urlscan.io logo urlscan.io
SecurityTrails logo

ec98d045d6.news-zurele.com Open in urlscan Pro
193.108.117.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&co...
Effective URL: https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 193.108.117.211, located in Frankfurt am Main, Germany and belongs to AS-GLOBALTELEHOST, US. The main domain is ec98d045d6.news-zurele.com.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time ec98d045d6.news-zurele.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 8 23.158.56.201 63023 (AS-GLOBAL...)
7 193.108.118.16 63023 (AS-GLOBAL...)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 95.216.66.235 24940 (HETZNER-AS)
1 5.9.65.244 24940 (HETZNER-AS)
1 116.202.233.120 24940 (HETZNER-AS)
1 46.4.41.114 24940 (HETZNER-AS)
6 193.108.117.211 63023 (AS-GLOBAL...)
1 144.76.56.162 ()
1 176.9.89.158 ()
41 11
1    2606:4700:3033::6815:1ee3 (United States)

ASN13335 (CLOUDFLARENET, US)
guzin.fun
8    23.158.56.201 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com
news-degavu.com
0de6f96dfc.news-wulacu.com
7    193.108.118.16 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com
news-fodixa.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    95.216.66.235 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: revopush-show-101.t.push.house
show.revopush.com
1    5.9.65.244 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-207.t.push.house
img.cdn.house
1    116.202.233.120 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: revopush-show-79.t.push.house
show.revopush.com
1    46.4.41.114 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: push-house-cdn-203.t.push.house
img.cdn.house
6    193.108.117.211 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 211-117-108-193.clients.gthost.com
ec98d045d6.news-zurele.com
1    144.76.56.162 (None, )

ASN- ()
show.revopush.com
1    176.9.89.158 (None, )

ASN- ()
img.cdn.house
Apex Domain
Subdomains		 Transfer
12 gstatic.com
fonts.gstatic.com
152 KB
7 news-wulacu.com
0de6f96dfc.news-wulacu.com
185 KB
7 news-fodixa.com
news-fodixa.com
168 KB
6 news-zurele.com
ec98d045d6.news-zurele.com
168 KB
3 cdn.house
img.cdn.house — Cisco Umbrella Rank: 13840
10 KB
3 revopush.com
show.revopush.com — Cisco Umbrella Rank: 20463
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
1 news-degavu.com
news-degavu.com
147 B
1 guzin.fun
guzin.fun
891 B
41 9
Domain Requested by
12 fonts.gstatic.com fonts.googleapis.com
7 0de6f96dfc.news-wulacu.com news-fodixa.com
0de6f96dfc.news-wulacu.com
7 news-fodixa.com news-fodixa.com
6 ec98d045d6.news-zurele.com 0de6f96dfc.news-wulacu.com
ec98d045d6.news-zurele.com
3 img.cdn.house
3 show.revopush.com news-fodixa.com
0de6f96dfc.news-wulacu.com
ec98d045d6.news-zurele.com
3 fonts.googleapis.com news-fodixa.com
0de6f96dfc.news-wulacu.com
ec98d045d6.news-zurele.com
1 news-degavu.com 1 redirects
1 guzin.fun 1 redirects
41 9

This site contains no links.

Subject Issuer Validity Valid
*.news-fodixa.com
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
show.revopush.com
Go Daddy Secure Certificate Authority - G2		 2024-03-22 -
2025-03-22		 a year crt.sh
img.cdn.house
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
*.news-wulacu.com
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh
*.news-zurele.com
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Frame ID: 77F2F990D6FF088EDC6AE4CED88BC0B8
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&so... HTTP 307
    https://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&so... HTTP 302
    https://news-degavu.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 HTTP 307
    https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 Page URL
  2. https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 Page URL
  3. https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 Page URL

Page Statistics

41
Requests

100 %
HTTPS

25 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

689 kB
Transfer

775 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&cohort=%7Bcohort%7D&pn_type=%7Bpn_type%7D HTTP 307
    https://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&cohort=%7Bcohort%7D&pn_type=%7Bpn_type%7D HTTP 302
    https://news-degavu.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 HTTP 307
    https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 Page URL
  2. https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 Page URL
  3. https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&cohort=%7Bcohort%7D&pn_type=%7Bpn_type%7D HTTP 307
  • https://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&cohort=%7Bcohort%7D&pn_type=%7Bpn_type%7D HTTP 302
  • https://news-degavu.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4 HTTP 307
  • https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
news-fodixa.com/
Redirect Chain
  • http://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&cohort=%7Bcohort%7D&pn_type=%7Bpn_type%7D
  • https://guzin.fun/wxbgwb1z?cost=%7Bcost%7D&currency=%7Bcurrency%7D&external_id=$%7Bsubid%7D&source=%7Bzoneid%7D&cohort=%7Bcohort%7D&pn_type=%7Bpn_type%7D
  • https://news-degavu.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
  • https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
6b2a3cfed85f52ebabbcdc8f14709fc2b8bb9b674cf67c1c9f888808f8e788b6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 21:00:34 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

content-length
0
date
Fri, 12 Apr 2024 21:00:34 GMT
location
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
server
nginx
vary
Origin
x-frame-options
DENY
style.css
news-fodixa.com/lands/20/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-fodixa.com/lands/20/style.css
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:34 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-364"
content-type
text/css
accept-ranges
bytes
content-length
868
process.js
news-fodixa.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-fodixa.com/process.js?id=8065014&p1={zoneid}&p2=23oqlse1c7du8h&p3=&p4=
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
042a7a8c850f9a15be307ba2ce69ae174c0f7b4d4e97f1dc09f4226843a10c2d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 21:00:34 GMT
content-encoding
gzip
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
expires
0
revopush.js
news-fodixa.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-fodixa.com/revopush.js
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:34 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-1d30"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
7472
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Apr 2024 21:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 21:00:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Apr 2024 21:00:34 GMT
girls.jpg
news-fodixa.com/lands/20/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-fodixa.com/lands/20/girls.jpg
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/lands/20/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:34 GMT
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
accept-ranges
bytes
etag
"6602cb4c-24ee6"
content-length
151270
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://news-fodixa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 19:27:41 GMT
x-content-type-options
nosniff
age
5573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 19:27:41 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://news-fodixa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 06:13:41 GMT
x-content-type-options
nosniff
age
139613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2025 06:13:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://news-fodixa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
591311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://news-fodixa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
580188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 03:50:46 GMT
/
show.revopush.com/api/v1/inpage/show/ 		794 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.revopush.com/api/v1/inpage/show/?uid=136459&subacc=8065014&sub1={zoneid}&sub2=23oqlse1c7du8h&sub3=&sub4=&adult=true&limit=1&traffic=adult
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/process.js?id=8065014&p1={zoneid}&p2=23oqlse1c7du8h&p3=&p4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.66.235 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
revopush-show-101.t.push.house
Software
nginx /
Resource Hash
aa69b756259b3245ed7d3c94c1e9240bc7c1af5f618b23eaeb6911dcb887368e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://news-fodixa.com
date
Fri, 12 Apr 2024 21:00:35 GMT
content-encoding
br
accept-ch
Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server
nginx
vary
Origin
content-type
application/json
favicon.ico
news-fodixa.com/ 		548 B
256 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news-fodixa.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:34 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=utf-8
LRgc28JCXzqroYnkvT5rpUmfheUeLaHH4BWI68R48223QvmUztx0-ZufazF7qkticw_t3jJ3yF3Yw5yKg_wZ-tNbd5tRt1_HlsZfBIfKlH6BcCW9gnuFh8MVIlbs1OdbJuDLPJ8tpOTYlkJ69p7r8ZUPyQeAUSXMldNTUT2z7XKb29TTuM6S0LsCWiHlhdwBfA==
img.cdn.house/i/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdn.house/i/1/LRgc28JCXzqroYnkvT5rpUmfheUeLaHH4BWI68R48223QvmUztx0-ZufazF7qkticw_t3jJ3yF3Yw5yKg_wZ-tNbd5tRt1_HlsZfBIfKlH6BcCW9gnuFh8MVIlbs1OdbJuDLPJ8tpOTYlkJ69p7r8ZUPyQeAUSXMldNTUT2z7XKb29TTuM6S0LsCWiHlhdwBfA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.65.244 Giessen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
push-house-cdn-207.t.push.house
Software
nginx /
Resource Hash
847786653e45fc07a13d88ff38ebba8fd025fc26aabd3f4b38d944e186cfe6b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://news-fodixa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:35 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Wed, 05 Apr 2023 12:02:13 GMT
server
nginx
accept-ranges
bytes
content-length
3180
content-type
image/webp
reject
news-fodixa.com/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news-fodixa.com/reject
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 12 Apr 2024 21:00:36 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
/
0de6f96dfc.news-wulacu.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Requested by
Host: news-fodixa.com
URL: https://news-fodixa.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
5fd9302d3aeac03a6ffc53f6e3f04bf9381664744c886b8ed836a94accdba007
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://news-fodixa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
1618
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 21:00:36 GMT
server
nginx
vary
Origin
x-frame-options
DENY
style.css
0de6f96dfc.news-wulacu.com/lands/20/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0de6f96dfc.news-wulacu.com/lands/20/style.css
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:36 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-364"
content-type
text/css
accept-ranges
bytes
content-length
868
process.js
0de6f96dfc.news-wulacu.com/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0de6f96dfc.news-wulacu.com/process.js?id=8065014&p1={zoneid}&p2=23oqlse1c7du8h&p3=&p4=
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
47ccda3860ff8b1f637f1722cc6c8c5c1c991b317b0081ddc115bf5757712ba1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
application/javascript; charset=utf-8
pragma
no-cache
date
Fri, 12 Apr 2024 21:00:36 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
vary
Origin
expires
0
revopush.js
0de6f96dfc.news-wulacu.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0de6f96dfc.news-wulacu.com/revopush.js
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:36 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-1d30"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
7472
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Apr 2024 21:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 21:00:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Apr 2024 21:00:36 GMT
/
show.revopush.com/api/v1/inpage/show/ 		761 B
920 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.revopush.com/api/v1/inpage/show/?uid=136459&subacc=8065014&sub1={zoneid}&sub2=23oqlse1c7du8h&sub3=&sub4=&adult=true&limit=1&traffic=adult
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/process.js?id=8065014&p1={zoneid}&p2=23oqlse1c7du8h&p3=&p4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.233.120 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
revopush-show-79.t.push.house
Software
nginx /
Resource Hash
a05d2a13949147c59ea6203ebb4870227f9907b571a7b5eb493c218a4a2e5599

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://0de6f96dfc.news-wulacu.com
date
Fri, 12 Apr 2024 21:00:36 GMT
content-encoding
br
accept-ch
Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server
nginx
vary
Origin
content-type
application/json
girls.jpg
0de6f96dfc.news-wulacu.com/lands/20/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0de6f96dfc.news-wulacu.com/lands/20/girls.jpg
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/lands/20/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:36 GMT
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
accept-ranges
bytes
etag
"6602cb4c-24ee6"
content-length
151270
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://0de6f96dfc.news-wulacu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 19:27:41 GMT
x-content-type-options
nosniff
age
5575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 19:27:41 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://0de6f96dfc.news-wulacu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 06:13:41 GMT
x-content-type-options
nosniff
age
139615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2025 06:13:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://0de6f96dfc.news-wulacu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
591313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://0de6f96dfc.news-wulacu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
580190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 03:50:46 GMT
favicon.ico
0de6f96dfc.news-wulacu.com/ 		548 B
622 B 		Other
General
Check archive.org
Download Go to
Full URL
https://0de6f96dfc.news-wulacu.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:36 GMT
server
nginx
content-length
548
content-type
text/html; charset=utf-8
UJ8NxyDd5CGu8VvUtf63FN6PwutwfKi4M2u95yzZnEqch5767f1XCycwmFUBqJTrxwluNOYgWGhKAJWGznEzhir5DsMErQn2ZVgBnAekI3d3-F22y8VCbS28x9YnjycUlM7UMMgG1P9UzLAnTSzhcCL0TS1CVnXMR90V_NnD2mB0bAOEv1OgNS_l9Z5J4T4nYvk=
img.cdn.house/i/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdn.house/i/1/UJ8NxyDd5CGu8VvUtf63FN6PwutwfKi4M2u95yzZnEqch5767f1XCycwmFUBqJTrxwluNOYgWGhKAJWGznEzhir5DsMErQn2ZVgBnAekI3d3-F22y8VCbS28x9YnjycUlM7UMMgG1P9UzLAnTSzhcCL0TS1CVnXMR90V_NnD2mB0bAOEv1OgNS_l9Z5J4T4nYvk=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.41.114 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
push-house-cdn-203.t.push.house
Software
nginx /
Resource Hash
61e29cd891894e62329da8113957fb24ad9ce2ccad4b8d442495d367279d6782

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://0de6f96dfc.news-wulacu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:36 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Mon, 03 Apr 2023 07:54:19 GMT
server
nginx
accept-ranges
bytes
content-length
2712
content-type
image/webp
reject
0de6f96dfc.news-wulacu.com/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://0de6f96dfc.news-wulacu.com/reject
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 12 Apr 2024 21:00:38 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
Primary Request /
ec98d045d6.news-zurele.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Requested by
Host: 0de6f96dfc.news-wulacu.com
URL: https://0de6f96dfc.news-wulacu.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
211-117-108-193.clients.gthost.com
Software
nginx /
Resource Hash
9f2a0e6a81dec1eac7df3d1c2eb45ec00f2447cff7e12c52f66052bea386861b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://0de6f96dfc.news-wulacu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 21:00:38 GMT
server
nginx
vary
Origin
x-frame-options
DENY
style.css
ec98d045d6.news-zurele.com/lands/20/ 		2 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ec98d045d6.news-zurele.com/lands/20/style.css
Requested by
Host: ec98d045d6.news-zurele.com
URL: https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
211-117-108-193.clients.gthost.com
Software
nginx /
Resource Hash
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:38 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-364"
content-type
text/css
accept-ranges
bytes
content-length
868
process.js
ec98d045d6.news-zurele.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec98d045d6.news-zurele.com/process.js?id=8065014&p1={zoneid}&p2=23oqlse1c7du8h&p3=&p4=
Requested by
Host: ec98d045d6.news-zurele.com
URL: https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
211-117-108-193.clients.gthost.com
Software
nginx /
Resource Hash
b5db6e4a6b73abe36b48fd712ed77c3f233f0209b52e4acda937b21fd7892073

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 12 Apr 2024 21:00:38 GMT
content-encoding
gzip
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
expires
0
revopush.js
ec98d045d6.news-zurele.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec98d045d6.news-zurele.com/revopush.js
Requested by
Host: ec98d045d6.news-zurele.com
URL: https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
211-117-108-193.clients.gthost.com
Software
nginx /
Resource Hash
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:38 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
etag
"6602cb4c-1d30"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
7472
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: ec98d045d6.news-zurele.com
URL: https://ec98d045d6.news-zurele.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Apr 2024 21:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 21:00:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Apr 2024 21:00:38 GMT
/
show.revopush.com/api/v1/inpage/show/ 		761 B
921 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.revopush.com/api/v1/inpage/show/?uid=136459&subacc=8065014&sub1={zoneid}&sub2=23oqlse1c7du8h&sub3=&sub4=&adult=true&limit=1&traffic=adult
Requested by
Host: ec98d045d6.news-zurele.com
URL: https://ec98d045d6.news-zurele.com/process.js?id=8065014&p1={zoneid}&p2=23oqlse1c7du8h&p3=&p4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
144.76.56.162 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
59859e7d788575ad643844fbe0c31fb4f040e507792bcd951d11bd3f19b436e1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://ec98d045d6.news-zurele.com
date
Fri, 12 Apr 2024 21:00:38 GMT
content-encoding
br
accept-ch
Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
server
nginx
vary
Origin
content-type
application/json
girls.jpg
ec98d045d6.news-zurele.com/lands/20/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ec98d045d6.news-zurele.com/lands/20/girls.jpg
Requested by
Host: ec98d045d6.news-zurele.com
URL: https://ec98d045d6.news-zurele.com/lands/20/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
211-117-108-193.clients.gthost.com
Software
nginx /
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/lands/20/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:38 GMT
last-modified
Tue, 26 Mar 2024 13:19:08 GMT
server
nginx
accept-ranges
bytes
etag
"6602cb4c-24ee6"
content-length
151270
content-type
image/jpeg
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://ec98d045d6.news-zurele.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 19:27:41 GMT
x-content-type-options
nosniff
age
5577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 19:27:41 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://ec98d045d6.news-zurele.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 06:13:41 GMT
x-content-type-options
nosniff
age
139617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2025 06:13:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://ec98d045d6.news-zurele.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 00:45:23 GMT
x-content-type-options
nosniff
age
591315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 00:45:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://ec98d045d6.news-zurele.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 03:50:46 GMT
x-content-type-options
nosniff
age
580192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 03:50:46 GMT
lP2HjL7YLjASUMhrBC_sko6PSP6mkYO18ftIEMKmzOxgwrEtUFYsefTXu4Li8nzfrL1NaFq2lTqbvE93D_LQgEqfnlgon37cREdvqPtJBo52nSuwJkKLa2MGFfFVLHHGAwD38oYqB5KAykqasbyKa9TsG_GB7SFK2yntSGOSfErcpLFu6aMaUJLEe4KmQKbRZi8=
img.cdn.house/i/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdn.house/i/1/lP2HjL7YLjASUMhrBC_sko6PSP6mkYO18ftIEMKmzOxgwrEtUFYsefTXu4Li8nzfrL1NaFq2lTqbvE93D_LQgEqfnlgon37cREdvqPtJBo52nSuwJkKLa2MGFfFVLHHGAwD38oYqB5KAykqasbyKa9TsG_GB7SFK2yntSGOSfErcpLFu6aMaUJLEe4KmQKbRZi8=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.89.158 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
117727fde4618679931147107b8dc0061070f78ea45c6f8255ea43897fa88124

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:39 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Mon, 09 Oct 2023 10:58:36 GMT
server
nginx
accept-ranges
bytes
content-length
3980
content-type
image/webp
favicon.ico
ec98d045d6.news-zurele.com/ 		548 B
256 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ec98d045d6.news-zurele.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
211-117-108-193.clients.gthost.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 21:00:39 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
guzin.fun/ Name: _subid
Value: 23oqlse1c7du8h
guzin.fun/ Name: 330d8
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjc4NVwiOjE3MTI5NTU2MzN9LFwiY2FtcGFpZ25zXCI6e1wiMTg5XCI6MTcxMjk1NTYzM30sXCJ0aW1lXCI6MTcxMjk1NTYzM30ifQ.wah4cq6UinGKKgcNzjh15VhGSEgbHedoxbMMo-S3RhI
guzin.fun/ Name: _token
Value: uuid_23oqlse1c7du8h_23oqlse1c7du8h6619a0f1cbea91.12267012

6 Console Messages

Source Level URL
Text
other error URL: https://news-fodixa.com/?id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://news-fodixa.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://0de6f96dfc.news-wulacu.com/?i=1&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://0de6f96dfc.news-wulacu.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://ec98d045d6.news-zurele.com/?i=2&id=8065014&p1=%7Bzoneid%7D&p2=23oqlse1c7du8h&p3=&p4=sub4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://ec98d045d6.news-zurele.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0de6f96dfc.news-wulacu.com
ec98d045d6.news-zurele.com
fonts.googleapis.com
fonts.gstatic.com
guzin.fun
img.cdn.house
news-degavu.com
news-fodixa.com
show.revopush.com
116.202.233.120
144.76.56.162
176.9.89.158
193.108.117.211
193.108.118.16
23.158.56.201
2606:4700:3033::6815:1ee3
2a00:1450:4001:810::200a
2a00:1450:4001:82f::2003
46.4.41.114
5.9.65.244
95.216.66.235
042a7a8c850f9a15be307ba2ce69ae174c0f7b4d4e97f1dc09f4226843a10c2d
117727fde4618679931147107b8dc0061070f78ea45c6f8255ea43897fa88124
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed
47ccda3860ff8b1f637f1722cc6c8c5c1c991b317b0081ddc115bf5757712ba1
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
59859e7d788575ad643844fbe0c31fb4f040e507792bcd951d11bd3f19b436e1
5fd9302d3aeac03a6ffc53f6e3f04bf9381664744c886b8ed836a94accdba007
61e29cd891894e62329da8113957fb24ad9ce2ccad4b8d442495d367279d6782
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b2a3cfed85f52ebabbcdc8f14709fc2b8bb9b674cf67c1c9f888808f8e788b6
847786653e45fc07a13d88ff38ebba8fd025fc26aabd3f4b38d944e186cfe6b6
9f2a0e6a81dec1eac7df3d1c2eb45ec00f2447cff7e12c52f66052bea386861b
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30
a05d2a13949147c59ea6203ebb4870227f9907b571a7b5eb493c218a4a2e5599
aa69b756259b3245ed7d3c94c1e9240bc7c1af5f618b23eaeb6911dcb887368e
aa7dc9551d9641febc7616653e797b381d7258077ed416e822b1ade51470c533
b5db6e4a6b73abe36b48fd712ed77c3f233f0209b52e4acda937b21fd7892073
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615