e712b85e91.news-bnukeju.live Open in urlscan Pro
193.108.117.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://phkazakhstan.com/t/b3ytewectssk3hitqJ1Ngj0tOW9bjbEko6SiZixH4Zs837yZBXnBRXDWurrvIGEG4b018JhPZKMgaP1oDJ-9ZgVI4cYUJ7...
Effective URL:
https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_P...
Submission: On December 17 via api (December 17th 2024, 3:01:30 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 193.108.117.211, located in Frankfurt am Main, Germany and belongs to AS-GLOBALTELEHOST, US. The main domain is e712b85e91.news-bnukeju.live.
TLS certificate: Issued by E5 on December 5th 2024. Valid for: 3 months.

This is the only time e712b85e91.news-bnukeju.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:4f8:10b:... 2a01:4f8:10b:285b::2	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	142.202.51.61 142.202.51.61	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1 1	144.76.106.61 144.76.106.61	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
12	193.108.117.211 193.108.117.211	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a01:4f8:13b:... 2a01:4f8:13b:13e7::2	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	178.63.48.167 178.63.48.167	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
3 3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	193.108.118.133 193.108.118.133	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	193.108.118.16 193.108.118.16	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
2	2a01:4f8:13a:... 2a01:4f8:13a:44b::2	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	148.251.85.93 148.251.85.93	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
5	23.158.56.201 23.158.56.201	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1	2a01:4f8:c2c:... 2a01:4f8:c2c:faef::1	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	176.9.17.3 176.9.17.3	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	5.9.110.111 5.9.110.111	() ()
48	10

1 2a01:4f8:10b:285b::2 (Ehingen, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

phkazakhstan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.202.51.61 (London, United Kingdom) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 61-51-202-142.clients.gthost.com

partners-tds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.106.61 (Hamm, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.61.106.76.144.clients.your-server.de

news-xpatado.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 193.108.117.211 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 211-117-108-193.clients.gthost.com

94a6027010.news-byikivu.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e712b85e91.news-bnukeju.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:13b:13e7::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.48.167 (Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-182.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

epicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.108.118.133 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 133-118-108-193.clients.gthost.com

epics3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 193.108.118.16 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com

82223f5b3a.news-bnotusi.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:13a:44b::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.85.93 (Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-114.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.158.56.201 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com

350552f44f.news-bnugari.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c2c:faef::1 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)

show.partners-show.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.17.3 (Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-76.t.push.house

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

epicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.110.111 (None, ) 1 redirects

ASN- ()

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	news-bnotusi.today 82223f5b3a.news-bnotusi.today	85 KB
9	gstatic.com fonts.gstatic.com	155 KB
6	news-bnukeju.live e712b85e91.news-bnukeju.live	94 KB
6	news-byikivu.info 94a6027010.news-byikivu.info	94 KB
5	news-bnugari.today 350552f44f.news-bnugari.today	166 KB
4	epics3.net epics3.net — Cisco Umbrella Rank: 245117	225 KB
4	epicdn.net 4 redirects epicdn.net — Cisco Umbrella Rank: 185728	3 KB
4	cdn.house 4 redirects img.cdn.house — Cisco Umbrella Rank: 11156	4 KB
4	partners-show.com show.partners-show.com — Cisco Umbrella Rank: 26775	13 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
1	news-xpatado.com 1 redirects news-xpatado.com	187 B
1	partners-tds.com 1 redirects partners-tds.com	752 B
1	phkazakhstan.com 1 redirects phkazakhstan.com	363 B
48	13

	Domain	Requested by
10	82223f5b3a.news-bnotusi.today	94a6027010.news-byikivu.info 82223f5b3a.news-bnotusi.today
9	fonts.gstatic.com	fonts.googleapis.com
6	e712b85e91.news-bnukeju.live	350552f44f.news-bnugari.today e712b85e91.news-bnukeju.live
6	94a6027010.news-byikivu.info	94a6027010.news-byikivu.info
5	350552f44f.news-bnugari.today	82223f5b3a.news-bnotusi.today 350552f44f.news-bnugari.today
4	epics3.net
4	epicdn.net	4 redirects
4	img.cdn.house	4 redirects
4	show.partners-show.com	94a6027010.news-byikivu.info 82223f5b3a.news-bnotusi.today 350552f44f.news-bnugari.today e712b85e91.news-bnukeju.live
4	fonts.googleapis.com	client
1	news-xpatado.com	1 redirects
1	partners-tds.com	1 redirects
1	phkazakhstan.com	1 redirects
48	13

This site contains no links.

Subject Issuer	Validity	Valid
*.news-byikivu.info E5	`2024-12-05` - `2025-03-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
show.partners-show.com E5	`2024-12-12` - `2025-03-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.news-bnotusi.today E5	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.news-bnugari.today E6	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.news-bnukeju.live E5	`2024-12-05` - `2025-03-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Frame ID: 31F60A743E5E26D07826F1855B02DD18
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Нажмите на кнопку «Разрешить» для воспроизведения видео

Page URL History Show full URLs

https://phkazakhstan.com/t/b3ytewectssk3hitqJ1Ngj0tOW9bjbEko6SiZixH4Zs837yZBXnBRXDWurrvIGEG4b018JhPZK... HTTP 302
https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3= HTTP 302
https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH HTTP 302
https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b... Page URL
https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3... Page URL
https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=... Page URL
https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=... Page URL

Page Statistics

48
Requests

92 %
HTTPS

44 %
IPv6

13
Domains

13
Subdomains

10
IPs

3
Countries

836 kB
Transfer

1696 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://phkazakhstan.com/t/b3ytewectssk3hitqJ1Ngj0tOW9bjbEko6SiZixH4Zs837yZBXnBRXDWurrvIGEG4b018JhPZKMgaP1oDJ-9ZgVI4cYUJ7vQAG2lgsueEYSXDhPBgK6X2O2SHSijnHmot_e-DjCohj3D9m4lD71JKSlp98LaLsMzE19WdiXb5lZTAoR_cANlvD98IVJg9ugi8B5vR7UK8JRIg9jbZ_gpJGrtSj6DOnFvumKtpRPVFMYM35UnXWQSdpIQTSkk5OkL6COQKIRmSgdnjpQYWWH6VxAPlNp9Iaa41iZ0Ylt-YUB1UJQ-DPpQekAzFDbS0QvBj_2KS2pgT2mb7_LSjX0v5dMWQrQmo7KsN HTTP 302
https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3= HTTP 302
https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH HTTP 302
https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd Page URL
https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43 Page URL
https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd Page URL
https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://phkazakhstan.com/t/b3ytewectssk3hitqJ1Ngj0tOW9bjbEko6SiZixH4Zs837yZBXnBRXDWurrvIGEG4b018JhPZKMgaP1oDJ-9ZgVI4cYUJ7vQAG2lgsueEYSXDhPBgK6X2O2SHSijnHmot_e-DjCohj3D9m4lD71JKSlp98LaLsMzE19WdiXb5lZTAoR_cANlvD98IVJg9ugi8B5vR7UK8JRIg9jbZ_gpJGrtSj6DOnFvumKtpRPVFMYM35UnXWQSdpIQTSkk5OkL6COQKIRmSgdnjpQYWWH6VxAPlNp9Iaa41iZ0Ylt-YUB1UJQ-DPpQekAzFDbS0QvBj_2KS2pgT2mb7_LSjX0v5dMWQrQmo7KsN HTTP 302
https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3= HTTP 302
https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH HTTP 302
https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Request Chain 9

https://img.cdn.house/i/1/aFQ_2vhA6-vgBTyOjF1FefcHZKKzSKTqvMSPa3dKlGpPQziMfP92tmnbk5jucXh1mqj7kHwuW5i54LBdultwF8jqYwW-l1X1ujrnFsGPmDa1yfoiMbBovFe7XV2a300qlQMkOFL8L-cKBIv196eVzOD6uryDpORGtrDqRqJPnfNUxFFvCZE34e3EqsJdUPbiwO4BU1fKXT08e1XB1wjRyUxPzsN4exVu4RdIOcHdY5wGwZe0-JOUAjkcL4nFqGTJbqWB6O5v-1Fx2wakfF3IGO8keUxJhoelJY0kKXuMYRyrUY1C-ZrlI7-Ok8WmKSDZdSyc9_eTkv_VUkG9Y9a4fKT-Zljug3uD_gbPmiMU-Vyab9WggVMs6XMxig48_6qqcqWqlTcPxzTOEm9co4lA1_xq_kL7QGmGzYiUssLu0TI9nqrutZPAQnVuDWhhJHBO6TH_b4YKGKElNt166xEARZrEPhWXFr59hkNLAnTPmPeEBA2afa0U6hm2xWtSdiXiRYfPOqyICSjV5G1e-73yGL69PhCsSRCynjyeyZw71pVVp9dGNnloLMpM-VUj_-iU26RqaT1tk1IOz3vVWyXfxemaOb5EHkibX72D9AARKJ-n0Vc2jxzWQHa3kYfllOjlNIi7kKqFcmnIHc8PQjzJYuOzn7ogV4fJhfMcflln-SHQuhNzZQS3XgLfdaLxc3ByvCDqOhRUUCgNahLUX6zAxZLdVcZCUqGUaLp19piZgyIZVoegTwZjro1fGfOnTMue8p9Fh7DDXE8Vw8jZNXqkPFYQ5L1H-0D-2C5dRUt3ImsZ1iJdXNvfD0s_fzpvAjDYv_rpIaBzn_BJqMg3Gu9OSUhZDXmqGzCnJJndn2oMM1IXwsvenPLqC1Ok62N0nMHUWFomaKV1C6Tthu6mDRRhiZIYMtt_0veSLQXi1n11allHnWarDxYhAJGLO03sLD8RhD_lE_CvwPUUfWqcyC39tRtyMCcP7WeHMqb7YCwNIhBfWpxBb6kWbJ6N4lt6YSeOIpZz7prnC6nV9P7HUiB7NLBq_1qDaxmh9iFHb25D_g9rX9cpIQFIT1I2gC3TiVM_huhobTur0loYbWmoyZxptsNQ5L2cqt_Ig-e06WJxcJV5BM8N2sZo80WnrrFmPq_5RMSEcrmlRNkxYHu7E8LZPSBd4hyGsWnvMzrI4-9PpHbdWttSAvojiwqdFOVDip6v0KguWI73RTxSaNcradxvPI9fSKDpylkyQOFDVZsQizSDuScmpy4x_KY3Ar5CpRugpp8UGyx9_yaW6LDRpXb0brYImYsEsQuoDOUlNxA43zq4yXmXvGhZ2SsHZS8wQdMw_W6DTq6aqlpi7B6RG-1S-V0nlad1v40c4COwyRniFNQu5tJevRd63Q2C3TiG7rR0e8ws3FoLyzObm4mYGEM3b6htK4xWqWO_QpWzpSNAEPta5U85R1tXf5QNAZMokwXrkTVfs-lQD0ZQriMl-iVepBOt6fgUYpjN0fO0Ei2itykat6KsaJcMaEDuHvYKyxZb9y9FoSelnXs3v057KpUKhyh_aGf4Cfy_8VUbEXAqHu9tlRsQTRz7oii8a7LIhWUr6rgegHruvfU_JHbjbiCG3XyIyvJcqdYXQr2nl0pRKOW-zT5W3yU=?inpage.template=retro_main HTTP 307
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6MCwiY2xpY2tfcHJpY2UiOjAuMDAwMSwiY29ubmVjdGlvbl90eXBlIjoiV2lGaSIsImNvdW50cnlfaXNvIjoiREUiLCJkZXZpY2VfdHlwZSI6IkRlc2t0b3AiLCJkc3BfaWQiOjIsImZvcm1hdCI6IkluUGFnZSIsImlfdCI6MTczNDQ0NzY4NCwiaWNvbiI6ImEvaW1nLzcwLzEyNC8zOTEvcFNRcmw1ZmwxOWxSMEJBdnFhdlVFWGJ6N3NveGRicEE0cGlVMVpwTS5wbmciLCJpcCI6IjIwMDE6MWI2MDoxMDEwOjM6MTAxMjplZGYyOmU4YjI6OGMxNyIsImlzcCI6IktleXdlYiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDQ3Njg0LCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Request Chain 24

https://img.cdn.house/i/1/3ToulyWVsMX-iAo2oIcIOuypXmcv1I6BUWffueTCP8FYNCz9qqRjxbGOrNxJ333aw5BZ9DUROkjpqnT8Pd5tCrUCFWdK_k5M0hVZB2pLrJzCzGGhqnxqOi5NPxCg9Fhul79auBIeb-Jw4TRe_cC2JSAjOBqy8CtsiyzHRjYDsU9FjtiF66gZQnvlE0DBcMofKROMUGt0mpPBjbBDwa7EYnEueni9z_35ZIdtqivgQFhZ73AnkXsASYpptGr9hpk-xGc7UGIWDFVVfaZy0OGD3XNpQ-dlczktStxjekvdqXZ6-ZNXrLT8UjR1m0q9uTzf6nbYnR-4BLm5KWbSxqUiWh4fqemFAoJlmiEKxfjrMaSBG73aXqNirnsBl6ZX8fS8E679LnWt6RF5P91nNCOWImdQtFpxn7I--wnYU-T9ff4u7lSsjlhGKk5VGFNaGlqtME-eDYKny_7rr7ExQtnqukgH60lW9AietTcDbraqniuLzNyko2rq_VBGvVZyzKNESoJCfkTx8zT7_69JDlLpS1fqEVncF4rS_h8BZLzC6hNohadyDibOQWbtBH2xp3Et0jwa7mdIa73YkUnUPw0qonXtRS-KFQHLwM3YV94S6Ov9dISlaiCWTv6XpsVPjJNNNJT1lX2xoSiIXZooT5AdXTJnsNgvcm6oU0bMYMvtfD5QvNEeZp-7ygDFUhF-Ko0pxJIP3jDj4shTvbzxlrRs0_xyoaukDR2LI7jK8QYso93bFRScPOeiqlv9XZg7zJEDkRu_w--3k6ExPHzjgto4xooqMtGXed1DrbrhyoZbAKyI7k5VNE_y7cgE8VqnCbp9BLRNaN49OYGXf1fNNfWF3fs5NnZgAbvFjSCGtPme6LsP_-I_1qnKUURtfTkChZ3bZstYZdOmsw69cxrX5Q8U9EWfZ-HJWdoAHPlN2WhGQ9d4Yw2zLX8_BHQ9zGbJCIjnQP6sAQPQMrbAErtYM1zJvnHg267U1wWvhhtZ0FERKTHkwxUuCnxKGOJoW0T-5GWFv5ZmZ9Ag-WQ7Q7axh2m2igevh-9uasW7Gqc9Vo4XmjO0VMDBUNzzzjHkglLAil_wta-y0HNaMolRd_bK-y7_boR9ylofNHo5pzVVK3dAtZvx1o0_qtdaV7eQF3LrzG9ST3_4ohTad6RZJckT6KnTiRcS2JEkxIbs2n7Guj8zWvA-wQbRIM68KuszbFoCTugHQ0mdh8Rp7T4CRZDgY-4nv2bP_cI6cbpSn7TeBuZK0pqmbNHkHO5TglGbtCq2GUpXXf3_sRYjPM_LzPR65J7FBUQEqteDowzPySix9fKo8wyuEMGV3n-OaZNFWmEtN3CfzgqCIt_Us67MsTmE83uwPf3G4OrEV7kicPqHoGizqoqymtxoJBEDPldiIA4tSYwKBcTeSbPRPjiqpD6SAbf7nzP_BaWURZ4e4DbOgOy30j9ii_pehOHpXVwKETpceLQKSTAbzmIkgNhDW_sPU0BAPqc_9MnCfe8pWY4vtrCxsfZAQgCU7gnxt4LuXabCBTD5OfAomyTh0sNbsIHZYkYDXxyWhgzpxeFkdtcrEN3nb8NcswVuVa442XM5sgqM6TJ2yz7GDcsbGuiUazCYYGM2grtQZh926pnB4B3fYTvQSZTDFq6pkIUP?inpage.template=retro_main HTTP 307
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6MCwiY2xpY2tfcHJpY2UiOjAuMDAwMSwiY29ubmVjdGlvbl90eXBlIjoiV2lGaSIsImNvdW50cnlfaXNvIjoiREUiLCJkZXZpY2VfdHlwZSI6IkRlc2t0b3AiLCJkc3BfaWQiOjIsImZvcm1hdCI6IkluUGFnZSIsImlfdCI6MTczNDQ0NzY4NiwiaWNvbiI6ImEvaW1nLzcwLzEyNC8zOTEvcFNRcmw1ZmwxOWxSMEJBdnFhdlVFWGJ6N3NveGRicEE0cGlVMVpwTS5wbmciLCJpcCI6IjIwMDE6MWI2MDoxMDEwOjM6MTAxMjplZGYyOmU4YjI6OGMxNyIsImlzcCI6IktleXdlYiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDQ3Njg2LCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Request Chain 37

https://img.cdn.house/i/1/RWuRdRFPyIQFDUlWBbHtejDwNVmczyGB7JPM1PL9VadbTvVbOqDwFkm7epXf56y1KSGFy4CokD-E2Pq3wuVVD7c2F7t8i2kWQzGmp35PP49Z5oqBzxtcrBP-lsFKq1mzgfTwOlpX2pJHHE0qkD3J8cKOeP9mJuZM7D0ywkD0TiWDVIbCDOPxLFta5CYxnTnfhmfzOMuKezGWMvGaqcvcuBYCJzbuj6j3z6KV545IqOfIAYCwPBYNfI480Z6f5jhAdYuHk1TKcBlQeJfRuUsdBaljoYOxPBToMqHcjDwSwdASIJZnxtB5au6KSvP2m8yx8-00FWCRIl2jyJVBrt9zhvmCQXyQhuNC86-Euk8a2PtUUsWbkDdi-D0jb1I9ERKWA_0Ux7AZPJuhX7Dn1sLf2eOPOQGa5hywagtr5rPnAuWvTHHvr58536g7NJ6hgL6VuXKaDX6WPs-f31NUMewQyxQmF6ZnyG-5MKPvSu6A6aEfjLkVRJTD2OAU5z1kOmRMlxl05YCOJ85WvmqHd9ytaB8ibC9RRFeP48IMgmU7FUhl9AAsmwtASPtMBjAUZgFmIv1jUEq0EYcMgU_mCRo629kcUBium2ixxvjCyKA7V92rppB4TIG-4NkZSlP3l5YfMXkrflf5eypQKqd85fO4LpG-ZoimU7XlP73Aymnhsa0pvuls0e7hn1Owu72l5X1MJhtZLaBk5HM6CdzREAJ-4j253HOLzGwRklZdLwvuGkHekKYxxtN-CvzBhQmIx6wa9hLRbOCrRn8OT31D3DOMdbSKEM6Vw0ujP3KjGiigdQUguPdkms5S2z7m9z1gK2xW-TjKxiRmwnEJFz7cUUtqKJpEf4KKsPgWPDMUMdk2uLQMFhye82lI9Qr4QTybYhz1XfFvP2yJQ4cycSwnCquUoEBxGP8kcvcdY5FjkyDPO82D04Wq7zVQ8QJoaWHaZrGY6YbeUZjJLx89no2d9C1RO7lN_fNW0BVb_9aSJVY-fTayJIcPTlviRSvwtz3RaZ_oqfOgu4L0571fuPKiDTHTodUrKXaXe0cCsx4OFa6cBnCeejKb4CzcVgIirfK6Z7QsoxGsbFWH2977Ig23C9EQZI1TLaYuF491oK-gfoqJnpEs_4HvyEe4il6guPhqUWr9si4x4ACFJap5ahXhsJ6bWoqNhqAhRv5n2kLWpGzfWilpFadsvyIldAkWzt2WU5o6EtN7d4UtEdkr-1DjBQYlqL5tarKAgp2tMlOyBq58ItfbjBwKB-5M7BByWk97b1J6IwbyP4irgnNO3RHkcm37dfILCnMlQOnPh7FAkhMEACbvgH9W9EH6dxm_JrzVAFcgZ6F01MnkoS3iMwpqwPrk6TgVUaMZMrt2LrGfAz1mMpCrFenLGf48CD3U66CFizYCJwTZJ-v2-Jc_YozrXoJQ0cVUnEXBIFi6JjWkxUpPJjgXTuwyfPuSw8lFPkMa9YX3l01H4b681aW2VNuL6RSHQr-_HmIObgjHCNkLCVRhyKPuGPEgUfz-E6loORI3dAyb0EMGDtL3K0ZFaM6ogs3gzNoqT20MfmL3QQGqCfWV7XjioguNSkPb3L0GOCGknEzNBip4ZRoCcIizizpZqdyZBclNhU8F3LsLOMGdud5ddx62gBkbV2JT?inpage.template=retro_main HTTP 307
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6MCwiY2xpY2tfcHJpY2UiOjAuMDAwMSwiY29ubmVjdGlvbl90eXBlIjoiV2lGaSIsImNvdW50cnlfaXNvIjoiREUiLCJkZXZpY2VfdHlwZSI6IkRlc2t0b3AiLCJkc3BfaWQiOjIsImZvcm1hdCI6IkluUGFnZSIsImlfdCI6MTczNDQ0NzY4NywiaWNvbiI6ImEvaW1nLzcwLzEyNC8zOTEvcFNRcmw1ZmwxOWxSMEJBdnFhdlVFWGJ6N3NveGRicEE0cGlVMVpwTS5wbmciLCJpcCI6IjIwMDE6MWI2MDoxMDEwOjM6MTAxMjplZGYyOmU4YjI6OGMxNyIsImlzcCI6IktleXdlYiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDQ3Njg3LCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Request Chain 47

https://img.cdn.house/i/1/2XLgzN6F1myHM5qv1j8zsMsZ_exgJqOTvN_dqhARZ7rMt-6usIdx7nkEwS8OdL6iLc-ifObhYohr75fTPPaAEu54lRTCKVIYaLWS5rab4Cn59QRhCmnwitLZdQOK2mzG-xRfdpRcd1OfLfCSYlvi2EVgoTDZiYwGa0VXKyy-kqXDAgXbAMv2PYOU8yTiWfLomyqC_3Mlyg2EdzUhepOoyfL5ctW7SHWkj24lrI-yRgYt_SJpXCHUAiZTNKz4Nf8qVlJllNqCzn-jKBwk-lu-cGyg1psSWvulYwxD6rGcmdPnYk-AqtyuQKjRupyQUZeS5x_0lo9or5-z9AZyb38Sn7FAVdUPPnnbkgJOIpxBPRBv3d_-xX3JUpUpe7UemEUHSxVszI6WluWvCTdz0MrF5W820dm_Uw_zq1K1uBf-iOCUNgGl6Jj2WxYKPN767J3dRpkAcaPV4_xfUmCjNM-9TSqvZWv8uZ76bSCkPmWvaLEI3iTDI2yRhWdejzGeXkHMGHBavnRq0uzRje8JEjyKfjTmfMq7C6mzN5ttp6_clk_nnX4jZusJIt2lyg3Cv-fxrrkxrm21Bm3uNnJZFJPPaF6JTtjTrJOXo9_NSkvascKpjBaMMNqhR2BzKKfOKEYSh3jqPW2TxnrUrx6eqYn0hGSyfw-KRolxY9U-UKlC9QXFesliICm7kclc2JbtgncrBsw-jp6viH8uyfofE5CVJhhcUqV-YlL_dcPDOTIFsiJ1fSnFn1lO-OY284J5UoPPvX_DV4A_SaqtsVbHPQI47FVzVrFJucAp0WcQ-6p7oKtsN56BuEBxCvhCphkE7_dynQhfyUlqLiOe8QTm4MeqU7iEY2k5gsHfYZbrpD0lWk1zUHhuZWNfKa0y9q3LK56nhdhRRLAiODj_f5R1k_-I-H0MnAMH0Jn4YzcPQO1nqnMSM4_mOAVGfrwnhHvGcrF9r8YsfzJsLrlv48ukSiYGPUmh-lR3-FaC2FWsiazkTT66rUGhY5AmuC4nf8o2aEChpknsa6cJV8ZeLtE5x20MC9uGFNcHUIEMD0Nznp3wnp39kOYYHzGqm5HBnTD-XcKBUHPWkZvXfOoMrTdJGQDdRF3GhSJmzW7v9lOBulOHRl6kJMtoKKH3yqAscxx4zUB1_msM7AQ66MKKvb7IC4A-GRZLzmQLSHxzlMCyTP_dKhaj0K3eYdMaQFjSY-qvpIV0-NK4Nagp-Ojhx0ebBWGgluAu1UIjHZgWawlOAnCZXq6yVjIMtOANdJWBamEzjklUkSK78eEM1NHM-IDGVQ0YpVzrUd8oj5m2nEdwBdZoROqCZKvFlwZ6EMh4KJgJ_opn4syanifzCt1GAmQ_nphOgW7ePvzqwqKjrkFBkadPmQgK3IUMFvozTNemDv9R3JxdZb5jBlxgafuC5KpN8ou47d4UWCzPuieG6QeAeHb9GNYm-EQWQJpC6JYOvm19TMwJTkqxi4AF1J0A0TGT-RIpJwcizQ3BKsCDuUV1lNomN92bnZfHb89Xbdys8hldNbJF2NkmZR34ZwztkVlF2ypt5GkiYnxdAZ8Ci5NsTI8DiTlEtWxBWjIrYp6MqFtCFPoqTFubqQyZil-Wy3Zq5va1gglQljMAF-sSJKfHSZSRUVyuUJKQxfjA?inpage.template=retro_main HTTP 307
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MSIsImNpdHlfZ2VvbmFtZV9pZCI6MCwiY2xpY2tfcHJpY2UiOjAuMDAwMSwiY29ubmVjdGlvbl90eXBlIjoiV2lGaSIsImNvdW50cnlfaXNvIjoiREUiLCJkZXZpY2VfdHlwZSI6IkRlc2t0b3AiLCJkc3BfaWQiOjIsImZvcm1hdCI6IkluUGFnZSIsImlfdCI6MTczNDQ0NzY4OSwiaWNvbiI6ImEvaW1nLzcwLzEyNC8zOTEvcFNRcmw1ZmwxOWxSMEJBdnFhdlVFWGJ6N3NveGRicEE0cGlVMVpwTS5wbmciLCJpcCI6IjIwMDE6MWI2MDoxMDEwOjM6MTAxMjplZGYyOmU4YjI6OGMxNyIsImlzcCI6IktleXdlYiIsImxhbmRpbmdfaWQiOjAsIm9zIjoiTGludXgiLCJvc192ZXJzaW9uIjoieDg2XzY0IiwicGF5bWVudF9tb2RlbCI6IkNQQyIsInJlZGlyZWN0X3VybCI6IiIsInNvdXJjZV9pZCI6Mzc5LCJzc3BfaWQiOjAsInN1YjEiOiIiLCJzdWIyIjoiIiwic3ViMyI6IiIsInN1YjQiOiIiLCJzdWJzY3JpYmVkX2F0IjoxNzM0NDQ3Njg5LCJzdWJzY3JpcHRpb25faWQiOjAsInRyYWZmaWNfY2hhbm5lbCI6IkRTUCIsInVhX3ZlcnNpb24iOjEzMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2Iiwid2ViX3VzZXJfaWQiOjE0Mn0= HTTP 301
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

48 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
94a6027010.news-byikivu.info/
Redirect Chain

https://phkazakhstan.com/t/b3ytewectssk3hitqJ1Ngj0tOW9bjbEko6SiZixH4Zs837yZBXnBRXDWurrvIGEG4b018JhPZKMgaP1oDJ-9ZgVI4cYUJ7vQAG2lgsueEYSXDhPBgK6X2O2SHSijnHmot_e-DjCohj3D9m4lD71JKSlp98LaLsMzE19WdiXb5l...
https://partners-tds.com/WzJQVS?sub_id_1=_PUSH&sub_id_2=&sub_id_3=
https://news-xpatado.com/tds?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH
https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

28 KB
17 KB

226ms
70ms

Document
text/html

193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

211-117-108-193.clients.gthost.com

Software

nginx /

Resource Hash

4e772298f14a50e0fd3a83ecc8a2cde97a1521dd8527baf0fe0043b9490ecddc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 15:01:23 GMT
server: nginx
vary: Origin
x-frame-options: DENY

Redirect headers

content-length: 0
date: Tue, 17 Dec 2024 15:01:23 GMT
location: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
94a6027010.news-byikivu.info/ 107 KB
35 KB 55ms
49ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://94a6027010.news-byikivu.info/revopush_v2.js
Requested by: Host: 94a6027010.news-byikivu.info
URL: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-8ba3"
accept-ranges: bytes
content-length: 35747
date: Tue, 17 Dec 2024 15:01:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 process.js Show response
94a6027010.news-byikivu.info/ 57 KB
18 KB 93ms
87ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://94a6027010.news-byikivu.info/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Requested by: Host: 94a6027010.news-byikivu.info
URL: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 4e445a274471fb6d462f8179e3ae1563cb43e0f5cb3b818fcadfa61a5c12deb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Tue, 17 Dec 2024 15:01:23 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 landsw_v2.js
94a6027010.news-byikivu.info/ 0
11 KB 112ms
110ms Other
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://94a6027010.news-byikivu.info/landsw_v2.js
Requested by: Host: 94a6027010.news-byikivu.info
URL: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-2a3c"
accept-ranges: bytes
content-length: 10812
date: Tue, 17 Dec 2024 15:01:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d124980feada063410783226ccda3d08fb449900fd910e54b9daab6a5e8402b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 314.js Show response
94a6027010.news-byikivu.info/ 96 KB
12 KB 289ms
288ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://94a6027010.news-byikivu.info/314.js
Requested by: Host: 94a6027010.news-byikivu.info
URL: https://94a6027010.news-byikivu.info/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-2e5f"
accept-ranges: bytes
content-length: 11871
date: Tue, 17 Dec 2024 15:01:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 91ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 15:01:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 15:01:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 14:36:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H/1.1 200
OK / Show response
show.partners-show.com/api/v1/inpage/show/ 4 KB
3 KB 269ms
168ms Fetch
application/json 2a01:4f8:13b:13e7::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&limit=1
Requested by: Host: 94a6027010.news-byikivu.info
URL: https://94a6027010.news-byikivu.info/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:13b:13e7::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: dfa4176f26b81a763a3f32a05f5af025e6b31d48607f7bdbf8f3edc803fcf059

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://94a6027010.news-byikivu.info/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: close
Access-Control-Allow-Origin: https://94a6027010.news-byikivu.info
Date: Tue, 17 Dec 2024 15:01:24 GMT
Content-Type: application/json
Vary: Origin
Server: nginx

GET
H2 200 v_F.ico
94a6027010.news-byikivu.info/lands/8/ 1 KB
1 KB 32ms
29ms Other
image/x-icon 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://94a6027010.news-byikivu.info/lands/8/v_F.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 15:01:24 GMT
etag: W/"675aaa75-47e"
content-type: image/x-icon
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2

200

pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain

https://img.cdn.house/i/1/aFQ_2vhA6-vgBTyOjF1FefcHZKKzSKTqvMSPa3dKlGpPQziMfP92tmnbk5jucXh1mqj7kHwuW5i54LBdultwF8jqYwW-l1X1ujrnFsGPmDa1yfoiMbBovFe7XV2a300qlQMkOFL8L-cKBIv196eVzOD6uryDpORGtrDqRqJPnfN...
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

74 KB
75 KB

127ms
56ms

Image
image/png

193.108.118.133
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Protocol

Server

193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

133-118-108-193.clients.gthost.com

Software

MinIO /

Resource Hash

2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://94a6027010.news-byikivu.info/

Response headers

etag: "5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options: nosniff
x-amz-bucket-region: eu-west-1
date: Tue, 17 Dec 2024 15:01:25 GMT
content-type: image/png
last-modified: Tue, 25 Jun 2024 19:56:42 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: fe1ceedf105df23ddcf0982b29ad937d4e3c578fec067933dbb14be7f915dd27
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1811FEFAE5699820
x-ratelimit-remaining: 18399
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-06-25T19:56:41.809Z
content-length: 76175
x-xss-protection: 1; mode=block
x-ratelimit-limit: 18410
server: MinIO

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iIr9vRi6zXrI2%2FHomRmA3EZd6qC%2FcMPR7ESJy23n9GS0%2BbSBIgl3lrwHhR5Hok82bBXnlWvabI6LuogP8D25hcpCnymXCaikzSP7Ocz73uPa3Ucpz3d%2BKsa6vM%2FWSUOwVnzsTvXB3ql"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f37c9ceceaedbe7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21908&min_rtt=21857&rtt_var=8298&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4133&recv_bytes=5115&delivery_rate=142464&cwnd=12000&unsent_bytes=0&cid=e2c8566db259455a&ts=49&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 17 Dec 2024 15:01:24 GMT
server: cloudflare
priority: u=1,i

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 132ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://94a6027010.news-byikivu.info
Referer: https://fonts.googleapis.com/

Response headers

age: 535818
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 10:11:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 135ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://94a6027010.news-byikivu.info
Referer: https://fonts.googleapis.com/

Response headers

age: 21306
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
82223f5b3a.news-bnotusi.today/ 9 KB
4 KB 87ms
26ms Document
text/html 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Requested by

Host: 94a6027010.news-byikivu.info
URL: https://94a6027010.news-byikivu.info/revopush_v2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

16-118-108-193.clients.gthost.com

Software

nginx /

Resource Hash

f4cbc50d638e122767611d1002af3414f5cda52b65b3e53f97b7c164112654a9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://94a6027010.news-byikivu.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 15:01:26 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
82223f5b3a.news-bnotusi.today/ 107 KB
35 KB 48ms
47ms Script
application/javascript 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/revopush_v2.js
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
etag: "675aaa75-8ba3"
accept-ranges: bytes
content-length: 35747
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 process.js Show response
82223f5b3a.news-bnotusi.today/ 57 KB
18 KB 72ms
71ms Script
application/javascript 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: fcbadc1b3d59e2d46bd2fc2854354fa255d1a4b821ad154ad17cc8de331f7b1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 style.css
82223f5b3a.news-bnotusi.today/lands/61/css/ 6 KB
2 KB 24ms
24ms Stylesheet
text/css 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/lands/61/css/style.css
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
etag: "675aaa75-642"
accept-ranges: bytes
content-length: 1602
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: text/css
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 spinning-circles2.svg
82223f5b3a.news-bnotusi.today/lands/61/images/ 503 B
459 B 49ms
48ms Image
image/svg+xml 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://82223f5b3a.news-bnotusi.today/lands/61/images/spinning-circles2.svg
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 15:01:26 GMT
etag: W/"675aaa75-1f7"
content-type: image/svg+xml
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 device.js Show response
82223f5b3a.news-bnotusi.today/lands/61/js/ 3 KB
1 KB 49ms
48ms Script
application/javascript 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/lands/61/js/device.js
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
etag: "675aaa75-457"
accept-ranges: bytes
content-length: 1111
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 landsw_v2.js
82223f5b3a.news-bnotusi.today/ 0
11 KB 27ms
26ms Other
application/javascript 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/landsw_v2.js
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
etag: "675aaa75-2a3c"
accept-ranges: bytes
content-length: 10812
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 arrow.svg
82223f5b3a.news-bnotusi.today/lands/61/images/ 226 B
304 B 25ms
25ms Image
image/svg+xml 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://82223f5b3a.news-bnotusi.today/lands/61/images/arrow.svg
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/lands/61/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 92d47bde923c80d50c91bcab12630a19608daad90447846a19749d07f8dd07cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/lands/61/css/style.css

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 15:01:26 GMT
etag: W/"675aaa75-e2"
content-type: image/svg+xml
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 314.js Show response
82223f5b3a.news-bnotusi.today/ 96 KB
12 KB 24ms
24ms Script
application/javascript 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/314.js
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
etag: "675aaa75-2e5f"
accept-ranges: bytes
content-length: 11871
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 92ms
37ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 15:01:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 14:29:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H/1.1 200
OK / Show response
show.partners-show.com/api/v1/inpage/show/ 4 KB
3 KB 191ms
135ms Fetch
application/json 2a01:4f8:13a:44b::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&limit=1
Requested by: Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:13a:44b::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e560eca1b677d79235c32f2db42031a6f4985c631ec13403bb23fe6d022a565b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://82223f5b3a.news-bnotusi.today/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
Connection: close
Access-Control-Allow-Origin: https://82223f5b3a.news-bnotusi.today
Date: Tue, 17 Dec 2024 15:01:26 GMT
Content-Type: application/json
Vary: Origin
Server: nginx

GET
H2 200 v_F.ico
82223f5b3a.news-bnotusi.today/lands/8/ 1 KB
1 KB 25ms
25ms Other
image/x-icon 193.108.118.16
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://82223f5b3a.news-bnotusi.today/lands/8/v_F.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 16-118-108-193.clients.gthost.com
Software: nginx /
Resource Hash: c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 15:01:26 GMT
etag: W/"675aaa75-47e"
content-type: image/x-icon
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2

200

pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain

https://img.cdn.house/i/1/3ToulyWVsMX-iAo2oIcIOuypXmcv1I6BUWffueTCP8FYNCz9qqRjxbGOrNxJ333aw5BZ9DUROkjpqnT8Pd5tCrUCFWdK_k5M0hVZB2pLrJzCzGGhqnxqOi5NPxCg9Fhul79auBIeb-Jw4TRe_cC2JSAjOBqy8CtsiyzHRjYDsU9...
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

74 KB
75 KB

92ms
46ms

Image
image/png

193.108.118.133
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Protocol

Server

193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

133-118-108-193.clients.gthost.com

Software

MinIO /

Resource Hash

2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://82223f5b3a.news-bnotusi.today/

Response headers

etag: "5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options: nosniff
x-amz-bucket-region: eu-west-1
date: Tue, 17 Dec 2024 15:01:26 GMT
content-type: image/png
last-modified: Tue, 25 Jun 2024 19:56:42 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: 93ade867426f22c9af24553fc581cd6e641795b673c146950d7049946d0205dd
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1811FEFB43C91F05
x-ratelimit-remaining: 17847
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-06-25T19:56:41.809Z
content-length: 76175
x-xss-protection: 1; mode=block
x-ratelimit-limit: 17856
server: MinIO

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWEvTSGPCsYPa%2FzOQYYwLXTF5x3m5FpJceyNR2NrzrilLL5TQ0%2BGSjPRVE00%2FBo1BNr7KGP78z8Ai4BUMO%2FLTY6Xp%2BLqUfB065RcHSoyTx9326zeTM7exfrY98tZWA%2BWZDOIj9QQ7zBL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f37c9d8c8bd9a3b-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22439&min_rtt=22390&rtt_var=8431&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4135&recv_bytes=5111&delivery_rate=138761&cwnd=12000&unsent_bytes=0&cid=dbe1873aee0f7df0&ts=44&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 17 Dec 2024 15:01:26 GMT
server: cloudflare
priority: u=1,i

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 149ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://82223f5b3a.news-bnotusi.today
Referer: https://fonts.googleapis.com/

Response headers

age: 535820
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 10:11:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 154ms
29ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://82223f5b3a.news-bnotusi.today
Referer: https://fonts.googleapis.com/

Response headers

age: 21308
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
350552f44f.news-bnugari.today/ 90 KB
90 KB 164ms
27ms Document
text/html 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Requested by

Host: 82223f5b3a.news-bnotusi.today
URL: https://82223f5b3a.news-bnotusi.today/revopush_v2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

201-56-158-23.clients.gthost.com

Software

nginx /

Resource Hash

92ab432c941aa2b6f216b9bd90ab4fff122d80f281e0c1486a1e89a9ec17347e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://82223f5b3a.news-bnotusi.today/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 15:01:27 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
350552f44f.news-bnugari.today/ 107 KB
35 KB 54ms
52ms Script
application/javascript 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://350552f44f.news-bnugari.today/revopush_v2.js
Requested by: Host: 350552f44f.news-bnugari.today
URL: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-8ba3"
accept-ranges: bytes
content-length: 35747
date: Tue, 17 Dec 2024 15:01:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 process.js Show response
350552f44f.news-bnugari.today/ 57 KB
18 KB 55ms
55ms Script
application/javascript 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://350552f44f.news-bnugari.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Requested by: Host: 350552f44f.news-bnugari.today
URL: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: 53124d5cea083748741a5a7aa8b2903b0a673981e330f3bbec48a8523caf3428

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Tue, 17 Dec 2024 15:01:27 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 landsw_v2.js
350552f44f.news-bnugari.today/ 0
11 KB 28ms
27ms Other
application/javascript 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://350552f44f.news-bnugari.today/landsw_v2.js
Requested by: Host: 350552f44f.news-bnugari.today
URL: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-2a3c"
accept-ranges: bytes
content-length: 10812
date: Tue, 17 Dec 2024 15:01:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
DATA 200
OK truncated
/ 40 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02460e3b10b0a6d50bccf0764fd0e66f4694a1fd66c0e9b4cc6a8a26c70d1468

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
H2 200 314.js Show response
350552f44f.news-bnugari.today/ 96 KB
12 KB 26ms
24ms Script
application/javascript 23.158.56.201
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://350552f44f.news-bnugari.today/314.js
Requested by: Host: 350552f44f.news-bnugari.today
URL: https://350552f44f.news-bnugari.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 201-56-158-23.clients.gthost.com
Software: nginx /
Resource Hash: d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-2e5f"
accept-ranges: bytes
content-length: 11871
date: Tue, 17 Dec 2024 15:01:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 87ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://350552f44f.news-bnugari.today/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 15:01:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 15:01:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 14:18:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H/1.1 200
OK / Show response
show.partners-show.com/api/v1/inpage/show/ 4 KB
3 KB 191ms
136ms Fetch
application/json 2a01:4f8:c2c:faef::1
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&limit=1
Requested by: Host: 350552f44f.news-bnugari.today
URL: https://350552f44f.news-bnugari.today/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:c2c:faef::1 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3616858943effc7f9445f5428337ac28b6a01c590e7b47009cf31f0656d4892

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://350552f44f.news-bnugari.today/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: close
Access-Control-Allow-Origin: https://350552f44f.news-bnugari.today
Date: Tue, 17 Dec 2024 15:01:27 GMT
Content-Type: application/json
Vary: Origin
Server: nginx

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 62ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://350552f44f.news-bnugari.today
Referer: https://fonts.googleapis.com/

Response headers

age: 21309
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 10 KB
10 KB 58ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://350552f44f.news-bnugari.today
Referer: https://fonts.googleapis.com/

Response headers

age: 140685
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 15 Dec 2025 23:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 23:56:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9852
x-xss-protection: 0
server: sffe

GET
H2

200

pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain

https://img.cdn.house/i/1/RWuRdRFPyIQFDUlWBbHtejDwNVmczyGB7JPM1PL9VadbTvVbOqDwFkm7epXf56y1KSGFy4CokD-E2Pq3wuVVD7c2F7t8i2kWQzGmp35PP49Z5oqBzxtcrBP-lsFKq1mzgfTwOlpX2pJHHE0qkD3J8cKOeP9mJuZM7D0ywkD0TiW...
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

74 KB
75 KB

93ms
43ms

Image
image/png

193.108.118.133
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Protocol

Server

193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

133-118-108-193.clients.gthost.com

Software

MinIO /

Resource Hash

2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://350552f44f.news-bnugari.today/

Response headers

etag: "5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options: nosniff
x-amz-bucket-region: eu-west-1
date: Tue, 17 Dec 2024 15:01:28 GMT
content-type: image/png
last-modified: Tue, 25 Jun 2024 19:56:42 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: 93ade867426f22c9af24553fc581cd6e641795b673c146950d7049946d0205dd
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1811FEFB96AF3AF8
x-ratelimit-remaining: 17847
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-06-25T19:56:41.809Z
content-length: 76175
x-xss-protection: 1; mode=block
x-ratelimit-limit: 17856
server: MinIO

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9nhe6%2F7npJgTLpt0VM7X6K6aWp9KpZL8DTf4Gf%2Fvt44%2BnGbVJqYsOoVygy10lFLp5mC0HQwXLLTh4jvQHmAH1JYEhiKmt5ZyiJGlYl%2F3mtrdAggUn%2BvkqCECffqE%2BIWar4AtooqZE5S"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f37c9e1897b3644-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20726&min_rtt=20685&rtt_var=7839&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4111&recv_bytes=5115&delivery_rate=141152&cwnd=12000&unsent_bytes=0&cid=3ab297973683a940&ts=42&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 17 Dec 2024 15:01:27 GMT
server: cloudflare
priority: u=1,i

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://350552f44f.news-bnugari.today
Referer: https://fonts.googleapis.com/

Response headers

age: 535821
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 10:11:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2 200 Primary Request / Show response
e712b85e91.news-bnukeju.live/ 28 KB
17 KB 105ms
44ms Document
text/html 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Requested by

Host: 350552f44f.news-bnugari.today
URL: https://350552f44f.news-bnugari.today/revopush_v2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

211-117-108-193.clients.gthost.com

Software

nginx /

Resource Hash

c68094a670dbfc0f71f58269694e512c8638e47ec25cbfac90e3db91993ced1b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://350552f44f.news-bnugari.today/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 15:01:29 GMT
server: nginx
vary: Origin
x-frame-options: DENY

GET
H2 200 revopush_v2.js Show response
e712b85e91.news-bnukeju.live/ 107 KB
35 KB 21ms
21ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://e712b85e91.news-bnukeju.live/revopush_v2.js
Requested by: Host: e712b85e91.news-bnukeju.live
URL: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-8ba3"
accept-ranges: bytes
content-length: 35747
date: Tue, 17 Dec 2024 15:01:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 process.js Show response
e712b85e91.news-bnukeju.live/ 57 KB
18 KB 41ms
41ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://e712b85e91.news-bnukeju.live/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Requested by: Host: e712b85e91.news-bnukeju.live
URL: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: 49d7b0a531d179878b879fd68104e82012a7d4b7003859059a474315e897b56e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma: no-cache
expires: 0
date: Tue, 17 Dec 2024 15:01:29 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx

GET
H2 200 landsw_v2.js
e712b85e91.news-bnukeju.live/ 0
11 KB 22ms
21ms Other
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://e712b85e91.news-bnukeju.live/landsw_v2.js
Requested by: Host: e712b85e91.news-bnukeju.live
URL: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-2a3c"
accept-ranges: bytes
content-length: 10812
date: Tue, 17 Dec 2024 15:01:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d124980feada063410783226ccda3d08fb449900fd910e54b9daab6a5e8402b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 314.js Show response
e712b85e91.news-bnukeju.live/ 96 KB
12 KB 22ms
22ms Script
application/javascript 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://e712b85e91.news-bnukeju.live/314.js
Requested by: Host: e712b85e91.news-bnukeju.live
URL: https://e712b85e91.news-bnukeju.live/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
etag: "675aaa75-2e5f"
accept-ranges: bytes
content-length: 11871
date: Tue, 17 Dec 2024 15:01:29 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 92ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 15:01:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 15:01:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 14:58:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H/1.1 200
OK / Show response
show.partners-show.com/api/v1/inpage/show/ 4 KB
3 KB 185ms
133ms Fetch
application/json 2a01:4f8:13a:44b::2
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://show.partners-show.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=_PUSH&sub2=_PUSH&sub3=_PUSH&sub4=_PUSH&adult=true&traffic=2&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&limit=1
Requested by: Host: e712b85e91.news-bnukeju.live
URL: https://e712b85e91.news-bnukeju.live/process.js?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a01:4f8:13a:44b::2 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 28c5cf41545417ff545c604bf6fc28c471440970a5808a4c7ebebb8f8e1506ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://e712b85e91.news-bnukeju.live/

Response headers

Transfer-Encoding: chunked
Content-Encoding: br
Connection: close
Access-Control-Allow-Origin: https://e712b85e91.news-bnukeju.live
Date: Tue, 17 Dec 2024 15:01:29 GMT
Content-Type: application/json
Vary: Origin
Server: nginx

GET
H2 200 v_F.ico
e712b85e91.news-bnukeju.live/lands/8/ 1 KB
1 KB 22ms
21ms Other
image/x-icon 193.108.117.211
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://e712b85e91.news-bnukeju.live/lands/8/v_F.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.108.117.211 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: 211-117-108-193.clients.gthost.com
Software: nginx /
Resource Hash: c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd

Response headers

content-encoding: gzip
date: Tue, 17 Dec 2024 15:01:29 GMT
etag: W/"675aaa75-47e"
content-type: image/x-icon
last-modified: Thu, 12 Dec 2024 09:18:45 GMT
server: nginx

GET
H2

200

pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
epics3.net/epic/a/img/70/124/391/
Redirect Chain

https://img.cdn.house/i/1/2XLgzN6F1myHM5qv1j8zsMsZ_exgJqOTvN_dqhARZ7rMt-6usIdx7nkEwS8OdL6iLc-ifObhYohr75fTPPaAEu54lRTCKVIYaLWS5rab4Cn59QRhCmnwitLZdQOK2mzG-xRfdpRcd1OfLfCSYlvi2EVgoTDZiYwGa0VXKyy-kqX...
https://epicdn.net/cdn/?id=eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZSIsImFkdl91c2VyX2lkIjoxMjQsImFkdmVydGlzZW1lbnRfaWQiOiI4MTMiLCJicm93c2VyIjoiQ2hyb21lIiwiY2FtcGFpZ25fY2F0ZWdvcnkiOjEyLCJjYW1wYWlnbl9pZCI6IjM5MS...
https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

8 KB
0

95ms
48ms

Image
image/png

193.108.118.133
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png

Protocol

Server

193.108.118.133 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),

Reverse DNS

133-118-108-193.clients.gthost.com

Software

MinIO /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://e712b85e91.news-bnukeju.live/

Response headers

etag: "5700d0b8a43d33538c3714b2d723c7cf"
x-content-type-options: nosniff
x-amz-bucket-region: eu-west-1
date: Tue, 17 Dec 2024 15:01:29 GMT
content-type: image/png
last-modified: Tue, 25 Jun 2024 19:56:42 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: aa035ed9341bcb4d51e1f9d7818ca90eec60261354b87fa2e4d17e04ccf6bcd3
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1811FEFC097F0F14
x-ratelimit-remaining: 18391
accept-ranges: bytes
x-amz-meta-mm-source-mtime: 2024-06-25T19:56:41.809Z
content-length: 76175
x-xss-protection: 1; mode=block
x-ratelimit-limit: 18403
server: MinIO

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://epics3.net/epic/a/img/70/124/391/pSQrl5fl19lR0BAvqavUEXbz7soxdbpA4piU1ZpM.png
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycBb8Iv6LLXuKkCxGbvZluvFMMIFCtEIfccKa5GH%2FjsGTzscPeS%2FwFk7gemuf6OIcARbbeNKnc%2FAee7NErXa5UhY7h1VmIb7MY6S%2B%2FPgkGHHfPcDA%2FZ0rx0zasg0TzJUlY196f3EM7e%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f37c9ed9b373643-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20932&min_rtt=20874&rtt_var=7943&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4134&recv_bytes=5113&delivery_rate=151178&cwnd=12000&unsent_bytes=0&cid=40ac31524aabf7b9&ts=38&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Tue, 17 Dec 2024 15:01:29 GMT
server: cloudflare
priority: u=1,i

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 57ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://e712b85e91.news-bnukeju.live
Referer: https://fonts.googleapis.com/

Response headers

age: 535823
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 10:11:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 55ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://e712b85e91.news-bnukeju.live
Referer: https://fonts.googleapis.com/

Response headers

age: 21311
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partners-tds.com/	1970-01-21 02:32:06	Name: _subid Value: 1nhj4te1bvslm5
			partners-tds.com/	1970-01-21 11:23:27	Name: 933eb Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0NDQ3NjgzfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0NDQ3NjgzfSxcInRpbWVcIjoxNzM0NDQ3NjgzfSJ9.fDQfaihK_OOk4D9mfNLpVAAWPrrb_Q5z24SSfT5nQSI

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://94a6027010.news-byikivu.info/?id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0381564100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://82223f5b3a.news-bnotusi.today/?i=1&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd&fingerprint=743c9558b884227dd030c8b437fadf43 Message: [GroupMarkerNotSet(crbug.com/242999)!:A090441464100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://350552f44f.news-bnugari.today/?fingerprint=93c7169a05fdbeb2a2ab35e224be7a22&i=2&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd Message: [GroupMarkerNotSet(crbug.com/242999)!:A050610764100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://e712b85e91.news-bnukeju.live/?fingerprint=2493b5490713f83edbe6752a194218d5&i=3&id=1218914904&p1=_PUSH&p2=_PUSH&p3=_PUSH&p4=_PUSH&traceId=ef7cbe57-e2d3-46b7-8874-7399cb56bedd Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D0381564100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

350552f44f.news-bnugari.today
82223f5b3a.news-bnotusi.today
94a6027010.news-byikivu.info
e712b85e91.news-bnukeju.live
epicdn.net
epics3.net
fonts.googleapis.com
fonts.gstatic.com
img.cdn.house
news-xpatado.com
partners-tds.com
phkazakhstan.com
show.partners-show.com
142.202.51.61
144.76.106.61
148.251.85.93
176.9.17.3
178.63.48.167
193.108.117.211
193.108.118.133
193.108.118.16
23.158.56.201
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a01:4f8:10b:285b::2
2a01:4f8:13a:44b::2
2a01:4f8:13b:13e7::2
2a01:4f8:c2c:faef::1
2a06:98c1:3120::3
2a06:98c1:3121::3
5.9.110.111
02460e3b10b0a6d50bccf0764fd0e66f4694a1fd66c0e9b4cc6a8a26c70d1468
23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2
28c5cf41545417ff545c604bf6fc28c471440970a5808a4c7ebebb8f8e1506ca
2f4619c6786796e83b7e6755acdf2d3739b8751c7bf8335f1f75e487046881bf
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
49d7b0a531d179878b879fd68104e82012a7d4b7003859059a474315e897b56e
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
4e445a274471fb6d462f8179e3ae1563cb43e0f5cb3b818fcadfa61a5c12deb4
4e772298f14a50e0fd3a83ecc8a2cde97a1521dd8527baf0fe0043b9490ecddc
53124d5cea083748741a5a7aa8b2903b0a673981e330f3bbec48a8523caf3428
6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
92ab432c941aa2b6f216b9bd90ab4fff122d80f281e0c1486a1e89a9ec17347e
92d47bde923c80d50c91bcab12630a19608daad90447846a19749d07f8dd07cf
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
c68094a670dbfc0f71f58269694e512c8638e47ec25cbfac90e3db91993ced1b
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
d124980feada063410783226ccda3d08fb449900fd910e54b9daab6a5e8402b0
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dfa4176f26b81a763a3f32a05f5af025e6b31d48607f7bdbf8f3edc803fcf059
e3616858943effc7f9445f5428337ac28b6a01c590e7b47009cf31f0656d4892
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560eca1b677d79235c32f2db42031a6f4985c631ec13403bb23fe6d022a565b
f4cbc50d638e122767611d1002af3414f5cda52b65b3e53f97b7c164112654a9
fcbadc1b3d59e2d46bd2fc2854354fa255d1a4b821ad154ad17cc8de331f7b1f

e712b85e91.news-bnukeju.live Open in urlscan Pro 193.108.117.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

48 Requests

92 %HTTPS

44 %IPv6

13 Domains

13 Subdomains

10 IPs

3 Countries

836 kBTransfer

1696 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

e712b85e91.news-bnukeju.live Open in urlscan Pro
193.108.117.211 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

92 %
HTTPS

44 %
IPv6

13
Domains

13
Subdomains

10
IPs

3
Countries

836 kB
Transfer

1696 kB
Size

2
Cookies

48 HTTP transactions
3 data transactions