urlscan.io logo urlscan.io
SecurityTrails logo

live3.news4more.com Open in urlscan Pro
2606:4700::6812:1b7e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tracking.sayhitorachel.com/tracking/click?d=LdT8bX4yDpuVkhjcM4x2R0xPxFRcZb8OV8jyJi9Wm1R4D6Z8oMwUEeu6epEiPE1ho1BMZN8BBorAcXe...
Effective URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-...
Submission: On March 30 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2606:4700::6812:1b7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is live3.news4more.com. The Cisco Umbrella rank of the primary domain is 866755.
TLS certificate: Issued by E1 on February 4th 2023. Valid for: 3 months.
This is the only time live3.news4more.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 46.105.88.234 16276 (OVH)
1 1 142.93.114.237 14061 (DIGITALOC...)
1 1 34.107.223.80 396982 (GOOGLE-CL...)
2 2 52.213.121.49 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
28 7
1    46.105.88.234 (France)

ASN16276 (OVH, FR)
PTR: api.elasticemail.com
tracking.sayhitorachel.com
1    142.93.114.237 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
alwaysbeemailing.com
1    34.107.223.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.223.107.34.bc.googleusercontent.com
www.xn3j2k.com
2    52.213.121.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-121-49.eu-west-1.compute.amazonaws.com
eu-adsrv.rtbsuperhub.com
1    2606:4700::6812:1b7e (United States)

ASN13335 (CLOUDFLARENET, US)
live3.news4more.com
17    2606:4700::6812:a95 (United States)

ASN13335 (CLOUDFLARENET, US)
lpmedia.servefilesonly.com
imedia.servefilesonly.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
17 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 182885
imedia.servefilesonly.com — Cisco Umbrella Rank: 221691
961 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3575
onesignal.com — Cisco Umbrella Rank: 1243
img.onesignal.com — Cisco Umbrella Rank: 6776
94 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 357
32 KB
2 rtbsuperhub.com
eu-adsrv.rtbsuperhub.com — Cisco Umbrella Rank: 64941
1 KB
1 news4more.com
live3.news4more.com — Cisco Umbrella Rank: 866755
7 KB
1 xn3j2k.com
www.xn3j2k.com
434 B
1 alwaysbeemailing.com
alwaysbeemailing.com
403 B
1 sayhitorachel.com
tracking.sayhitorachel.com
681 B
28 9
Domain Requested by
16 lpmedia.servefilesonly.com live3.news4more.com
3 onesignal.com cdn.onesignal.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.onesignal.com live3.news4more.com
cdn.onesignal.com
2 eu-adsrv.rtbsuperhub.com 2 redirects
1 img.onesignal.com
1 imedia.servefilesonly.com live3.news4more.com
1 ajax.googleapis.com live3.news4more.com
1 fonts.googleapis.com live3.news4more.com
1 live3.news4more.com
1 www.xn3j2k.com 1 redirects
1 alwaysbeemailing.com 1 redirects
1 tracking.sayhitorachel.com 1 redirects
28 13

This site contains no links.

Subject Issuer Validity Valid
*.news4more.com
E1		 2023-02-04 -
2023-05-05		 3 months crt.sh
*.servefilesonly.com
E1		 2023-02-18 -
2023-05-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Frame ID: C3DF42B8868F7B177E84A3817784426F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bl.news4more.com

Page URL History Show full URLs

  1. http://tracking.sayhitorachel.com/tracking/click?d=LdT8bX4yDpuVkhjcM4x2R0xPxFRcZb8OV8jyJi9Wm1R4D6Z8oMwUEeu6epE... HTTP 302
    https://alwaysbeemailing.com/campaigns/xw4140p7qe105/track-url/ny850v299b4c4/dc51da57886d5186b1da88f828c9... HTTP 301
    https://www.xn3j2k.com/cmp/2Z3GP8/25D7F3/?source_id=msp&sub1=xw4140p7qe105&sub2=sayhitorachel&sub3=... HTTP 302
    https://eu-adsrv.rtbsuperhub.com/ir/?placement=8ba6f30d-635a-4292-ac16-504de8d18b50&subPublisher=79 HTTP 302
    https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642... HTTP 302
    https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auct... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

7
IPs

4
Countries

1140 kB
Transfer

2631 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tracking.sayhitorachel.com/tracking/click?d=LdT8bX4yDpuVkhjcM4x2R0xPxFRcZb8OV8jyJi9Wm1R4D6Z8oMwUEeu6epEiPE1ho1BMZN8BBorAcXeJo4FKNwLf7CqVwdJF4GtnUe7xd99W3ZlAEkbQkKgigskM_zLhRNSLjPAJmUOS7f6P9RAE-Azmse4ixsFjDVgM_j4K3a3QmukHBIZA2BBY0hzcPRNO2wQBZW8V1mx-rzPdMUB0RiwaPbtCwzxmWWM4WSWJGLHJaL7WnRJo5izBIBpjOfUoMQ2 HTTP 302
    https://alwaysbeemailing.com/campaigns/xw4140p7qe105/track-url/ny850v299b4c4/dc51da57886d5186b1da88f828c953f4e0de8801 HTTP 301
    https://www.xn3j2k.com/cmp/2Z3GP8/25D7F3/?source_id=msp&sub1=xw4140p7qe105&sub2=sayhitorachel&sub3=vos.am@hotmail.com&sub4=abe HTTP 302
    https://eu-adsrv.rtbsuperhub.com/ir/?placement=8ba6f30d-635a-4292-ac16-504de8d18b50&subPublisher=79 HTTP 302
    https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb HTTP 302
    https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jmc6100
live3.news4more.com/landing/
Redirect Chain
  • http://tracking.sayhitorachel.com/tracking/click?d=LdT8bX4yDpuVkhjcM4x2R0xPxFRcZb8OV8jyJi9Wm1R4D6Z8oMwUEeu6epEiPE1ho1BMZN8BBorAcXeJo4FKNwLf7CqVwdJF4GtnUe7xd99W3ZlAEkbQkKgigskM_zLhRNSLjPAJmUOS7f6P9R...
  • https://alwaysbeemailing.com/campaigns/xw4140p7qe105/track-url/ny850v299b4c4/dc51da57886d5186b1da88f828c953f4e0de8801
  • https://www.xn3j2k.com/cmp/2Z3GP8/25D7F3/?source_id=msp&sub1=xw4140p7qe105&sub2=sayhitorachel&sub3=vos.am@hotmail.com&sub4=abe
  • https://eu-adsrv.rtbsuperhub.com/ir/?placement=8ba6f30d-635a-4292-ac16-504de8d18b50&subPublisher=79
  • https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_F...
  • https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_deskt...
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a00c8802774a18c05eb659f1ed3ca884a658e5304a71aacf0a498131f441563

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7b0001d0bf7f02ad-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 Mar 2023 11:28:05 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Mar 2023 11:28:05 GMT
Location
https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Server
nginx/1.20.0
styles.min.css
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/styles.min.css?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:37:43 GMT
server
cloudflare
age
11097
etag
W/"64253c47-133a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7b0001d1fcb002d1-CDG
expires
Fri, 07 Apr 2023 11:28:05 GMT
corner.css
lpmedia.servefilesonly.com/widgets/corner/ 		170 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 07:38:47 GMT
server
cloudflare
age
11097
cf-polished
origSize=246
etag
W/"64253c87-f6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7b0001d1fcb202d1-CDG
expires
Fri, 07 Apr 2023 11:28:05 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700;800&family=Roboto:wght@400;700;900&display=swap
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90dbf5e0dc6571f4d401fc345e91eaca9df0354ed9180628d0e3bbac88cdf372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 11:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 11:25:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Mar 2023 11:28:05 GMT
style.min.css
lpmedia.servefilesonly.com/build/templates/MB/JMobileChat/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/templates/MB/JMobileChat/style.min.css?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb9665c2650167450a41f608d8d02dbe67658109c6454c51b64917ff29416c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:37:43 GMT
server
cloudflare
age
11082
etag
W/"64253c47-fe6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7b0001d1fcb302d1-CDG
expires
Fri, 07 Apr 2023 11:28:05 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
844
etag
W/"8256f101039245592bc7dcc5496ed987"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7b0001d2a82901bd-CDG
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 11:28:05 GMT
casualdatingHeart.png
lpmedia.servefilesonly.com/img/_logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_logos/casualdatingHeart.png
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad52165cc6b3c50eba82c56abb65284455ad606c29b6f134ee1e472dc4cbaa2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Mar 2023 07:00:08 GMT
server
cloudflare
age
177296
etag
"64229078-1040"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7b0001d24cf602d1-CDG
content-length
4160
expires
Fri, 07 Apr 2023 11:28:05 GMT
casualdatingHeart_w.png
lpmedia.servefilesonly.com/img/_logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_logos/casualdatingHeart_w.png
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb58acc54679268926472a6a05930c84036b8b1ba18be1a33d10e1838382f7b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 06:54:03 GMT
server
cloudflare
age
20028
etag
"6423e08b-dec"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7b0001d24cf702d1-CDG
content-length
3564
expires
Fri, 07 Apr 2023 11:28:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 12:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Mar 2024 12:20:24 GMT
scripts.min.js
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/scripts.min.js?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dca8107ce4f619cc1b33257c1f1cbacd657697d91a0551c1feef4803627c45

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:37:43 GMT
server
cloudflare
age
11097
etag
W/"64253c47-53e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7b0001d24cf302d1-CDG
expires
Fri, 07 Apr 2023 11:28:05 GMT
popwin.js
lpmedia.servefilesonly.com/js/ 		854 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 07:38:45 GMT
server
cloudflare
age
11096
cf-polished
origSize=1177
etag
W/"64253c85-499"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7b0001d24cf502d1-CDG
expires
Fri, 07 Apr 2023 11:28:05 GMT
dcdddee3-dca0-4a95-b1e9-cb4fc033e0f0.jpg
imedia.servefilesonly.com/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/dcdddee3-dca0-4a95-b1e9-cb4fc033e0f0.jpg
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cab4be0e7fe939d22c5ea3167b1d8378988494642ca8d6fd41ce84f1e03d623

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
via
1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
CDG50-C1
age
14647
x-cache
Miss from cloudfront
content-length
219871
cf-bgj
h2pri
last-modified
Thu, 23 Dec 2021 18:04:45 GMT
server
cloudflare
etag
"3026493a3fc98169ea6680f5aa23a8e3"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7b0001d24cfa02d1-CDG
x-amz-cf-id
8WfP1Vu2HLU4H4Sic2RaAlNfQ2NT6oQmUd18WrRXAbJqSeVyEl1yhg==
expires
Fri, 07 Apr 2023 11:28:05 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700;800&family=Roboto:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live3.news4more.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:40 GMT
x-content-type-options
nosniff
age
10225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:40 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
844
etag
W/"3d37cd0d64713e75df2c67fb7c907496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7b0001d3890001bd-CDG
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 02 Apr 2023 11:28:05 GMT
jmc6100-1.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		367 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-1.mp4?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11082
etag
"64253c61-9a024"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-630819/630820
cache-control
public, max-age=691200
cf-ray
7b0001d3ce8002d1-CDG
Content-Length
630820
expires
Fri, 07 Apr 2023 11:28:05 GMT
jmc6100-2.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		127 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-2.mp4?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11082
etag
"64253c61-5ec60"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-388191/388192
cache-control
public, max-age=691200
cf-ray
7b0001d3ce8102d1-CDG
Content-Length
388192
expires
Fri, 07 Apr 2023 11:28:05 GMT
web
onesignal.com/api/v1/sync/ab03e1b9-a368-491d-a853-57db5d2801a2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/ab03e1b9-a368-491d-a853-57db5d2801a2/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30f4cb0a4bb08c2bf52de94091cd64de5301e9a5c77b36ca8c686dcaf31e466
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
361
cf-polished
origSize=3367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8ced789b-ff50-463e-998a-0fe6a05a876d
x-runtime
0.024836
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a9720bb7486beef56965bcfba6260f7c"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7b0001d4198001bd-CDG
access-control-allow-headers
SDK-Version
expires
Thu, 30 Mar 2023 12:28:05 GMT
jmc6100-1.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		8 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-1.mp4?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fea82fe2adfc37eba8bc5f85a421f48c1c00c467d253dbd07fd8107b8c39620

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=622592-

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11082
etag
"64253c61-9a024"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 622592-630819/630820
cache-control
public, max-age=691200
cf-ray
7b0001d42ed402d1-CDG
Content-Length
8228
expires
Fri, 07 Apr 2023 11:28:05 GMT
jmc6100-2.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		27 KB
27 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-2.mp4?1030075
Requested by
Host: live3.news4more.com
URL: https://live3.news4more.com/landing/jmc6100?subPublisher=popunder:79&zone=popunder:79&adformat=push&auctionid=642572451e622-948529&uniqueid=c50a989b728d41aec57ceb781033c8bd&name=4259_push_fra_desktop_FilthyAds_Funnel&newservice=true&cmsid=landing--jmc6100--landing--fm6301&tpcampid=9523f9b1-0984-49cb-aa2d-c51de874b777&imp_tagid=4259_push_fra_desktop_FilthyAds_Funnel&uid=TP-642572451dfbb7.73447394&campaign_lp=2:landing--jmc6100--landing--fm6301&product=grannyzoneweb&zz=true&nextPage=/landing/fm6301&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f8b95b5b14094945598842bd5e4877c8a7a37733975e0d809e41cc53f999587

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=360448-

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11082
etag
"64253c61-5ec60"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 360448-388191/388192
cache-control
public, max-age=691200
cf-ray
7b0001d42ed702d1-CDG
Content-Length
27744
expires
Fri, 07 Apr 2023 11:28:05 GMT
jmc6100-2.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		283 KB
283 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-2.mp4?1030075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30f1eca639cb609aaf9b3f23f0f685394d1e4097c582df10fe7e9bd9fc95d0d

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=98304-

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11082
etag
"64253c61-5ec60"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 98304-388191/388192
cache-control
public, max-age=691200
cf-ray
7b0001d4af4e02d1-CDG
Content-Length
289888
expires
Fri, 07 Apr 2023 11:28:05 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
843
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7b0001d5187101b5-CDG
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 29 Apr 2023 11:28:05 GMT
jmc6100-1.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		360 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-1.mp4?1030075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=262144-

Response headers

date
Thu, 30 Mar 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11082
etag
"64253c61-9a024"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 262144-630819/630820
cache-control
public, max-age=691200
cf-ray
7b0001d51f9502d1-CDG
Content-Length
368676
expires
Fri, 07 Apr 2023 11:28:05 GMT
icon
onesignal.com/api/v1/apps/ab03e1b9-a368-491d-a853-57db5d2801a2/ 		184 B
774 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/ab03e1b9-a368-491d-a853-57db5d2801a2/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357629ec1614161f8b3eab4f5643e824aa39a262bac26c32b64f5324f1f46563
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:28:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6a5d7b00-b722-4701-aa7c-da26ea6e1b2e
x-runtime
0.021698
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"357629ec1614161f8b3eab4f5643e824"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7b0001d58c99f114-CDG
access-control-allow-headers
SDK-Version
dddf4ef8-d9fc-4042-9ac7-f11cba5eb983
img.onesignal.com/permanent/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/dddf4ef8-d9fc-4042-9ac7-f11cba5eb983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb61b7d333ca96af47d36a167dd0af56d6ab22b70b82869ea19be9a7f8e5438
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://live3.news4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Thu, 30 Mar 2023 11:28:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
2771
x-guploader-uploadid
ADPycduQTdZPQeBEpP1P7tBXEH78oeb3s9BTTuR_Uh7r9f6pvzmjsdAOtc8bs4_vzIRnEj-eT1pOdeeVKurEwvxhCqz7q_CYw81P
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11075
pragma
no-cache
last-modified
Sun, 26 Mar 2023 06:45:45 GMT
server
cloudflare
etag
"-CMvY2s7/+P0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1679813145701451
content-type
application/octet-stream
x-goog-hash
crc32c=sZIMPA==, md5=EkEaIy5aDVKnzC+kE7DJQg==
cache-control
public, max-age=2678400
x-goog-stored-content-length
11075
accept-ranges
bytes
cf-ray
7b0001d60b0201bd-CDG
expires
Sun, 30 Apr 2023 11:28:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700;800&family=Roboto:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live3.news4more.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:11 GMT
x-content-type-options
nosniff
age
176215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:11 GMT
jmc6100-3.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		239 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-3.mp4?1030075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 30 Mar 2023 11:28:10 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11095
etag
"64253c61-92daf"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-601518/601519
cache-control
public, max-age=691200
cf-ray
7b0001f309c902d1-CDG
Content-Length
601519
expires
Fri, 07 Apr 2023 11:28:10 GMT
jmc6100-3.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		11 KB
12 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-3.mp4?1030075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a503b8a23dd6b7fc6c57e296ad31f4208d1ad7e71a90d58232cccb99fac6d2

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=589824-

Response headers

date
Thu, 30 Mar 2023 11:28:10 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11095
etag
"64253c61-92daf"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 589824-601518/601519
cache-control
public, max-age=691200
cf-ray
7b0001f34a0402d1-CDG
Content-Length
11695
expires
Fri, 07 Apr 2023 11:28:10 GMT
jmc6100-3.mp4
lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/ 		395 KB
396 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/videos/jmc6100-3.mp4?1030075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1061d49dac41af1ca8c10ed195d78d35f5f87551a36bd148189ee9101910ff

Request headers

Referer
https://live3.news4more.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=196608-

Response headers

date
Thu, 30 Mar 2023 11:28:10 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 07:38:09 GMT
server
cloudflare
age
11095
etag
"64253c61-92daf"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 196608-601518/601519
cache-control
public, max-age=691200
cf-ray
7b0001f42ab902d1-CDG
Content-Length
404911
expires
Fri, 07 Apr 2023 11:28:10 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| OneSignal function| $ function| jQuery object| x undefined| j undefined| ll undefined| selElmnt undefined| a undefined| b undefined| c function| closeAllSelect undefined| typingTimer object| dataCountries object| $country undefined| $countryName object| $zipCity undefined| $btnLocation undefined| $btnValidateLocation undefined| $displayErrorLocation boolean| isLocationByGeolocation number| doneTyping object| countries undefined| curLanguage function| _eventClickAutocomplete function| findCountryCode function| displayCountry function| findCountryName function| buildAutocomplete function| getCurentLocation function| getCurentLocationByIp function| sendCurrentLocation function| sendValidateLocation function| fillLocationValidated function| validateLocation function| validateLocationMessage function| getCurrentLink function| goToStep function| countdownToNextStep function| activeProgressBar function| Validator object| Popwin function| populateLinks function| deeplinkQueryStringToArray function| deeplinkAddParametersToURL function| rotateImg function| LoadVideo number| __oneSignalSdkLoadCount function| __jp0

7 Cookies

Domain/Path Name / Value
eu-adsrv.rtbsuperhub.com/ir Name: srtbid
Value: TP-642572451dfbb7.73447394
www.xn3j2k.com/ Name: uniqueClick_25D7F3
Value: a810284b-5e7b-4448-ba84-e81c49957709:1680175684
www.xn3j2k.com/ Name: transaction_id
Value: 45f4cb7560e64b9ca30389f26d1fb66f
live3.news4more.com/ Name: PHPSESSID
Value: e2nvpgu1vfoc2igup8ausut3d5
.news4more.com/ Name: __cf_bm
Value: xG44p_ktb9bkFPVJmu1alA8COZZz3SsPfnL1KV1icPg-1680175685-0-AdYTJXfVftc1EhChXK13S3JOd1PXOhhuVb61cPJBiI5c+BN22LPUzweY5mIB4Q4ajSU/yy3M5NfTMJiEc49/UoI=
.servefilesonly.com/ Name: __cf_bm
Value: 8Sg2yuU5.HamjMNQA2AzntfCBUI1IZhVHhTrto.1o7c-1680175685-0-Ab6t/wOvYcWyttP8/6X2BXokNc/GYZNADlZ0YvoToUdeFnsUeVpvZwcy4LBBkw41CWtQ/01p+Mv0kS5M9JEGS1M=
.onesignal.com/ Name: __cf_bm
Value: 7yyeKUEu7MoB581p5nm1e_.mB8E4nYtaGF8JTyuq5T4-1680175685-0-ARG3Su2YlpzGU2UvkVCHc6lbcxsz7wSEuXgmDp1S2ETUlcMs6/GHzEuY2N+lLQjAr5KMVcHIrV8JQOgXr2II6Yo=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alwaysbeemailing.com
cdn.onesignal.com
eu-adsrv.rtbsuperhub.com
fonts.googleapis.com
fonts.gstatic.com
imedia.servefilesonly.com
img.onesignal.com
live3.news4more.com
lpmedia.servefilesonly.com
onesignal.com
tracking.sayhitorachel.com
www.xn3j2k.com
142.93.114.237
2606:4700::6812:1b7e
2606:4700::6812:a95
2606:4700::6812:d63b
2606:4700::6812:d73b
2a00:1450:4001:812::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
34.107.223.80
46.105.88.234
52.213.121.49
0ad52165cc6b3c50eba82c56abb65284455ad606c29b6f134ee1e472dc4cbaa2
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9
357629ec1614161f8b3eab4f5643e824aa39a262bac26c32b64f5324f1f46563
3f8b95b5b14094945598842bd5e4877c8a7a37733975e0d809e41cc53f999587
459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2
5c1061d49dac41af1ca8c10ed195d78d35f5f87551a36bd148189ee9101910ff
7cab4be0e7fe939d22c5ea3167b1d8378988494642ca8d6fd41ce84f1e03d623
7fea82fe2adfc37eba8bc5f85a421f48c1c00c467d253dbd07fd8107b8c39620
8a00c8802774a18c05eb659f1ed3ca884a658e5304a71aacf0a498131f441563
90dbf5e0dc6571f4d401fc345e91eaca9df0354ed9180628d0e3bbac88cdf372
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895
a1dca8107ce4f619cc1b33257c1f1cbacd657697d91a0551c1feef4803627c45
abb9665c2650167450a41f608d8d02dbe67658109c6454c51b64917ff29416c1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
afb61b7d333ca96af47d36a167dd0af56d6ab22b70b82869ea19be9a7f8e5438
c30f4cb0a4bb08c2bf52de94091cd64de5301e9a5c77b36ca8c686dcaf31e466
ceb58acc54679268926472a6a05930c84036b8b1ba18be1a33d10e1838382f7b
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
f0a503b8a23dd6b7fc6c57e296ad31f4208d1ad7e71a90d58232cccb99fac6d2
f30f1eca639cb609aaf9b3f23f0f685394d1e4097c582df10fe7e9bd9fc95d0d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e