urlscan.io logo urlscan.io
SecurityTrails logo

3a815baea2.news-bnugari.today Open in urlscan Pro
65.109.24.247  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://phfrance.com/t/XZ2e4atcv5wlbbS2st6ntuUIU15YOh0tt3JIkjIzcqVMl-p4PWwWLezCLssf24ryRzid0tZnq97UhfHF-RDcRa_HFqnH2U...
Effective URL: https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_P...
Submission: On December 17 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 12 domains to perform 33 HTTP transactions. The main IP is 65.109.24.247, located in Helsinki, Finland and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is 3a815baea2.news-bnugari.today.
TLS certificate: Issued by E6 on December 5th 2024. Valid for: 3 months.
This is the only time 3a815baea2.news-bnugari.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:4f8:151:... 24940 (HETZNER-A...)
1 1 142.202.51.61 63023 (AS-GLOBAL...)
1 1 193.108.118.16 63023 (AS-GLOBAL...)
5 144.76.106.61 24940 (HETZNER-A...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a01:4f8:13b:... 24940 (HETZNER-A...)
8 216.58.206.35 15169 (GOOGLE)
1 1 148.251.139.99 24940 (HETZNER-A...)
2 2 188.114.96.3 13335 (CLOUDFLAR...)
3 193.108.118.133 63023 (AS-GLOBAL...)
5 136.243.42.50 24940 (HETZNER-A...)
2 2a01:4f8:1c1e... 24940 (HETZNER-A...)
1 1 148.251.85.93 24940 (HETZNER-A...)
6 65.109.24.247 24940 (HETZNER-A...)
1 1 5.9.65.244 24940 (HETZNER-A...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
33 9
1    2a01:4f8:151:90ea::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
phfrance.com
1    142.202.51.61 (London, United Kingdom)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 61-51-202-142.clients.gthost.com
partners-tds.com
1    193.108.118.16 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com
news-xpatado.com
5    144.76.106.61 (Hamm, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.61.106.76.144.clients.your-server.de
80884c5e00.news-byikivu.info
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a01:4f8:13b:13e7::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
show.partners-show.com
8    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
fonts.gstatic.com
1    148.251.139.99 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-149.t.push.house
img.cdn.house
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
epicdn.net
3    193.108.118.133 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 133-118-108-193.clients.gthost.com
epics3.net
5    136.243.42.50 (Berlin, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.50.42.243.136.clients.your-server.de
54bf77a20b.news-bnotusi.today
2    2a01:4f8:1c1e:e2b3::1 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
show.partners-show.com
1    148.251.85.93 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-114.t.push.house
img.cdn.house
6    65.109.24.247 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.247.24.109.65.clients.your-server.de
3a815baea2.news-bnugari.today
1    5.9.65.244 (Giessen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-207.t.push.house
img.cdn.house
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
epicdn.net
Apex Domain
Subdomains		 Transfer
8 gstatic.com
fonts.gstatic.com
128 KB
6 news-bnugari.today
3a815baea2.news-bnugari.today
105 KB
5 news-bnotusi.today
54bf77a20b.news-bnotusi.today
166 KB
5 news-byikivu.info
80884c5e00.news-byikivu.info
166 KB
3 epics3.net
epics3.net — Cisco Umbrella Rank: 245117
225 KB
3 epicdn.net
epicdn.net — Cisco Umbrella Rank: 185728
2 KB
3 cdn.house
img.cdn.house — Cisco Umbrella Rank: 11156
3 KB
3 partners-show.com
show.partners-show.com — Cisco Umbrella Rank: 26775
10 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 news-xpatado.com
news-xpatado.com
186 B
1 partners-tds.com
partners-tds.com
751 B
1 phfrance.com
phfrance.com
356 B
33 12
Domain Requested by
8 fonts.gstatic.com fonts.googleapis.com
6 3a815baea2.news-bnugari.today 54bf77a20b.news-bnotusi.today
3a815baea2.news-bnugari.today
5 54bf77a20b.news-bnotusi.today 80884c5e00.news-byikivu.info
54bf77a20b.news-bnotusi.today
5 80884c5e00.news-byikivu.info 80884c5e00.news-byikivu.info
3 epics3.net
3 epicdn.net 3 redirects
3 img.cdn.house 3 redirects
3 show.partners-show.com 80884c5e00.news-byikivu.info
54bf77a20b.news-bnotusi.today
3a815baea2.news-bnugari.today
3 fonts.googleapis.com client
1 news-xpatado.com 1 redirects
1 partners-tds.com 1 redirects
1 phfrance.com 1 redirects
33 12

This site contains no links.

Subject Issuer Validity Valid
*.news-byikivu.info
E5		 2024-12-05 -
2025-03-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
show.partners-show.com
E5		 2024-12-12 -
2025-03-12		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.news-bnotusi.today
E5		 2024-12-05 -
2025-03-05		 3 months crt.sh
*.news-bnugari.today
E6		 2024-12-05 -
2025-03-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Frame ID: FDDA8CC6C08315BED20EA5CBE88134D4
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play

Page URL History Show full URLs

  1. https://phfrance.com/t/XZ2e4atcv5wlbbS2st6ntuUIU15YOh0tt3JIkjIzcqVMl-p4PWwWLezCLssf24ryRzid0tZnq9... HTTP 302
    https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3= HTTP 302
    https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH HTTP 302
    https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4fa... Page URL
  2. https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96... Page URL
  3. https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=... Page URL

Page Statistics

33
Requests

91 %
HTTPS

25 %
IPv6

12
Domains

12
Subdomains

9
IPs

5
Countries

804 kB
Transfer

1460 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://phfrance.com/t/XZ2e4atcv5wlbbS2st6ntuUIU15YOh0tt3JIkjIzcqVMl-p4PWwWLezCLssf24ryRzid0tZnq97UhfHF-RDcRa_HFqnH2UEEH5j0MrpIku-PHdkiOfDjJQcRdh844vb8CsxDBNmT6zRd5un8_rLfwhIMUht_J_gUpMrica_XGNCL7m3QUQfYSt47frFJhcvp70ZGhn3q7fIVT9cbKTfbQAwSIhNcqaQZxPhv41SLeACygRMsLP2fJYP89nQUkWnhWv_h-pt4kv_fQnusWXIVVPYMoxcYHJJQFmzB0IXC65moJ9GV-SyAJOuHRnCMxpgqVjqhowhmQS5QX3_pCF7dVfLmWA66ZTQT4MiPi HTTP 302
    https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3= HTTP 302
    https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH HTTP 302
    https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e Page URL
  2. https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1 Page URL
  3. https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://phfrance.com/t/XZ2e4atcv5wlbbS2st6ntuUIU15YOh0tt3JIkjIzcqVMl-p4PWwWLezCLssf24ryRzid0tZnq97UhfHF-RDcRa_HFqnH2UEEH5j0MrpIku-PHdkiOfDjJQcRdh844vb8CsxDBNmT6zRd5un8_rLfwhIMUht_J_gUpMrica_XGNCL7m3QUQfYSt47frFJhcvp70ZGhn3q7fIVT9cbKTfbQAwSIhNcqaQZxPhv41SLeACygRMsLP2fJYP89nQUkWnhWv_h-pt4kv_fQnusWXIVVPYMoxcYHJJQFmzB0IXC65moJ9GV-SyAJOuHRnCMxpgqVjqhowhmQS5QX3_pCF7dVfLmWA66ZTQT4MiPi HTTP 302
  • https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3= HTTP 302
  • https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH HTTP 302
  • https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Request Chain 10
  • https://img.cdn.house/i/1/aRinR9norm_OHy0CblsChZRCDRW_cCV1i26HV5KTaqQQDG6JviezayvKUseF-Ch798vQLzZzFglePtBpT5DP15DJNTkikPqFNVL3XVI3LuAwI9Kmp1nyPdE7RRfup-vIrFUrOkgYkoL1FYwwwjx2lrOqH7mfYql49jWwcSqskEl5XMkKynqan9nNL5qfWt1aUeKRPJlScbBVbb9C2VbqgNYNLpfPQK3I1pw0PknS5O3HFDwUeDLP3rnSl5bRqP5m9MtWP77YnUh7MVlqmi_Lvhz7mbml4_yRPkYNIXwnxLP-RVGJNE7PgrXSR13LB7t4zSCfIMq-DuywN5M7AmtDX5NEO0ViRuTdzPUmOaxuQLugvEPSopf3j-KxOfUrvy4AwRtISRZzU9EHpP5_DpwR8PfAz3enpa9aBWuMjqh4CungqSdxVZ_cgMGUiCueDaX2-eaqntC8UR5DyGwDZy4b8iZGi7x0x6Txm0WTaiWy0nI9U_gdIf8xE3vV4uUJ5wCWBiLGmwkcYoHq8aUFSWv9VpB48JZvQtPMR3N8hwbJpDBneXVeHJdreF1vNhvW4nQF6pSy_uUJzeDNwbl30ixlcx9InfWZygcdcZosmjseGtQ8sapwS6Rv_LSzpcdWSpjBktIKjSQY0zki2_9SKU27rNzVO0NH5nDEvesmrF3PgZVP41225PbLxJx979OQGVQjpeg2Y2EltxLqXw2bHKlBKk4HReczwL7nyuJBIIOmQNFlb06fkl_x-IIVJsjOcH7QTTjYbzyjY2qvwKMwXhUotMCeuCnNTTmAlMlpgHvLlZRS0x-M3OKTOhPssUuC_Uxz5RJeCOwwP2qkZwg3iOHndObccsRd-Yv3va0qtZnufB9yUHLgqmIy3hy2b0ABD4muvwrVV8KfBZ9WlXUceRrCBL0kKHc_3xE09_YnnZGAo_oiqCMsw9MICtq1g8NYdr4sYlyINHaRfDy_c2UHYREoWVsmlcc0jrVz9zdxhAa6NBu92ToN_WsTvaYwrUZerRHopMI8i6bWp5vLpMB3n-bzZG7vMuPvPc1mXRMvNi6wiMSMlicRlQQ9_tU83aDhGXjlUICvzurM-HwIAU6ZAXhpi3xBAwFN5ILEGYyytUOpXVOsoSb256cjz0diFgDE7S-8cYpMElfQknGKTbgSUu2W0QowYUIkb-Si6MXSrVv1xTkNA4nY5atdHB3p5Nz8B0cMRVw7Z97QoWTA0h694Sg6qbjw15L5hGH1r5SrS4VWFDAKWxGl83zlN4YoVJ0t5eGOGlGBsBoipPCIIyy54xZoXNvImAGSjlqrDE5Vv2KvMUlkeUWE43WHghSmEWga2p8xTRuwjpcLz_3VXjWOcYX7PcIJkM0aQlEQxE5xFyAn4iH-MUb4DGprIPvpgYryHcZ4zeAdD9u9YLx48eCv3nw3PgLvjPgZ6Hzj30hfq9UcyjiWtoSdjB0x7u6oJJJz-mLL83ZfBvbDDN_Tt2GdCcRnqlK8qIbWpGwkUfV_FqApQgKDoMlZT-q2JFvYcZfjFC1nnveBxmOP1ccDoyP1qpQ9IwJDE90KWwKzIBktO_zmW7vZtpXJOsRGUKLJLLwmLnEFnBH3WXHQEthYlVBMaYHTC9G1RNytOqEQPRiBV7Ar2dwVaOOAvirSo9Lbyeef6vfta4nfzwXy?inpage.template=retro_main HTTP 307
  • https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJmaSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6NjU4MjI1LCJjbGlja19wcmljZSI6MC4wMDAxLCJjb25uZWN0aW9uX3R5cGUiOiJXaUZpIiwiY291bnRyeV9pc28iOiJGSSIsImRldmljZV90eXBlIjoiRGVza3RvcCIsImRzcF9pZCI6MiwiZm9ybWF0IjoiSW5QYWdlIiwiaV90IjoxNzM0NDUxNjQ5LCJpY29uIjoiYS9pbWcvNzAvMTI0LzM5MS9wU1FybDVmbDE5bFIwQkF2cWF2VUVYYno3c294ZGJwQTRwaVUxWnBNLnBuZyIsImlwIjoiMmEwYzpmMDQwOjA6Mjc5MDo6NGUiLCJpc3AiOiJPeSBDcmVhIE5vdmEgSG9zdGluZyBTb2x1dGlvbiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDUxNjQ5LCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
  • https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
Request Chain 22
  • https://img.cdn.house/i/1/YvDwRA-8TH_0OvSYgVJCPz0x8guudVx_0DqOqa3AN5FTwOuSBj58zcHij3kPrFlJBKM0w6K6r421J3QfiifDBHmCF_u8vcHqL4hKo97sgjtwI153OkGzHcmIIyw9gsk1qh67wR8ZMvA4rwTIQkgL5b7U-JvzjqhvhUh4uT0OmCqCs0MGCI-e50b8b0dUP1-JgDkMsA2xRtbKjWy7aLSTq1YMSP9CU2uE_1hOlOr9qTgkCidO2CcB5jYD0HBvnIhs2IMbyW9bDXn2py_ZrK0GnOPVeJyl8Tq2YPwRTtYT7neazsF8Umy8onlx90ppncX_o1Jlj0yFAlK0YEZhPapRSiR2yxKzFjcNsINIOLBYxfA3eASoFny-hK-kXyMjRvOqM4XbniPnfVaEVKkib6KV9VuNUf2u9C7zt0KzlqZrY0WM8VW1Kf62DgPDBOoUL2NqztXaVcIxLr2hYDOLcdKeRrSJ3hbDs2XcemGbMS0HS_FARw8hfuPZ8q1EB6T4YU6ZLv8AkdSevZvXFYfC1ThcWKHZ_JHhswgswSUGDzTjHVCySZ3wYk8vo-t68dSvGc3lSUMBlYulNKL7l3nr_v3kgBVhj3yVZoNisOkli10dGalh3czucYzqjETeJ983irxBhP50xLEEICmA39z81i5lgKZ42JJ2bBBk9dpYqY6O0TOAIMwJTEVGzomJwdPDJCgbwvkUMBc86gfwAF2h1I0tmzWaHRckMMIwZwcWh_1R6U8wSFOveZ08YnbvwuIusJqjU5To61p3yW5tI44kLAn382P-U1hF0KB2xUOBzxhmDjA8ntKwClvr8Mk0eDyAzpERjsIypQGGGj4MAGKNKQVEUg38i2ZBZiPjCuino8hgO5nzePsdY_6yNJePPOxgVUu5-FCphdnMU3XvtTRVQehayeONtDA2tEiSHP3onboNLkVz0nBiIknlXCwXblJZBwFXo2Yz1q3j6YBIcV4Z3tLBbOcu2BaHISodtfb7MYj1l8jeWkp1px5J_fPCFdg2Dn8dKOhQWYDL1z-jiMsOXAZZOYCV0dWbGb_8yww9DAixlXEWqybTmqmMyvn26mYxm6n4r7hkjn2ru8_Fb-NT1G2R0jcB8R6P4h5FxkbyADnIdyZiYCv4pGtGRBV79AdaY6rjoLCySi8Z1rlX2p35_m1Jk3H_y7Ex8sAQePw_K-OivtyP3JCQlq1HtaDdbtRxU4flIHEA22yIqtFnVLuZ4FusSX_bRIKsMc40gn5f87gt-hsGYdm__IOWvHXGq6xXhD0v5IrM8BMU95n8h0fLBccnWNfWNDs6GjHP5AN0t4V-1dgEbNy0u3LxlnC4Yd5RGGoD-rbHCLd5Yx7Ct-M9JzLlYScCPnusf_8QzlnVluhH3rwbokWuQwrd7_BbVJ8z0ltyXGDRXWlsM9TvHVJ05xr2rsQ8Me7-_18UQ6g8cdvVJCPFH58trco1bsz18bZ1W5kuuQ4po_jzejun_JjWjTFd4fH_9upLOw3xhZzk6EH2FipWTmwEz2fubY41SX51TJn8Ezvbf5_uVHLJnZ4GFPavuXcCtn6Tc6mZ_tGPuwsYuKoLGm3toIeG6PiUC_u1sI7fcQUrfc6UVaZ5vw48-1D8O2yWOCtkfiNQXAD0B3Ji1hm6tZ5Md13nakpWRSbg7y8ZDUwEqQe7QA==?inpage.template=retro_main HTTP 307
  • https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJmaSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6NjU4MjI1LCJjbGlja19wcmljZSI6MC4wMDAxLCJjb25uZWN0aW9uX3R5cGUiOiJXaUZpIiwiY291bnRyeV9pc28iOiJGSSIsImRldmljZV90eXBlIjoiRGVza3RvcCIsImRzcF9pZCI6MiwiZm9ybWF0IjoiSW5QYWdlIiwiaV90IjoxNzM0NDUxNjUxLCJpY29uIjoiYS9pbWcvNzAvMTI0LzM5MS9wU1FybDVmbDE5bFIwQkF2cWF2VUVYYno3c294ZGJwQTRwaVUxWnBNLnBuZyIsImlwIjoiMmEwYzpmMDQwOjA6Mjc5MDo6NGUiLCJpc3AiOiJPeSBDcmVhIE5vdmEgSG9zdGluZyBTb2x1dGlvbiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDUxNjUxLCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
  • https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
Request Chain 32
  • https://img.cdn.house/i/1/k02WqJD44Cz5yYSzsn3LLSTBHWeNxYY7nJR3YmZCE4mIQXvD4Cd29QAdNsTuOuEW0bRKx02c8bq1rbutk1hrUkVxavR3_Vy2da873T38odOEoMbPtbYA2QwVl9U1ennrn6uKU5kcIA35lyi4H8Z2pznDnHNBaUy-SAAgwip4_cpTTRM0YB5Bx3gpXxYrs3m9tDZS2hIfMDs0Vxj6zIB-wPz4AmJi1VIDZoBD7CopMAnrcNfEZarUbC0mu3L6WQ6EICGNJFptbBIM7uuDzlR9aJJAvex2gX0DU8iIpgSBCDfbLDwH_DVTUFjl15IiMDRV0wWgrLo7CmdJs0kLt_DXcBzqsN98mFgNNstqzh_9O8WoPuLUaAOBzX5kiengJOAUxZ-z42gp1VFFt6g-g5-eqPQdZsBvS7lMWI_6Apo63okE7GCJv_5jyIa-ewBe3P1YR2tQldWP9sYZxOKGB-Fa4T1oAzXmFgfiswkV9spoxJrLUrdZQyJlqTDp-aVo6Q9qa-tAPn3045UlnoFrF9zPavzouEMD1FGKsVjsJGEMSrpnOxv6vdNCvPJYpnNg1xv4exyBbTZKigjr4IMji03qny0uW19XoksKgVYEGRwZd9aoTut6pU3tGz5fmH61pIQdN-fSYiCzGTGDiwMdUWSah3HmkH_HETAkLTxNd4S_9rvJpGXgTNEk_SPhV3gS8yNZALisO16yh51UcgTULpBtLCA01YbVowYg7nx-vmwasrXz5h7-ug1XFKXf_sfKxS8QgL7UokD9SZyfh0f-BOgZ50HS44Yy0aRn4c89R-ogNKvik6h9hrQmFwJtGXSkowe-_jlzHTfTrSSKEycQHKjoDFGI8Wul0laGiQ1alELjhaKUlE7-l6eQn-FCxOhNDfQfqmHqA2QKR6jYwx3vhZBKJZwQnomoLQBiu4l2qEuY2K7jJorLWVRvmpCdG_5dYyl3OzOKwdbgv87c09cBRIcO9Ut3E-hzkkaEWE728SjG5Y09i5u62YAM_8_XGVg86SoFCa8z5_bMKWkbbrF-jxA-uX0SERuIjS6wBfuMlGy4JhF_fruGzUSF1URA2L9A4io4Y8d64MDr2SBUuxVqgJCtbIrXvhVqyzYPN0DLY18Zk57ZD65mjiPPXjHUUbmLMND8v-9ed617m6XkSKkHqNz6ufUC3zxx833dfxZsNdXT-dAMlxtbj-7h_hpmcsPj_4sJDVkaBEAu9TkTsuJoL8m750o2w8XMuglOH-uprVbcEtdRdgMLdl73kL0JiYKRof937SG2ldRID5pzmbmQEcWI-dtnJNIjWkFLnX7XrBaD7NWdl1ka8Gp8s-1qe5R1E3i2t7o9u5_NiaVSAKwWvV3NhZ-OvieK-Ybk1dG9TvZ4BnmyK85ozjlgS40pKe3iyOTekfDqUEfPlbWUohIGiGlsLsD0c3FXeFOK86-s9Gd_t_OmUNgwQWPYmpI3hlKG3c9QACHtjh5fBIWK2IW37Ul0R0mBK-1ixkspMkuBBiQFRfJIw4Phd7aDjforr1k1xc04aHisslaYDFM6niunL0vngGlJBXNd-xKy_hOhjlWKP2XMrbi6U73IWAbQa6g32oZbCquiAZaw4Tsg9W_7-eLHb9XmLprSlH7XJOJdTmJkAJCx33jMFmRlG45MkCtIcDmbulX1y_D-SA==?inpage.template=retro_main HTTP 307
  • https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJmaSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6NjU4MjI1LCJjbGlja19wcmljZSI6MC4wMDAxLCJjb25uZWN0aW9uX3R5cGUiOiJXaUZpIiwiY291bnRyeV9pc28iOiJGSSIsImRldmljZV90eXBlIjoiRGVza3RvcCIsImRzcF9pZCI6MiwiZm9ybWF0IjoiSW5QYWdlIiwiaV90IjoxNzM0NDUxNjUzLCJpY29uIjoiYS9pbWcvNzAvMTI0LzM5MS9wU1FybDVmbDE5bFIwQkF2cWF2VUVYYno3c294ZGJwQTRwaVUxWnBNLnBuZyIsImlwIjoiMmEwYzpmMDQwOjA6Mjc5MDo6NGUiLCJpc3AiOiJPeSBDcmVhIE5vdmEgSG9zdGluZyBTb2x1dGlvbiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDUxNjUzLCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
  • https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
80884c5e00.news-byikivu.info/
Redirect Chain
  • https://phfrance.com/t/XZ2e4atcv5wlbbS2st6ntuUIU15YOh0tt3JIkjIzcqVMl-p4PWwWLezCLssf24ryRzid0tZnq97UhfHF-RDcRa_HFqnH2UEEH5j0MrpIku-PHdkiOfDjJQcRdh844vb8CsxDBNmT6zRd5un8_rLfwhIMUht_J_gUpMrica_XGNCL7m...
  • https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3=
  • https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH
  • https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
90 KB
90 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
cb2d09d77aaa81776acbc152f677a37709edfd32feb9692166da136ef2dfa0b9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 16:07:29 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

content-length
0
date
Tue, 17 Dec 2024 16:07:29 GMT
location
https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
server
nginx
vary
Origin
x-frame-options
DENY
revopush_v2.js
80884c5e00.news-byikivu.info/ 		107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://80884c5e00.news-byikivu.info/revopush_v2.js
Requested by
Host: 80884c5e00.news-byikivu.info
URL: https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

content-encoding
gzip
etag
"675aaa75-8ba3"
accept-ranges
bytes
content-length
35747
date
Tue, 17 Dec 2024 16:07:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
process.js
80884c5e00.news-byikivu.info/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://80884c5e00.news-byikivu.info/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Requested by
Host: 80884c5e00.news-byikivu.info
URL: https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
db7ad9b5a401c5da8219aa728ebc6b693bc29d0f8085b5fecdebfccc76365761

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma
no-cache
expires
0
date
Tue, 17 Dec 2024 16:07:29 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
nginx
landsw_v2.js
80884c5e00.news-byikivu.info/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://80884c5e00.news-byikivu.info/landsw_v2.js
Requested by
Host: 80884c5e00.news-byikivu.info
URL: https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

content-encoding
gzip
etag
"675aaa75-2a3c"
accept-ranges
bytes
content-length
10812
date
Tue, 17 Dec 2024 16:07:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
truncated
/ 		40 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02460e3b10b0a6d50bccf0764fd0e66f4694a1fd66c0e9b4cc6a8a26c70d1468

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
314.js
80884c5e00.news-byikivu.info/ 		96 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://80884c5e00.news-byikivu.info/314.js
Requested by
Host: 80884c5e00.news-byikivu.info
URL: https://80884c5e00.news-byikivu.info/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
144.76.106.61 Hamm, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.61.106.76.144.clients.your-server.de
Software
nginx /
Resource Hash
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

content-encoding
gzip
etag
"675aaa75-2e5f"
accept-ranges
bytes
content-length
11871
date
Tue, 17 Dec 2024 16:07:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://80884c5e00.news-byikivu.info/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 16:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:07:29 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 14:35:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
show.partners-show.com/api/v1/inpage/show/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&limit=1
Requested by
Host: 80884c5e00.news-byikivu.info
URL: https://80884c5e00.news-byikivu.info/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:13b:13e7::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
48885b6f09bd6adc26af0b293e3cdd3d160e417ef9a47580ae78c612bd5c8ccb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://80884c5e00.news-byikivu.info/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
close
Access-Control-Allow-Origin
https://80884c5e00.news-byikivu.info
Date
Tue, 17 Dec 2024 16:07:30 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://80884c5e00.news-byikivu.info
Referer
https://fonts.googleapis.com/

Response headers

age
275242
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://80884c5e00.news-byikivu.info
Referer
https://fonts.googleapis.com/

Response headers

age
25252
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:06:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:06:38 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9852
x-xss-protection
0
server
sffe
pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain
  • https://img.cdn.house/i/1/aRinR9norm_OHy0CblsChZRCDRW_cCV1i26HV5KTaqQQDG6JviezayvKUseF-Ch798vQLzZzFglePtBpT5DP15DJNTkikPqFNVL3XVI3LuAwI9Kmp1nyPdE7RRfup-vIrFUrOkgYkoL1FYwwwjx2lrOqH7mfYql49jWwcSqskEl...
  • https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJmaSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
  • https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
Protocol
H2
Server
193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
133-118-108-193.clients.gthost.com
Software
MinIO /
Resource Hash
2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://80884c5e00.news-byikivu.info/

Response headers

etag
"5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options
nosniff
x-amz-bucket-region
eu-west-1
date
Tue, 17 Dec 2024 16:07:30 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 19:56:42 GMT
vary
Origin, Accept-Encoding
x-amz-id-2
aa035ed9341bcb4d51e1f9d7818ca90eec60261354b87fa2e4d17e04ccf6bcd3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
181202963A82A551
x-ratelimit-remaining
18395
accept-ranges
bytes
x-amz-meta-mm-source-mtime
2024-06-25T19:56:41.809Z
content-length
76175
x-xss-protection
1; mode=block
x-ratelimit-limit
18403
server
MinIO

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I77SvFTDwcAVrf5BhNJiUEXMm4HlvyD82nrOdY6qX74DBYau6QNAh5CQwAN6oNuI50ypqyVUGupzeomv%2BPjg9byErxRJNTbpwNPNZM2soYPGM5vRVu%2BcVkiR4gI4"}],"group":"cf-nel","max_age":604800}
cf-ray
8f382a9ef829ef99-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46926&min_rtt=46920&rtt_var=17606&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4151&recv_bytes=5184&delivery_rate=68452&cwnd=12000&unsent_bytes=0&cid=920d1e44e55b5314&ts=108&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 17 Dec 2024 16:07:30 GMT
server
cloudflare
priority
u=1,i
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://80884c5e00.news-byikivu.info
Referer
https://fonts.googleapis.com/

Response headers

age
51885
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
/
54bf77a20b.news-bnotusi.today/ 		90 KB
90 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1
Requested by
Host: 80884c5e00.news-byikivu.info
URL: https://80884c5e00.news-byikivu.info/revopush_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
5248d2df7a7ddcafefa3d6c34ca7dec0a2a21a2ec1d9bfe465f124cad39855ce
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://80884c5e00.news-byikivu.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 16:07:32 GMT
server
nginx
vary
Origin
x-frame-options
DENY
revopush_v2.js
54bf77a20b.news-bnotusi.today/ 		107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54bf77a20b.news-bnotusi.today/revopush_v2.js
Requested by
Host: 54bf77a20b.news-bnotusi.today
URL: https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1

Response headers

content-encoding
gzip
etag
"675aaa75-8ba3"
accept-ranges
bytes
content-length
35747
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
process.js
54bf77a20b.news-bnotusi.today/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54bf77a20b.news-bnotusi.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Requested by
Host: 54bf77a20b.news-bnotusi.today
URL: https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
25438536547f4e296d5e01caa4569ccb4f70e89f9270731af093fa991fd1dd9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma
no-cache
expires
0
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
nginx
landsw_v2.js
54bf77a20b.news-bnotusi.today/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://54bf77a20b.news-bnotusi.today/landsw_v2.js
Requested by
Host: 54bf77a20b.news-bnotusi.today
URL: https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1

Response headers

content-encoding
gzip
etag
"675aaa75-2a3c"
accept-ranges
bytes
content-length
10812
date
Tue, 17 Dec 2024 16:07:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
truncated
/ 		40 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02460e3b10b0a6d50bccf0764fd0e66f4694a1fd66c0e9b4cc6a8a26c70d1468

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
314.js
54bf77a20b.news-bnotusi.today/ 		96 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54bf77a20b.news-bnotusi.today/314.js
Requested by
Host: 54bf77a20b.news-bnotusi.today
URL: https://54bf77a20b.news-bnotusi.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1

Response headers

content-encoding
gzip
etag
"675aaa75-2e5f"
accept-ranges
bytes
content-length
11871
date
Tue, 17 Dec 2024 16:07:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://54bf77a20b.news-bnotusi.today/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 16:07:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:07:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 15:56:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
show.partners-show.com/api/v1/inpage/show/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&limit=1
Requested by
Host: 54bf77a20b.news-bnotusi.today
URL: https://54bf77a20b.news-bnotusi.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1c1e:e2b3::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
91b0e0cda7ceffba648fae1c008d4b1e0abb35478b10ec3d24f431d312d2386c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://54bf77a20b.news-bnotusi.today/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
close
Access-Control-Allow-Origin
https://54bf77a20b.news-bnotusi.today
Date
Tue, 17 Dec 2024 16:07:31 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://54bf77a20b.news-bnotusi.today
Referer
https://fonts.googleapis.com/

Response headers

age
275243
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://54bf77a20b.news-bnotusi.today
Referer
https://fonts.googleapis.com/

Response headers

age
25253
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:06:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:06:38 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9852
x-xss-protection
0
server
sffe
pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain
  • https://img.cdn.house/i/1/YvDwRA-8TH_0OvSYgVJCPz0x8guudVx_0DqOqa3AN5FTwOuSBj58zcHij3kPrFlJBKM0w6K6r421J3QfiifDBHmCF_u8vcHqL4hKo97sgjtwI153OkGzHcmIIyw9gsk1qh67wR8ZMvA4rwTIQkgL5b7U-JvzjqhvhUh4uT0OmCq...
  • https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJmaSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
  • https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
Protocol
H2
Server
193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
133-118-108-193.clients.gthost.com
Software
MinIO /
Resource Hash
2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://54bf77a20b.news-bnotusi.today/

Response headers

etag
"5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options
nosniff
x-amz-bucket-region
eu-west-1
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 19:56:42 GMT
vary
Origin, Accept-Encoding
x-amz-id-2
93ade867426f22c9af24553fc581cd6e641795b673c146950d7049946d0205dd
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
18120296913D36C6
x-ratelimit-remaining
17849
accept-ranges
bytes
x-amz-meta-mm-source-mtime
2024-06-25T19:56:41.809Z
content-length
76175
x-xss-protection
1; mode=block
x-ratelimit-limit
17856
server
MinIO

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtS%2BRIZ6FK0zXpjSPdI%2BgUE5Htq6VDIH3OYofigGqc4TXT6crpxDa2pq9OStq5mgazS7IVniwy%2FQhcDcoXWVrA0gB3fNlwgCg4p%2FNvYYzBEVb9G4xNZIppNqirVz"}],"group":"cf-nel","max_age":604800}
cf-ray
8f382aa8bc4bbf45-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47192&min_rtt=47063&rtt_var=17740&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4135&recv_bytes=5186&delivery_rate=66779&cwnd=12000&unsent_bytes=0&cid=a1853f7089a0ed3d&ts=97&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 17 Dec 2024 16:07:32 GMT
server
cloudflare
priority
u=1,i
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://54bf77a20b.news-bnotusi.today
Referer
https://fonts.googleapis.com/

Response headers

age
51886
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
Primary Request /
3a815baea2.news-bnugari.today/ 		28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Requested by
Host: 54bf77a20b.news-bnotusi.today
URL: https://54bf77a20b.news-bnotusi.today/revopush_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
01f6583714fc84afe47d32e10da85d69bb5aa5eb05085a4734cafb632f535b7f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://54bf77a20b.news-bnotusi.today/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 16:07:32 GMT
server
nginx
vary
Origin
x-frame-options
DENY
revopush_v2.js
3a815baea2.news-bnugari.today/ 		107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3a815baea2.news-bnugari.today/revopush_v2.js
Requested by
Host: 3a815baea2.news-bnugari.today
URL: https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

content-encoding
gzip
etag
"675aaa75-8ba3"
accept-ranges
bytes
content-length
35747
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
process.js
3a815baea2.news-bnugari.today/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3a815baea2.news-bnugari.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Requested by
Host: 3a815baea2.news-bnugari.today
URL: https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
ac65f8bbfc1e553315ace4f42a7eb8ffda72dc082d9635d41caa32de9a8902f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma
no-cache
expires
0
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
nginx
landsw_v2.js
3a815baea2.news-bnugari.today/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://3a815baea2.news-bnugari.today/landsw_v2.js
Requested by
Host: 3a815baea2.news-bnugari.today
URL: https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

content-encoding
gzip
etag
"675aaa75-2a3c"
accept-ranges
bytes
content-length
10812
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d124980feada063410783226ccda3d08fb449900fd910e54b9daab6a5e8402b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
314.js
3a815baea2.news-bnugari.today/ 		96 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3a815baea2.news-bnugari.today/314.js
Requested by
Host: 3a815baea2.news-bnugari.today
URL: https://3a815baea2.news-bnugari.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

content-encoding
gzip
etag
"675aaa75-2e5f"
accept-ranges
bytes
content-length
11871
date
Tue, 17 Dec 2024 16:07:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 16:07:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 16:07:33 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 14:34:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
show.partners-show.com/api/v1/inpage/show/ 		4 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&limit=1
Requested by
Host: 3a815baea2.news-bnugari.today
URL: https://3a815baea2.news-bnugari.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1c1e:e2b3::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d57b08204b6875eed1082db0caf9e015380f1063a2b290ac65f83178a7511c2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://3a815baea2.news-bnugari.today/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
close
Access-Control-Allow-Origin
https://3a815baea2.news-bnugari.today
Date
Tue, 17 Dec 2024 16:07:33 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
v_F.ico
3a815baea2.news-bnugari.today/lands/8/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://3a815baea2.news-bnugari.today/lands/8/v_F.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
65.109.24.247 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.247.24.109.65.clients.your-server.de
Software
nginx /
Resource Hash
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e

Response headers

accept-ranges
bytes
content-length
1150
date
Tue, 17 Dec 2024 16:07:33 GMT
etag
"675aaa75-47e"
content-type
image/x-icon
last-modified
Thu, 12 Dec 2024 09:18:45 GMT
server
nginx
pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain
  • https://img.cdn.house/i/1/k02WqJD44Cz5yYSzsn3LLSTBHWeNxYY7nJR3YmZCE4mIQXvD4Cd29QAdNsTuOuEW0bRKx02c8bq1rbutk1hrUkVxavR3_Vy2da873T38odOEoMbPtbYA2QwVl9U1ennrn6uKU5kcIA35lyi4H8Z2pznDnHNBaUy-SAAgwip4_cp...
  • https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJmaSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
  • https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
Protocol
H2
Server
193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
133-118-108-193.clients.gthost.com
Software
MinIO /
Resource Hash
2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://3a815baea2.news-bnugari.today/

Response headers

etag
"5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options
nosniff
x-amz-bucket-region
eu-west-1
date
Tue, 17 Dec 2024 16:07:33 GMT
content-type
image/png
last-modified
Tue, 25 Jun 2024 19:56:42 GMT
vary
Origin, Accept-Encoding
x-amz-id-2
aa035ed9341bcb4d51e1f9d7818ca90eec60261354b87fa2e4d17e04ccf6bcd3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
18120296E84221B7
x-ratelimit-remaining
18394
accept-ranges
bytes
x-amz-meta-mm-source-mtime
2024-06-25T19:56:41.809Z
content-length
76175
x-xss-protection
1; mode=block
x-ratelimit-limit
18403
server
MinIO

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWkyQ%2BFkNiTNSJWDVdfpnQMhvsmAXCB9tkkS6PTge4jww1CMCBK1FGIgKKwT9IkmVh1Riec6w18WxfcKguSceZsnbwzJSv21IImdtzPPyGvUYFokhJWNQ7u%2Bxwl8"}],"group":"cf-nel","max_age":604800}
cf-ray
8f382ab1d993c41c-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47187&min_rtt=46862&rtt_var=10157&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4161&recv_bytes=5274&delivery_rate=12419&cwnd=12000&unsent_bytes=0&cid=2f418f4865f64d02&ts=99&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 17 Dec 2024 16:07:33 GMT
server
cloudflare
priority
u=1,i
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://3a815baea2.news-bnugari.today
Referer
https://fonts.googleapis.com/

Response headers

age
51888
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://3a815baea2.news-bnugari.today
Referer
https://fonts.googleapis.com/

Response headers

age
275245
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _GLOBALS function| a2_0x4132 function| a2_0x3ac6 object| webpackChunklands_static string| userCustomRedirectUrl function| a9_0x205b function| a9_0x498b object| _PHV2SITE object| _phv2Activator

2 Cookies

Domain/Path Name / Value
partners-tds.com/ Name: _subid
Value: uni5ir1bvuqdq
partners-tds.com/ Name: 933eb
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0NDUxNjQ4fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0NDUxNjQ4fSxcInRpbWVcIjoxNzM0NDUxNjQ4fSJ9.rcXE8t1WASxWBfBlHxVXmoaR9DUjHb4s3S9xBhdBfag

3 Console Messages

Source Level URL
Text
rendering warning URL: https://80884c5e00.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000330804360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://54bf77a20b.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e&fingerprint=f8398e2a38c17927de7e236d1c7abfb1
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000E20104360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://3a815baea2.news-bnugari.today/?fingerprint=f8398e2a38c17927de7e236d1c7abfb1&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=0710e6c3-cf96-4faf-a131-77b93e99589e
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A020620104360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a815baea2.news-bnugari.today
54bf77a20b.news-bnotusi.today
80884c5e00.news-byikivu.info
epicdn.net
epics3.net
fonts.googleapis.com
fonts.gstatic.com
img.cdn.house
news-xpatado.com
partners-tds.com
phfrance.com
show.partners-show.com
136.243.42.50
142.202.51.61
144.76.106.61
148.251.139.99
148.251.85.93
188.114.96.3
188.114.97.3
193.108.118.133
193.108.118.16
216.58.206.35
2a00:1450:4001:829::200a
2a01:4f8:13b:13e7::2
2a01:4f8:151:90ea::2
2a01:4f8:1c1e:e2b3::1
5.9.65.244
65.109.24.247
01f6583714fc84afe47d32e10da85d69bb5aa5eb05085a4734cafb632f535b7f
02460e3b10b0a6d50bccf0764fd0e66f4694a1fd66c0e9b4cc6a8a26c70d1468
23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2
25438536547f4e296d5e01caa4569ccb4f70e89f9270731af093fa991fd1dd9b
2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf
48885b6f09bd6adc26af0b293e3cdd3d160e417ef9a47580ae78c612bd5c8ccb
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
5248d2df7a7ddcafefa3d6c34ca7dec0a2a21a2ec1d9bfe465f124cad39855ce
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
91b0e0cda7ceffba648fae1c008d4b1e0abb35478b10ec3d24f431d312d2386c
ac65f8bbfc1e553315ace4f42a7eb8ffda72dc082d9635d41caa32de9a8902f3
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
cb2d09d77aaa81776acbc152f677a37709edfd32feb9692166da136ef2dfa0b9
d124980feada063410783226ccda3d08fb449900fd910e54b9daab6a5e8402b0
d57b08204b6875eed1082db0caf9e015380f1063a2b290ac65f83178a7511c2f
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db7ad9b5a401c5da8219aa728ebc6b693bc29d0f8085b5fecdebfccc76365761
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855