffUzrskJafszdHku0tn20B3f18jd4J208PENKX7o07uImRc1HlCzVbfyYTasYfEkNhQnpHEDlbat0TplDfC9rZEjm08KiLdEybm9MkkFZIPyVTTR6BKSGFbQ_AAaxY8Nx7H-OoNlDD654U4EB8x2SpIFCIg10Ca2zyvGjVJl6ujG1wM-8GPgQRjZYMoGUuVa9lhSOTDjx2C3VaytI5t5taJcPnTJTa059UqQNHaCzj0KkL6ytyn-AtyhODsxCgWq_MLfWKR6kpaqlkXEnx3VD8_9hRDuDhwKKGMgbIKNnr129b2un-ALf4JZ5LugxbLxXR1iqRhu2nTTzevTBHwvpgq-VfNBYDTlDaI0j7oYxTCMLm7epuoIDLfVEVMvSJjcaVuxYFEFwPqGPIdD4TidUhrqGfSF_R56lqe8OJtkDNsmF04hDvfnsj9GTu2lKZINuPdPAnorm1bDUhw0EgYos1z1Ky7VQ HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=5CpzZDL4qFJCEBAzlBn4loSeZ3DNJNWBWoWGMB3BtcOqAXm_ysL36-aVGReBHNPRUZFa3sIH6IS8WpyPGFc1w7hDCffUzrskJafszdHku0tn20B3f18jd4J208PENKX7o07uImRc1HlCzVbfyYTasYfEkNhQnpHEDlbat0TplDfC9rZEjm08KiLdEybm9MkkFZIPyVTTR6BKSGFbQ_AAaxY8Nx7H-OoNlDD654U4EB8x2SpIFCIg10Ca2zyvGjVJl6ujG1wM-8GPgQRjZYMoGUuVa9lhSOTDjx2C3VaytI5t5taJcPnTJTa059UqQNHaCzj0KkL6ytyn-AtyhODsxCgWq_MLfWKR6kpaqlkXEnx3VD8_9hRDuDhwKKGMgbIKNnr129b2un-ALf4JZ5LugxbLxXR1iqRhu2nTTzevTBHwvpgq-VfNBYDTlDaI0j7oYxTCMLm7epuoIDLfVEVMvSJjcaVuxYFEFwPqGPIdD4TidUhrqGfSF_R56lqe8OJtkDNsmF04hDvfnsj9GTu2lKZINuPdPAnorm1bDUhw0EgYos1z1Ky7VQ HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
Request Chain 8
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 10
  • https://thechronicles3.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_70_3018_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RlYzA2NzI0NTUzNWMxMjkwMmI3NGVlN2YyYjkzNDFkOSUyNnJuZCUzRDM4NDk1Mjc2MA%3D%3D&t=1715723611309&rnd=237196262&i=1 HTTP 302
  • https://xml.rexsrv.com/icon?sid=ec067245535c12902b74ee7f2b9341d9&rnd=384952760 HTTP 302
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715723610091-7-9605-1338968-9710aa81-4288-93d9-69cb-9ea837ea1fda&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dmz3uj39%26c%3DAMEGo41zAWAcHK8Oghsl1F21KrJyEjNxstl0x4jF_Adl1zQkStL7-rvtb-LFw3BPmsEHQsowxcRBZxavqD7MFrPgm76IPeHPeaFV4rJJKNc1yyTx9degxlD5XyQdNSeRxq50U71DYsxZ0VIKFzjRdUai6q7MkA30fiJfoFAQuVroP2kugXUaQ9nhzGFEnvRvjSEWXiLpvzcEsi62lp4buPDwse9x9U8tg3PwWHKG56wO0umaAsH7GAdbWyLbkOED06HDJWPkYkvIx15pkCU-_-rqJIWoBEn_eghKjGyMQW8okFlZ1_wJqLsRacAP2HgKk8RffercBmHFb20_vFZ4dlsq5zP9vxYiwix_vjdyYPFdBUaWEX86JCu3JQWzwt0x0j-EfBPUhIT2f5BRZmVr8ebpcZYya-QQAQ3kDEZEYCOwf6t0sDi-6jYQzFVxaZW-q6_TILEu9sx0_YpV9f5ws6t7uZPGPpwIGrajE-21xcYWLMdR-DgCormg9UTYmJW0lbyQG-eug2SWryDjmCMWx5d_iMYqy6xVtyr_pZ_MmpwTJnGzCjDZWw HTTP 302
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=AMEGo41zAWAcHK8Oghsl1F21KrJyEjNxstl0x4jF_Adl1zQkStL7-rvtb-LFw3BPmsEHQsowxcRBZxavqD7MFrPgm76IPeHPeaFV4rJJKNc1yyTx9degxlD5XyQdNSeRxq50U71DYsxZ0VIKFzjRdUai6q7MkA30fiJfoFAQuVroP2kugXUaQ9nhzGFEnvRvjSEWXiLpvzcEsi62lp4buPDwse9x9U8tg3PwWHKG56wO0umaAsH7GAdbWyLbkOED06HDJWPkYkvIx15pkCU-_-rqJIWoBEn_eghKjGyMQW8okFlZ1_wJqLsRacAP2HgKk8RffercBmHFb20_vFZ4dlsq5zP9vxYiwix_vjdyYPFdBUaWEX86JCu3JQWzwt0x0j-EfBPUhIT2f5BRZmVr8ebpcZYya-QQAQ3kDEZEYCOwf6t0sDi-6jYQzFVxaZW-q6_TILEu9sx0_YpV9f5ws6t7uZPGPpwIGrajE-21xcYWLMdR-DgCormg9UTYmJW0lbyQG-eug2SWryDjmCMWx5d_iMYqy6xVtyr_pZ_MmpwTJnGzCjDZWw HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
Request Chain 11
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723610091-7-9605-1338968-9710aa81-4288-93d9-69cb-9ea837ea1fda&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3DJho4ux4W54gFsHWL7WscZqYJH6Ovgz6A54GBYowHTmnfIf2gyui_fkHmnuAje9ftFRtTRq8aTCawvE9iL_0RogC4VbyrL2clcqOh_lwpZt69VKdNWjr8wIcmthZwblRK-grDtxYWWcfW-EA7f8ptG5cTMq1wrttiizEMF7ea9pbH8NVLRntWbtATtNAj7tdguSzjt95pAiqUG9bqLly7nMn_3f7hLq_MKd0q8Rg3D0zIkNVdz1BFclgJ5JmCo0Q2X5z9_PHgJAtx8-3OAyeHZpyFep6wRb5Gl1J01Z01jGFnRgLZfDIpNlak5M__MO5WEaV6BRg-TSpZ9tBa0yn28V7lLiWoMMPG3FQX-0YStfK8jTU_AOyEg3JOPETWG5aKR9kejoi6HAzEsyyY6QIuBnXm7gFLvyGUJ1NQhYqsII3-hnA3BQnarKU5BUIZy-ha3PNPqrWBGNYOcYKNJJtbSLRZ2fwDZuyRoMO5qO5kqmGI6ubMPS8jCYfT_p-4Dvpw1HJUB6v6z1AzlDZPxCIq8JeccxDEEaSYfYD8aOwMZAo5NzjNzXxkBQ HTTP 302
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=Jho4ux4W54gFsHWL7WscZqYJH6Ovgz6A54GBYowHTmnfIf2gyui_fkHmnuAje9ftFRtTRq8aTCawvE9iL_0RogC4VbyrL2clcqOh_lwpZt69VKdNWjr8wIcmthZwblRK-grDtxYWWcfW-EA7f8ptG5cTMq1wrttiizEMF7ea9pbH8NVLRntWbtATtNAj7tdguSzjt95pAiqUG9bqLly7nMn_3f7hLq_MKd0q8Rg3D0zIkNVdz1BFclgJ5JmCo0Q2X5z9_PHgJAtx8-3OAyeHZpyFep6wRb5Gl1J01Z01jGFnRgLZfDIpNlak5M__MO5WEaV6BRg-TSpZ9tBa0yn28V7lLiWoMMPG3FQX-0YStfK8jTU_AOyEg3JOPETWG5aKR9kejoi6HAzEsyyY6QIuBnXm7gFLvyGUJ1NQhYqsII3-hnA3BQnarKU5BUIZy-ha3PNPqrWBGNYOcYKNJJtbSLRZ2fwDZuyRoMO5qO5kqmGI6ubMPS8jCYfT_p-4Dvpw1HJUB6v6z1AzlDZPxCIq8JeccxDEEaSYfYD8aOwMZAo5NzjNzXxkBQ HTTP 302
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js
spectrumtop1.xyz/
Redirect Chain
  • http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmm...
  • https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvm...
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • http://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvmm...
  • https://shopfinanciai2.xyz/event_8408b3a2-783e-4e96-617b-cb9e02582026_101_0_2000?payload=jtdcjtiyacuymiuzqsuymnhtbc5wdxnoa2luzy5uzxqlmjilmkmlmjj1jtiyjtnbjtvcjtiyntm0ltrkymu5y2yxmjzlyjzmn2m1mzq0nzvm...
  • https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
3 KB
Document
General
Full URL
https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
855080290103eb467ae13c0ceae1c8ae4fed933a040621825634326a455d00da

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 14 May 2024 21:53:25 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 14 May 2024 21:53:24 GMT
location
https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: spectrumtop1.xyz
URL: https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spectrumtop1.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 21:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 21:27:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 21:53:26 GMT
1693215372323-hlkVcqbki9mA.png
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://spectrumtop1.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_102_2124_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNENDZiNWM2NjA2NTAyZmVkM2JlYWUwMDU4MTkyYzlmYzc...
  • https://xml.planetpush.net/icon?sid=46b5c6606502fed3beae0058192c9fc7&rnd=745320137
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715723604858-7-3167-1338968-7dcb28e6-0554-d2e8-8ef2-91c6fbdeb6c9&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=MjjEepaAhI5j7hgZhb2w22_1EzjXM0-bH-ygvSE_kFVqriXFcV5OcgKZdEYf-4wOh_hiuYcXHAtzytpInceoO4LI7s5YRRYTg2Pa4liWqf7xfRPaVlIHQfGUu3JvkU2_ZB-uqUf7HH2cn...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
7 KB
7 KB
Image
General
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
Requested by
Host: spectrumtop1.xyz
URL: https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a46edb4c355109561ca9ddabdab548942a93c94757f588bdee9a22de8f5f0e92

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://spectrumtop1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 14 May 2024 21:53:27 GMT
Last-Modified
Mon, 28 Aug 2023 09:36:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ec6a8c-1a2d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6701

Redirect headers

Pragma
no-cache
Date
Tue, 14 May 2024 21:53:27 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
1693215372324-bgy9A7kyLZPX.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723604858-7-3167-1338968-7dcb28e6-0554-d2e8-8ef2-91c6fbdeb6c9&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=5CpzZDL4qFJCEBAzlBn4loSeZ3DNJNWBWoWGMB3BtcOqAXm_ysL36-aVGReBHNPRUZFa3sIH6IS8WpyPGFc1w7hDCffUzrskJafszdHku0tn20B3f18jd4J208PENKX7o07uImRc1HlCz...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
179 KB
179 KB
Image
General
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
Requested by
Host: spectrumtop1.xyz
URL: https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1700452b1c854b70fd6625b72b0eacff2abd254604048730d84d44541636f7b3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://spectrumtop1.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 14 May 2024 21:53:27 GMT
Last-Modified
Mon, 28 Aug 2023 09:36:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ec6a8c-2cc7f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
183423

Redirect headers

Pragma
no-cache
Date
Tue, 14 May 2024 21:53:27 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://spectrumtop1.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:57:28 GMT
x-content-type-options
nosniff
age
28558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:57:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://spectrumtop1.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:07:33 GMT
x-content-type-options
nosniff
age
27953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:07:33 GMT
favicon.ico
spectrumtop1.xyz/
548 B
245 B
Other
General
Full URL
https://spectrumtop1.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 21:53:27 GMT
content-encoding
gzip
server
nginx
content-type
text/html
event_53a01b52-7991-d67e-96e3-de99729559f9_102_0_3001
spectrumtop1.xyz/
114 B
206 B
Script
General
Full URL
https://spectrumtop1.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtNDZiNWM2NjA2NTAyZmVkM2JlYWUwMDU4MTkyYzlmYzctMjEyNC0wLjAzNDEyNSUyMiU1RCU3RA%3D%3D&t=1715723605571&rnd=182262543&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: spectrumtop1.xyz
URL: https://spectrumtop1.xyz/sw_f76f9d2f-4988-d982-2d00-0e387a1355f9_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 21:53:28 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
/
thechronicles3.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
3 KB
Document
General
Full URL
https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: spectrumtop1.xyz
URL: https://spectrumtop1.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtNDZiNWM2NjA2NTAyZmVkM2JlYWUwMDU4MTkyYzlmYzctMjEyNC0wLjAzNDEyNSUyMiU1RCU3RA%3D%3D&t=1715723605571&rnd=182262543&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
c23985fc3dcb9da109ca155a3852e28a4b4872a5421f0bae3622ec2dc6c40d7c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"124.0.6367.201"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.201", "Google Chrome";v="124.0.6367.201", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 14 May 2024 21:53:31 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 14 May 2024 21:53:30 GMT
location
https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: thechronicles3.xyz
URL: https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thechronicles3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 21:53:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 21:27:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 21:53:31 GMT
1693215372323-hlkVcqbki9mA.png
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://thechronicles3.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_70_3018_2998?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0RlYzA2NzI0NTUzNWMxMjkwMmI3NGVlN2YyYjkzNDFkOSUyNn...
  • https://xml.rexsrv.com/icon?sid=ec067245535c12902b74ee7f2b9341d9&rnd=384952760
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715723610091-7-9605-1338968-9710aa81-4288-93d9-69cb-9ea837ea1fda&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth...
  • https://track.trackingtraffo.com/push/ic?auth=mz3uj39&c=AMEGo41zAWAcHK8Oghsl1F21KrJyEjNxstl0x4jF_Adl1zQkStL7-rvtb-LFw3BPmsEHQsowxcRBZxavqD7MFrPgm76IPeHPeaFV4rJJKNc1yyTx9degxlD5XyQdNSeRxq50U71DYsxZ0...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
7 KB
7 KB
Image
General
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
Requested by
Host: thechronicles3.xyz
URL: https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a46edb4c355109561ca9ddabdab548942a93c94757f588bdee9a22de8f5f0e92

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thechronicles3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 14 May 2024 21:53:32 GMT
Last-Modified
Mon, 28 Aug 2023 09:36:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ec6a8c-1a2d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6701

Redirect headers

Pragma
no-cache
Date
Tue, 14 May 2024 21:53:32 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372323-hlkVcqbki9mA.png
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
1693215372324-bgy9A7kyLZPX.jpg
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723610091-7-9605-1338968-9710aa81-4288-93d9-69cb-9ea837ea1fda&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2F...
  • https://track.trackingtraffo.com/push/im?auth=mz3uj39&c=Jho4ux4W54gFsHWL7WscZqYJH6Ovgz6A54GBYowHTmnfIf2gyui_fkHmnuAje9ftFRtTRq8aTCawvE9iL_0RogC4VbyrL2clcqOh_lwpZt69VKdNWjr8wIcmthZwblRK-grDtxYWWcfW-...
  • https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
179 KB
179 KB
Image
General
Full URL
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
Requested by
Host: thechronicles3.xyz
URL: https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.105.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1700452b1c854b70fd6625b72b0eacff2abd254604048730d84d44541636f7b3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thechronicles3.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 14 May 2024 21:53:32 GMT
Last-Modified
Mon, 28 Aug 2023 09:36:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ec6a8c-2cc7f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
183423

Redirect headers

Pragma
no-cache
Date
Tue, 14 May 2024 21:53:32 GMT
Server
nginx/1.18.0 (Ubuntu)
Location
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1693215372324-bgy9A7kyLZPX.jpg
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thechronicles3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:57:28 GMT
x-content-type-options
nosniff
age
28563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:57:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thechronicles3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:07:33 GMT
x-content-type-options
nosniff
age
27958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:07:33 GMT
favicon.ico
thechronicles3.xyz/
13 B
257 B
Other
General
Full URL
https://thechronicles3.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
pragma
no-cache
date
Tue, 14 May 2024 21:53:32 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
event_53a01b52-7991-d67e-96e3-de99729559f9_70_0_2998
thechronicles3.xyz/
114 B
206 B
Script
General
Full URL
https://thechronicles3.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtZWMwNjcyNDU1MzVjMTI5MDJiNzRlZTdmMmI5MzQxZDktMzAxOC0wLjAyNjY4NSUyMiU1RCU3RA%3D%3D&t=1715723611309&rnd=195769048&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: thechronicles3.xyz
URL: https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thechronicles3.xyz/?sid=535fc1d6292061f51d6e69e6d54b5987_70_0_2998&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 21:53:33 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js
weightlosshouse4.xyz/
Redirect Chain
  • https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
9 KB
4 KB
Document
General
Full URL
https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by
Host: thechronicles3.xyz
URL: https://thechronicles3.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_70_0_2998?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5yZXhzcnYuY29tJTIyJTJDJTIydSUyMiUzQSU1QiUyMjE0OTYtZWMwNjcyNDU1MzVjMTI5MDJiNzRlZTdmMmI5MzQxZDktMzAxOC0wLjAyNjY4NSUyMiU1RCU3RA%3D%3D&t=1715723611309&rnd=195769048&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
a18b1806f0880414116e06293a3d9af13c6db3d5ca81f9a5f1cf02b0692c6d14

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thechronicles3.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"124.0.6367.201"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.201", "Google Chrome";v="124.0.6367.201", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 14 May 2024 21:53:35 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Tue, 14 May 2024 21:53:34 GMT
location
https://weightlosshouse4.xyz/sw_83173805-1fa2-1fe6-11b4-dae95cd10ed1_5_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/
0
0

event_53a01b52-7991-d67e-96e3-de99729559f9_5_1514_2000
weightlosshouse4.xyz/
0
0

event_53a01b52-7991-d67e-96e3-de99729559f9_5_2425_2000
weightlosshouse4.xyz/
0
0

event_53a01b52-7991-d67e-96e3-de99729559f9_5_3894_2000
weightlosshouse4.xyz/
0
0

event_53a01b52-7991-d67e-96e3-de99729559f9_5_2470_2000
weightlosshouse4.xyz/
0
0

save.img
us.skated.co/nty/metrics/
0
0

save.img
us.skated.co/nty/metrics/
0
0

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzc0MjUzMC9lNzNlN...
s-img.adskeeper.com/g/19400463/492x328/-/
0
0

byKGl1XfHEFI5kV6Hb4BZuzBgFH_bmOg.png
i.wmgtr.com/cim/
0
0

icon
xml.ppctraffic.co/
0
0

4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
i.wmgtr.com/cim/
0
0

icon
xml.ppctraffic.co/
0
0

save.img
us.skated.co/nty/metrics/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Domain
weightlosshouse4.xyz
URL
https://weightlosshouse4.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_5_1514_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwuY3BjbWFydC5jb20lMkZpY29uJTNGc2lkJTNEMjQzMzQwYWY4YmY5YzY0ZmU3YjRkNzgzMjI4ODA5NTklMjZybmQlM0Q5NTQ1OTU1OTU%3D&t=1715723615268&rnd=466340890&i=1
Domain
weightlosshouse4.xyz
URL
https://weightlosshouse4.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_5_2425_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwuY3BjbWFydC5jb20lMkZpY29uJTNGc2lkJTNEYjJkMmRmOWQ3ZjcyMDViNWRhZDNjOWFiNzk0MTE5ZTYlMjZybmQlM0Q5NTQ1OTU1OTU%3D&t=1715723615268&rnd=71516444&i=1
Domain
weightlosshouse4.xyz
URL
https://weightlosshouse4.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_5_3894_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwuY3BjbWFydC5jb20lMkZpY29uJTNGc2lkJTNEMDY4ZGVmOTAzMjNjNjA0YTFlYzMwYTNlYWQyZWJhYzQlMjZybmQlM0Q5NTQ1OTU1OTU%3D&t=1715723615268&rnd=382224920&i=1
Domain
weightlosshouse4.xyz
URL
https://weightlosshouse4.xyz/event_53a01b52-7991-d67e-96e3-de99729559f9_5_2470_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwuY3BjbWFydC5jb20lMkZpY29uJTNGc2lkJTNENWMwODA1Y2I2ODRiMTE0MzEzYmY4NjYyNzJlMzJlMDklMjZybmQlM0Q5NTQ1OTU1OTU%3D&t=1715723615268&rnd=376604328&i=1
Domain
us.skated.co
URL
https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723614277-7-7420-1338968-02bd4bcf-cb88-ff9e-11bf-b2d11ea9df5a&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3DzI2krTuhzzeITJt0Kmzu1Lxqm4DYWHQpTgFKsSkOgrf3IPdwh--l8p7Q0nZHXb8UwaAblAc4AovMZg8G77HL70kHu1X039PsLNldZNQBGS8bickkoIxsGN0o81_LxZVIF8hB14YyzBITBrjee4g3Sd7IdicTK2TOmU7ROJWGp4eTaZM6UD9I6rMuhfX8B9GqB_hHRYJ52IruouYr4PV9N0-5X37Mb8m4t6S1sD-GL1u1Dzy06w6l4OTnyxJM2gSvd65BfS5MBeozncU94QEUjWOR-vx_zPpEyyS_flH3nbAG5YO0sFwL681YHhNKYVPW_W37yF4Kf9DKElJqu17dgEez8DS-O89wD6QPZKOulV-Di-jIuxE2iW68jPmbJjEkZf3sMxg76LkeEQuX_iYsS0zCuWHy_xoyiVIJUe_A1jmAe9U18FAjoen9KOmtOY20EP7xstQbwpx0kZwHQIBbFvIynxk9PCeKnR1QOMlc6cwYujYjAo29AL-WFnlLmXQPn8LMlk_efVejRYnWdnvg8S5PsSZSeFmzjdSqHsraErYSTuKtMVPwaw
Domain
us.skated.co
URL
https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723614311-7-8883-1338968-95a4ecc2-c14a-09d3-ab54-bc2c368e302a&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3Djoz4JJC_CIn_wFgxLPKNWaWXlpSZbH1wvaH-fl4uZYIcpFqS2olcCcxu-SfKLV7e3oslgz-MuO0mLg89MFd3o4JRQimKEdR1t-oviKbnwa6a-egurKSFL6HZqPumHy1VasZLbrwb8DIsCne8W2AWDvB9OOaHiYrG5EkQgEF2HAKxZohkpg76J7ndRab6c44hmhQsE0X65RPaX1mwRrSpGFxzNW9uJHFTHJMg9FpImmOWCM15iyKWmNDaNkoWDZEX-HsTpT-jiIbTHWZnNhgu8yTXFzMLbWaq_uujlKG38-2q1Cik43Db2E-uqJEsqxMCeRT0bOCESYbWfS-SnFCG14h9UJyZzimGsy-3YoXhIDBSNtj_ZHlinCPM5K6024_ymfZjboOdh0kRSmOwPQHgxA7tnkLUrzVxNyWZj8zufNumjZlYlCkgncm5baLAo6zKTYPxwGhS05ky7CFZuwLzrA7NFYThw1Y5yo6z-h7Q-_J1GMR54VlbDUCQWmqAiXkofgDZ4ChnLWII2HUx14pwDXlIm76VCxEVs9TZlDfC7Ia17k160Z6qLA
Domain
s-img.adskeeper.com
URL
https://s-img.adskeeper.com/g/19400463/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzc0MjUzMC9lNzNlN2JmYWUzODJmYTcwNmQ1NDA5ZTY5Y2UxMzI1ZS5qcGc.webp?v=1715723614-AAmDMO5u_Le_cLgCOmfXfjgZsiuAWE7osRo8xOn1KTg
Domain
i.wmgtr.com
URL
https://i.wmgtr.com/cim/byKGl1XfHEFI5kV6Hb4BZuzBgFH_bmOg.png
Domain
xml.ppctraffic.co
URL
https://xml.ppctraffic.co/icon?sid=1021279a39e8e6d65362406ba7954ead&rnd=14921105
Domain
i.wmgtr.com
URL
https://i.wmgtr.com/cim/4oQ3Um7LUyarUjD2cpjJmQLuTtgjcvYz.png
Domain
xml.ppctraffic.co
URL
https://xml.ppctraffic.co/icon?sid=443f766b09f4982f0222aacb54da8c39&rnd=14921105
Domain
us.skated.co
URL
https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715723614278-7-7420-1338968-a411e6f1-5d89-3b4a-71c4-38d4cdd25fce&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3Dmz3uj39%26c%3DOLCHeUYLskJw0dYC7t3OK1BOK9MXbmSayHJaIJmUcdw1RFb-9t1Zhr11q0O0-BSCmd3f2fXOUG20_Bnd2BdklTLaYHY_V2eO3bwvtx_WpyH1E9_ibW7x7taYnXFvhzcJSy9au7LlE_j1wC-halr-NmsnSupYP5QAaTSTHHFT9BgV3RbbivaOJnsMg6F6lwfYzblsResAt-1NOskxnsgHYIfQulgLwzGmd5wjKLcorCy-rVqc1Yvr4-sWJmavt-DcWcyzaP9rPK0QHISxE4duMXPiLCKNXEfRpLYilN1KCN1nwfe8r6EWIuD21y3XAhfprWu2d0rFjc3OCBARFxOHJjQ-shRm1zWyFMnqe4PcbSViE0mF_N_z53QY3X0755cw2_3-GKdpany16h4-n0Fbrz76K3L_JWqqvG0kJeJRQnc0z6ztVrPHbu7uCFmGOThIgtkqIOVyj2DqtBHQjys87mJeBqveduDzxy-XzufjjlbXprPEcsJwcGeKSyQ6iATfbBrEmQgJnSC39T5gg-q7g7S8oSX9QvKwzRaYogBU_N5u7deF9sPt_g

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://spectrumtop1.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://thechronicles3.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()