decimalnews.cc Open in urlscan Pro
31.220.41.16  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

• https://c.mgid.com/c?pv=2&v=0|0|0|WSP7oIIsr7IepzKJXB9vuAtojAND8RD0JReLdMCPZuRDoeqaME85lCzXrGtpViXX&cid=218581&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3555595zb5295256bcCZcp2ph2020092714h&psid=1_3555595&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzQwNjA1NTUvMzI4eDMyOC8weDc0eDgwMHg1MzMvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURndk1UQXhPVEkwTHpjeU9UVmlOMkkxWkRaaU1XVmlNR1kwWldJNFpqVXdOV1prTWpkbU5qRTJMbXB3WldjKi53ZWJw HTTP 301
• https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp

Request Chain 60

• https://c.mgid.com/c?pv=2&v=0|0|0|WSP7oIIsr7IepzKJXB9vuAtojAND8RD0JReLdMCPZuRDoeqaME85lCzXrGtpViXX&cid=218581&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3555595zb5295256bcCZcp2ph2020092714h&psid=1_3555595&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzQwNjA1NTUvMzI4eDMyOC8weDc0eDgwMHg1MzMvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURndk1UQXhPVEkwTHpjeU9UVmlOMkkxWkRaaU1XVmlNR1kwWldJNFpqVXdOV1prTWpkbU5qRTJMbXB3WldjKi53ZWJw HTTP 301
• https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp

Request Chain 63

• https://c.mgid.com/c?pv=2&v=0|0|0|7iLAAA7bQBoNNDL82GO5EgEF_UbZmAaJddERp4Davtn5vw2z2hpZmLbrxsqEo-6T&cid=949756&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3555595zb6445621bcCZcp2ph2020092714h&psid=3555595&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzM4MDU2NjQvMzI4eDMyOC8weDB4NjQweDQyNi9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwWXk4eU1ERTVMVEEyTHpFd01Ua3lOQzh4T0RSak56QmtaRFJtWVdWa1pHWTVNVFUxWVRkaVpHUTNNbUZqTlRFNU15NXFjR1ZuLndlYnA= HTTP 301
• https://s-img.steepto.com/g/3805664/328x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request hd8.php Show response decimalnews.cc/to/	126 KB 46 KB	103ms 68ms	Document text/html	31.220.41.16 AMARUTU-TECHNOLOGY
General Check archive.org Show headers Download Go to Full URL http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 31.220.41.16 , Germany, ASN206264 (AMARUTU-TECHNOLOGY, NL), Reverse DNS nl8.nlkoddos.com Software LiteSpeed / Resource Hash 8da92bd5f8600fa35ad2cc5bb99a36b17fa21ea8db6019db4b468c3c2439c32c Request headers Host decimalnews.cc Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Sun, 27 Sep 2020 19:15:04 GMT Server LiteSpeed
GET H/1.1	200 OK	8.php Show response decimalnews.cc/t/ Frame CFBD	126 KB 46 KB	89ms 68ms	Document text/html	31.220.41.16 AMARUTU-TECHNOLOGY
General Check archive.org Show headers Download Go to Full URL http://decimalnews.cc/t/8.php Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 31.220.41.16 , Germany, ASN206264 (AMARUTU-TECHNOLOGY, NL), Reverse DNS nl8.nlkoddos.com Software LiteSpeed / Resource Hash a65bdbbf8903ba244d8ea6e779eb43d1793499f2a9be166f92ad7f675679aea7 Request headers Host decimalnews.cc Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/to/hd8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/to/hd8.php Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Sun, 27 Sep 2020 19:15:04 GMT Server LiteSpeed
GET H/1.1	200 OK	compatibility.js Show response theonecdn.com/script/	20 KB 21 KB	67ms 43ms	Script application/javascript	35.201.74.235 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://theonecdn.com/script/compatibility.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 35.201.74.235 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 235.74.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 18:59:20 GMT Age 944 X-GUploader-UploadID ABg5-UyKyAaoK3Fswy7hyUmxZzsAyiw6A9sLWyYQJHTlLoOhSAigdCl91OqN-HFI-jdljsRgfILfRHtL6MPyCj9-4fY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 20647 Last-Modified Tue, 15 Sep 2020 12:10:32 GMT Server UploadServer ETag "c2bbc1e2544049cb035c321919bef2bc" x-goog-hash crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA== x-goog-generation 1600171832181211 Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-goog-stored-content-length 20647 Accept-Ranges bytes Content-Type application/javascript Expires Sun, 27 Sep 2020 19:59:20 GMT
GET H/1.1	200 OK	3555595 Show response in-page-push.com/400/	68 KB 24 KB	97ms 76ms	Script application/javascript	87.245.235.43 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://in-page-push.com/400/3555595 Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 87.245.235.43 , United Kingdom, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 23f69ecace0a8133cc3d2fd017512cad2898be7edfef39efb9d3c499a1ab832d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Trace-Id 196a90d68dfa171e5d6dd75e2a33054e Pragma no-cache Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Vary Origin Server nginx Strict-Transport-Security max-age=1 Content-Type application/javascript Cache-Control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin * X-Content-Type-Options nosniff Expires Wed, 31 Dec 1969 19:00:00 EST
GET H2	200	snap.min.js Show response www.displayvertising.com/	31 KB 9 KB	113ms 34ms	Script application/x-javascript	195.181.175.46 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.displayvertising.com/snap.min.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-44.cdn77.com Software CDN77-Turbo / Resource Hash b54b345fc059a0154fd93d08262a44d401bb6a387c1dbe2b1cd7bbd7fe40a0fe Request headers Origin http://decimalnews.cc Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1ryxeMYjv4ooCAA== date Sun, 27 Sep 2020 19:15:04 GMT content-encoding br server CDN77-Turbo link <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect x-edge-pop frankfurtDE status 200 x-cache HIT content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=604800 x-edge-ip 195.181.175.44 x-age 166626 alt-svc quic="195.181.175.44:443"; ma=2592000; v="44,43,39" expires Fri, 02 Oct 2020 20:57:58 GMT
GET H/1.1	200 OK	apu.php Show response ptewarin.net/	3 KB 2 KB	90ms 63ms	XHR application/json	139.45.195.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://ptewarin.net/apu.php?zoneid=3556162&oo=1 Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 139.45.195.81 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 2b364d4a3e912828bd22a9fd5cfc2937007fb95d2b99ad0b451ae7bd5b7943a4 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-Trace-Id a0cb4ac875be7b93eb591529f5229d38 Pragma no-cache Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin http://decimalnews.cc Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	tag.min.js Show response ptewarin.net/	81 KB 26 KB	90ms 64ms	Script application/javascript	139.45.195.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://ptewarin.net/tag.min.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 139.45.195.81 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Content-Length 25508 X-Trace-Id aa3bc5d25480ca3c7c315c865f4fb0e7 Pragma no-cache Last-Modified Tue, 22 Sep 2020 12:13:23 GMT Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	301.php Show response decimalnews.cc/to/ Frame 9DC5	0 158 B	43ms 43ms	Document text/html	31.220.41.16 AMARUTU-TECHNOLOGY
General Check archive.org Show headers Download Go to Full URL http://decimalnews.cc/to/301.php Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 31.220.41.16 , Germany, ASN206264 (AMARUTU-TECHNOLOGY, NL), Reverse DNS nl8.nlkoddos.com Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Host decimalnews.cc Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/to/hd8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/to/hd8.php Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 0 Date Sun, 27 Sep 2020 19:15:04 GMT Server LiteSpeed
GET H/1.1	200 OK	js15_as.js Show response s10.histats.com/	11 KB 5 KB	62ms 39ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL http://s10.histats.com/js15_as.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:12:10 GMT Content-Encoding gzip Last-Modified Thu, 16 Apr 2020 10:44:16 GMT X-CDN-Pop-IP 137.74.120.32/27 ETag "-375139978" X-Cacheable Matched cache Vary Accept-Encoding X-IPLB-Instance 4747 Content-Type text/javascript X-CDN-Pop sbg Accept-Ranges bytes Content-Length 4547 X-Request-ID 176719063
GET H/1.1	200 OK	closeButton.gif 1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/ Frame CFBD	1013 B 1 KB	12ms 6ms	Image image/gif	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/closeButton.gif Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 15:29:44 GMT X-Content-Type-Options nosniff Server fife Age 13520 ETag "v314" Vary Origin Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length Cache-Control public, max-age=86400, no-transform Content-Disposition inline;filename="closeButton.gif" Timing-Allow-Origin * Content-Length 1013 X-XSS-Protection 0 Expires Sat, 26 Sep 2020 15:35:26 GMT
GET H/1.1	200 OK	Cookie set 8.php totalhdsport.xyz/hd/ Frame 4CD2	0 0	113ms 97ms	Document text/html	2606:4700:3032::ac43:dde6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://totalhdsport.xyz/hd/8.php Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 2606:4700:3032::ac43:dde6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host totalhdsport.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/t/8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/t/8.php Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dfbed2b60d7131be50c072bf533ce56111601234104; expires=Tue, 27-Oct-20 19:15:04 GMT; path=/; domain=.totalhdsport.xyz; HttpOnly; SameSite=Lax Vary Accept-Encoding Accept-Encoding X-Turbo-Charged-By LiteSpeed G7Cache-10G STALE CF-Cache-Status DYNAMIC cf-request-id 05729688a900009aaa6483e200000001 Server cloudflare CF-RAY 5d978d210a099aaa-FRA Content-Encoding gzip
GET H/1.1	200 OK	300.php Show response decimalnews.cc/to/ Frame 8343	0 158 B	44ms 43ms	Document text/html	31.220.41.16 AMARUTU-TECHNOLOGY
General Check archive.org Show headers Download Go to Full URL http://decimalnews.cc/to/300.php Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 31.220.41.16 , Germany, ASN206264 (AMARUTU-TECHNOLOGY, NL), Reverse DNS nl8.nlkoddos.com Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Host decimalnews.cc Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/t/8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/t/8.php Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 0 Date Sun, 27 Sep 2020 19:15:04 GMT Server LiteSpeed
GET H/1.1	200 OK	compatibility.js Show response theonecdn.com/script/ Frame CFBD	20 KB 21 KB	36ms 35ms	Script application/javascript	35.201.74.235 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://theonecdn.com/script/compatibility.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 35.201.74.235 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 235.74.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 18:59:20 GMT Age 944 X-GUploader-UploadID ABg5-UyKyAaoK3Fswy7hyUmxZzsAyiw6A9sLWyYQJHTlLoOhSAigdCl91OqN-HFI-jdljsRgfILfRHtL6MPyCj9-4fY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 20647 Last-Modified Tue, 15 Sep 2020 12:10:32 GMT Server UploadServer ETag "c2bbc1e2544049cb035c321919bef2bc" x-goog-hash crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA== x-goog-generation 1600171832181211 Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-goog-stored-content-length 20647 Accept-Ranges bytes Content-Type application/javascript Expires Sun, 27 Sep 2020 19:59:20 GMT
GET H/1.1	200 OK	Cookie set identify.html ufpcdn.com/script/ Frame AB1C	0 0	397ms 318ms	Document text/html	2606:4700:3034::6812:3647 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/to/hd8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/to/hd8.php Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d9c525789390fd2509f784da4be2503961601234104; expires=Tue, 27-Oct-20 19:15:04 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=5fc0e84f71b81cfb6678effee6cf8d7771f88899-1601234104-1800-AZf39W5sCFAejqmw22GcW4d/CQ05UO0aMrkWGceZ6cLDAKiqyMOEVFUB1BowZjlZBP8czZi2Ne/ZkWsHPeEZRSA=; path=/; expires=Sun, 27-Sep-20 19:45:04 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None Last-Modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC cf-request-id 05729688ed00002c3287363200000001 Server cloudflare CF-RAY 5d978d217d992c32-FRA Content-Encoding gzip
GET H/1.1	200 OK	3555595 Show response in-page-push.com/400/ Frame CFBD	68 KB 24 KB	51ms 51ms	Script application/javascript	87.245.235.43 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://in-page-push.com/400/3555595 Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 87.245.235.43 , United Kingdom, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 23f69ecace0a8133cc3d2fd017512cad2898be7edfef39efb9d3c499a1ab832d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Trace-Id 2141d602b3db722581ecb2d4383056e4 Pragma no-cache Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Vary Origin Server nginx Strict-Transport-Security max-age=1 Content-Type application/javascript Cache-Control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin * X-Content-Type-Options nosniff Expires Wed, 31 Dec 1969 19:00:00 EST
GET H2	200	snap.min.js Show response www.displayvertising.com/ Frame CFBD	31 KB 9 KB	38ms 37ms	Script application/x-javascript	195.181.175.46 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.displayvertising.com/snap.min.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-44.cdn77.com Software CDN77-Turbo / Resource Hash b54b345fc059a0154fd93d08262a44d401bb6a387c1dbe2b1cd7bbd7fe40a0fe Request headers Origin http://decimalnews.cc Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1ryxozt/v4ooCAA== date Sun, 27 Sep 2020 19:15:04 GMT content-encoding br server CDN77-Turbo link <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect x-edge-pop frankfurtDE status 200 x-cache HIT content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=604800 x-edge-ip 195.181.175.44 x-age 166626 alt-svc quic="195.181.175.44:443"; ma=2592000; v="44,43,39" expires Fri, 02 Oct 2020 20:57:58 GMT
GET H/1.1	200 OK	apu.php Show response ptewarin.net/ Frame CFBD	3 KB 2 KB	45ms 44ms	XHR application/json	139.45.195.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://ptewarin.net/apu.php?zoneid=3556162&oo=1 Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 139.45.195.81 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash baee01f0d96c49f873986f3690775572a56227530c10d7ad247f43f45f121571 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-Trace-Id 5580eb37716108c7b722f7874ff2a6c0 Pragma no-cache Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin http://decimalnews.cc Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	tag.min.js Show response ptewarin.net/ Frame CFBD	81 KB 26 KB	41ms 41ms	Script application/javascript	139.45.195.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://ptewarin.net/tag.min.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 139.45.195.81 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Content-Length 25508 X-Trace-Id cd4054015e3247e2fb58774b068f47d7 Pragma no-cache Last-Modified Tue, 22 Sep 2020 12:11:52 GMT Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	301.php Show response decimalnews.cc/to/ Frame 6C10	0 158 B	43ms 43ms	Document text/html	31.220.41.16 AMARUTU-TECHNOLOGY
General Check archive.org Show headers Download Go to Full URL http://decimalnews.cc/to/301.php Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 31.220.41.16 , Germany, ASN206264 (AMARUTU-TECHNOLOGY, NL), Reverse DNS nl8.nlkoddos.com Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Host decimalnews.cc Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/t/8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/t/8.php Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 0 Date Sun, 27 Sep 2020 19:15:04 GMT Server LiteSpeed
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	51 B 322 B	386ms 120ms	Script text/html	192.99.8.34 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?3451427&@f16&@g1&@h1&@i1&@j1601234104593&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-3502349&@b3:1601234105&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&@w Requested by Host: s10.histats.com URL: http://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR), Reverse DNS ns501383.ip-192-99-8.net Software / Resource Hash fa773793691f05438e0cbcd2481f55f29cb0c681bfa294ac520c6d1ff7f64dd8 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Connection close Content-Length 51 Content-Type text/html;charset=UTF-8
GET H/1.1	200 OK	Cookie set identify.html ufpcdn.com/script/ Frame EE5F	0 0	206ms 201ms	Document text/html	2606:4700:3034::6812:3647 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/t/8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/t/8.php Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d50e5ec2a191922c1807d5ee6b8a9846b1601234104; expires=Tue, 27-Oct-20 19:15:04 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=9d0bc7e339ca498f6480792b8f6eefa71c900a90-1601234104-1800-AZqkW6ArwYr6wSzotU1zBzvVz0hq1FmFD74X95VwQeVz3eKEgYmv1+HAFzGX4W5jfuuHrLboZR+SJTBo6mgOMZU=; path=/; expires=Sun, 27-Sep-20 19:45:04 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None Last-Modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC cf-request-id 0572968954000096e6d435c200000001 Server cloudflare CF-RAY 5d978d222b2196e6-FRA Content-Encoding gzip
OPTIONS H/1.1	204 No Content	options bestaryua.com/ Frame	0 0	80ms 59ms	Other	139.45.195.150 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://bestaryua.com/options?option_args=CMKG2QESIGNlNjI4NjQ5ZDgxZjQ1NDA4YTY4MDE2ZGFmMWVhNDEzGi9odHRwOi8vcHRld2FyaW4ubmV0L2FwdS5waHA_em9uZWlkPTM1NTYxNjImb289MSIgaHR0cDovL2RlY2ltYWxuZXdzLmNjL3RvL2hkOC5waHA= Protocol HTTP/1.1 Server 139.45.195.150 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://decimalnews.cc Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 27 Sep 2020 19:15:04 GMT Connection keep-alive Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Pragma no-cache Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires Tue, 11 Jan 1994 10:00:00 GMT Timing-Allow-Origin * * Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff
POST		options bestaryua.com/	0 0
GET H/1.1	204 No Content	fac.php bestaryua.com/ Frame 07E7	0 0	82ms 62ms	Document text/html	139.45.195.150 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://bestaryua.com/fac.php Requested by Host: ptewarin.net URL: http://ptewarin.net/tag.min.js Protocol HTTP/1.1 Server 139.45.195.150 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Host bestaryua.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/to/hd8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/to/hd8.php Response headers Server nginx Date Sun, 27 Sep 2020 19:15:04 GMT Content-Type text/html; charset=utf8 Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Pragma no-cache Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires Tue, 11 Jan 1994 10:00:00 GMT Timing-Allow-Origin * * X-Trace-Id cf228f1a5f4a256583e9371f06bc4c4e Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff
GET H/1.1	204 No Content	suurl.php Show response onclickgenius.com/script/	0 132 B	201ms 174ms	Script text/plain	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=2673799&cbrandom=0.36810156376259506&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=theonecdn.com Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 27 Sep 2020 19:15:04 GMT Via 1.1 google Server openresty
GET H/1.1	200 OK	chrome.js Show response theonecdn.com/script/	36 KB 37 KB	37ms 36ms	Script application/javascript	35.201.74.235 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://theonecdn.com/script/chrome.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 35.201.74.235 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 235.74.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 18:28:25 GMT Age 2799 X-GUploader-UploadID ABg5-UyFsHy-3OmqsfXHm1Fz9e2wxUCha8otWvaXKfS7FqHxW9uzTnX9ywr_w9JzdyzUfiCf1naf9DtmRnoJ7h4Eyx2bIHr0Ug x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 37300 Last-Modified Mon, 14 Sep 2020 09:15:29 GMT Server UploadServer ETag "ef6565ab259dafbc08468b4d0bb46762" x-goog-hash crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg== x-goog-generation 1600074929755781 Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-goog-stored-content-length 37300 Accept-Ranges bytes Content-Type application/javascript Expires Sun, 27 Sep 2020 19:28:25 GMT
GET H/1.1	200 OK	/ Show response c.adsco.re/	35 KB 13 KB	25ms 19ms	Script text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: www.displayvertising.com URL: https://www.displayvertising.com/snap.min.js Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2203538 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 057296899900000609eca69200000001 Server cloudflare ETag W/"SJc1ouqxjhvv0sBICfL/bg==" Vary Accept-Encoding Content-Type text/html Cache-Control max-age=43200,public,immutable,no-transform CF-RAY 5d978d228fd60609-FRA Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Wed, 02 Sep 2020 19:09:26 GMT
OPTIONS H/1.1	204 No Content	options bestaryua.com/ Frame	0 0	99ms 78ms	Other	139.45.195.150 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://bestaryua.com/options?option_args=CMKG2QESIDFlNjBlMDI4N2VjMTQ0MjBiNDY4MjdmYTdhNmRhZTBiGi9odHRwOi8vcHRld2FyaW4ubmV0L2FwdS5waHA_em9uZWlkPTM1NTYxNjImb289MSIdaHR0cDovL2RlY2ltYWxuZXdzLmNjL3QvOC5waHA= Protocol HTTP/1.1 Server 139.45.195.150 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://decimalnews.cc Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 27 Sep 2020 19:15:04 GMT Connection keep-alive Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Pragma no-cache Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires Tue, 11 Jan 1994 10:00:00 GMT Timing-Allow-Origin * * Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff
POST		options bestaryua.com/ Frame CFBD	0 0
GET H/1.1	204 No Content	fac.php bestaryua.com/ Frame 2C17	0 0	98ms 77ms	Document text/html	139.45.195.150 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://bestaryua.com/fac.php Requested by Host: ptewarin.net URL: http://ptewarin.net/tag.min.js Protocol HTTP/1.1 Server 139.45.195.150 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Host bestaryua.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/t/8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/t/8.php Response headers Server nginx Date Sun, 27 Sep 2020 19:15:04 GMT Content-Type text/html; charset=utf8 Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Pragma no-cache Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires Tue, 11 Jan 1994 10:00:00 GMT Timing-Allow-Origin * * X-Trace-Id cd703df5bbf10e713d29b6496f2e1a82 Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff
GET H/1.1	200 OK	p adsco.re/	0 323 B	119ms 96ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Max-Age 2592000 Cache-Control no-transform Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ 6.adsco.re/	0 657 B	27ms 20ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Max-Age 2592000 Cache-Control max-age=600,public,immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5d978d22eea91f25-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 05729689ce00001f25692ae200000001
GET H/1.1	200 OK	/ Show response c.adsco.re/ Frame CFBD	35 KB 13 KB	85ms 85ms	Script text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: www.displayvertising.com URL: https://www.displayvertising.com/snap.min.js Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9589120651cc4ea755db4f8c8848f27408b7336b454f3ee6ad22a732725644e9 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2203538 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 05729689d200000609eca6e200000001 Server cloudflare ETag W/"SJc1ouqxjhvv0sBICfL/bg==" Vary Accept-Encoding Content-Type text/html Cache-Control max-age=43200,public,immutable,no-transform CF-RAY 5d978d22e9380609-FRA Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Wed, 02 Sep 2020 19:09:26 GMT
POST H/1.1	200 OK	p Show response adsco.re/	0 415 B	206ms 185ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 6.adsco.re/	53 B 677 B	28ms 21ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Max-Age 2592000 Cache-Control max-age=600,public,immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5d978d22eea06383-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 05729689d10000638326b7b200000001
GET H/1.1	200 OK	/ Show response tnmzq7j6m3y0.l.adsco.re/	0 464 B	238ms 52ms	XHR text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://tnmzq7j6m3y0.l.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET		/ tnmzq7j6m3y0.n.adsco.re/	0 0
GET		/ tnmzq7j6m3y0.s.adsco.re/	0 0
GET H/1.1	200 OK	/ c.adsco.re/ Frame BFFA	0 0	27ms 21ms	Document text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host c.adsco.re Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/to/hd8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/to/hd8.php Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=43200,public,immutable,no-transform Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Wed, 02 Sep 2020 19:09:26 GMT ETag W/"SJc1ouqxjhvv0sBICfL/bg==" Content-Encoding gzip CF-Cache-Status HIT Age 2203538 cf-request-id 05729689d6000064a342bf3200000001 Vary Accept-Encoding Server cloudflare CF-RAY 5d978d22f8d964a3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	p adsco.re/ Frame CFBD	0 323 B	118ms 93ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Max-Age 2592000 Cache-Control no-transform Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ 6.adsco.re/ Frame CFBD	0 657 B	11ms 11ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: decimalnews.cc URL: http://decimalnews.cc/t/8.php Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:04 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Max-Age 2592000 Cache-Control max-age=600,public,immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5d978d2429b01f25-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0572968a9b00001f25692ba200000001
GET H/1.1	200 OK	gid.js Show response my.rtmark.net/	65 B 771 B	182ms 40ms	XHR application/json	139.45.195.41 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: in-page-push.com URL: http://in-page-push.com/400/3555595 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.195.41 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash de49e98df87ca80a24e1b6e12b667ae09298edac16796021640847e73a990510 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Expose-Headers Authorization Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Content-Length 65
GET H/1.1	204 No Content	suurl.php Show response onclickgenius.com/script/ Frame CFBD	0 132 B	162ms 162ms	Script text/plain	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=2673799&cbrandom=0.5152914356688183&cbiframe=1&cbWidth=1050&cbHeight=550&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=theonecdn.com Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 27 Sep 2020 19:15:05 GMT Via 1.1 google Server openresty
GET H/1.1	200 OK	chrome.js Show response theonecdn.com/script/ Frame CFBD	36 KB 37 KB	55ms 54ms	Script application/javascript	35.201.74.235 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://theonecdn.com/script/chrome.js Requested by Host: decimalnews.cc URL: http://decimalnews.cc/to/hd8.php Protocol HTTP/1.1 Server 35.201.74.235 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 235.74.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 18:28:25 GMT Age 2800 X-GUploader-UploadID ABg5-UyFsHy-3OmqsfXHm1Fz9e2wxUCha8otWvaXKfS7FqHxW9uzTnX9ywr_w9JzdyzUfiCf1naf9DtmRnoJ7h4Eyx2bIHr0Ug x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Content-Length 37300 Last-Modified Mon, 14 Sep 2020 09:15:29 GMT Server UploadServer ETag "ef6565ab259dafbc08468b4d0bb46762" x-goog-hash crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg== x-goog-generation 1600074929755781 Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-goog-stored-content-length 37300 Accept-Ranges bytes Content-Type application/javascript Expires Sun, 27 Sep 2020 19:28:25 GMT
POST H/1.1	200 OK	p Show response adsco.re/ Frame CFBD	0 415 B	66ms 65ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 6.adsco.re/ Frame CFBD	53 B 677 B	19ms 18ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Max-Age 2592000 Cache-Control max-age=600,public,immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5d978d245f1c6383-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0572968ab30000638326b81200000001
GET		/ hf2pur8tazkg.l.adsco.re/ Frame CFBD	0 0
GET		/ hf2pur8tazkg.n.adsco.re/ Frame CFBD	0 0
GET		/ hf2pur8tazkg.s.adsco.re/ Frame CFBD	0 0
GET H/1.1	200 OK	/ c.adsco.re/ Frame 4A28	0 0	17ms 17ms	Document text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host c.adsco.re Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://decimalnews.cc/t/8.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://decimalnews.cc/t/8.php Response headers Date Sun, 27 Sep 2020 19:15:05 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=43200,public,immutable,no-transform Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Wed, 02 Sep 2020 19:09:26 GMT ETag W/"SJc1ouqxjhvv0sBICfL/bg==" Content-Encoding gzip CF-Cache-Status HIT Age 2203539 cf-request-id 0572968ab7000064a342bff200000001 Vary Accept-Encoding Server cloudflare CF-RAY 5d978d2459e364a3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
POST H/1.1	200 OK	p Show response adsco.re/ Frame CFBD	362 B 844 B	245ms 245ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 3d192b71d8c22395c315438c22580925c3afd04f03623a819e86cbdb3d6a36ec Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers AS-P-G OK Date Sun, 27 Sep 2020 19:15:05 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin http://decimalnews.cc Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
POST H/1.1	200 OK	p Show response adsco.re/	362 B 840 B	134ms 114ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 32fd20880e1fb8fc4a267e926ca0e933c22e9375cfcb23bf407509085ca9e7ff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers AS-P-G OK Date Sun, 27 Sep 2020 19:15:05 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin http://decimalnews.cc Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
OPTIONS H/1.1	200 OK	3555595 in-page-push.com/500/ Frame	0 0	186ms 51ms	Other	87.245.235.43 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3555595?excludes=&oaid=cf86fcfe51cc42e09e6b025bc4c98160&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=http%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Protocol HTTP/1.1 Server 87.245.235.43 , United Kingdom, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin http://decimalnews.cc Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 27 Sep 2020 19:15:05 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods GET Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Max-Age 300 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Timing-Allow-Origin *
GET H/1.1	200 OK	3555595 Show response in-page-push.com/500/	2 KB 2 KB	297ms 150ms	XHR application/javascript	87.245.235.43 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3555595?excludes=&oaid=cf86fcfe51cc42e09e6b025bc4c98160&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=http%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Requested by Host: in-page-push.com URL: http://in-page-push.com/400/3555595 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 87.245.235.43 , United Kingdom, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash fd2c04183655361218a39d2c941766019e76a4e3fa799bfe4de84c29dc6d6125 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers Date Sun, 27 Sep 2020 19:15:05 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-Trace-Id 7dda885cbcbbb974ad7c00aa61c9fbe4 Pragma no-cache Server nginx Vary Origin Strict-Transport-Security max-age=1 Content-Type application/javascript Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Expose-Headers Link Cache-Control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 Access-Control-Allow-Credentials true Timing-Allow-Origin * Expires Wed, 31 Dec 1969 19:00:00 EST
GET H/1.1	200 OK	FPGzfx.html Show response displayvertising.com/	0 272 B	197ms 175ms	Script application/javascript	216.59.56.9 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://displayvertising.com/FPGzfx.html?_=BAoAX3DkuQFfcOS5gAGBAsAAIPD1g5UWPA1UZ775TfoQdHAAefWkekYHE9001r1BSyP3wQBGMEQCIFxRA1J39lN2Q7pI7PKJ3bf0s6vJWAcXyZnzd2mFOm3tAiBIsxz71rIrsfai-rOjEH40AVsqKPv0JbK4wRUvaPgrPMIAIMBx6aMtKQHQVirVpQyj2djCd6nYNziL4eRHRwBqqPE0xAAQKgEE-AGSVBQAAAAAAAAAAsUAEAJyhfPl-CFQn1P6vrVqPCDDAEcwRQIgNM-OKAgrqZyaJ5FbYXfLPc8XRGkdtJqUc8Ue44ehSh0CIQCFswlUJz45ctGrH7RccbJSnerTOi0huvxtbBFuxBk8ag&v=4&sSiCunUq=3467263&minBid=&zFufiEVa=0,0&guqwmJEp=&xriWaZmg=&s=1600,1200,1,1600,1200,0 Requested by Host: www.displayvertising.com URL: https://www.displayvertising.com/snap.min.js Protocol HTTP/1.1 Server 216.59.56.9 , United States, ASN53334 (TUT-AS, US), Reverse DNS customer.ipv4.totaluptime.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT ASF 9 Access-Control-Allow-Origin * Content-Type application/javascript PopAds-EC ASB Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 0 Expires Sun, 04 Oct 2020 19:15:05 GMT
GET H/1.1	200 OK	FPGzfx.html Show response displayvertising.com/ Frame CFBD	0 272 B	199ms 178ms	Script application/javascript	216.59.56.9 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://displayvertising.com/FPGzfx.html?_=BAoAX3DkuQFfcOS5gAGBAsAAIPD1g5UWPA1UZ775TfoQdHAAefWkekYHE9001r1BSyP3wQBHMEUCIQCge4BAIhLCw4HCvTdbUuOuSMeRTjE8ZpRNkkAg41vyhwIgMRcVWriT1wZWzXxQ-D3hytPjfd1RnKvsNfIk7pcgFYXCACDAcemjLSkB0FYq1aUMo9nYwnep2Dc4i-HkR0cAaqjxNMQAECoBBPgBklQUAAAAAAAAAALFABACcoXz5fghUJ9T-r61ajwgwwBGMEQCIEJJMYYDXytQqPrzftYuNbSQDVFuN012IudJeXHK9KjSAiBJicI_Jk6J4Y_0bB_ZvUAKD8eRE3MqS3iVPthXKpEtQQ&v=4&sSiCunUq=3467263&minBid=&zFufiEVa=0,0&guqwmJEp=&xriWaZmg=http%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&s=1600,1200,1,1600,1200,1 Requested by Host: www.displayvertising.com URL: https://www.displayvertising.com/snap.min.js Protocol HTTP/1.1 Server 216.59.56.9 , United States, ASN53334 (TUT-AS, US), Reverse DNS customer.ipv4.totaluptime.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://decimalnews.cc/t/8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT ASF 9 Access-Control-Allow-Origin * Content-Type application/javascript PopAds-EC ASB Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 0 Expires Sun, 04 Oct 2020 19:15:05 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp s-img.mgid.com/g/4060555/328x328/0x74x800x533/ Redirect Chain https://c.mgid.com/c?pv=2&v=0|0|0|WSP7oIIsr7IepzKJXB9vuAtojAND8RD0JReLdMCPZuRDoeqaME85lCzXrGtpViXX&cid=218581&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3555595zb5295256bcCZcp2ph20200... https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp	6 KB 7 KB	58ms 57ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec9fe53f39c5efdb920987813276c85d6f1b2951b0f52c4f556951c6f0add8e Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Sep 2020 19:15:05 GMT cf-cache-status HIT age 3511774 status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6574 cf-request-id 0572968e290000faa8b4a8b200000001 last-modified Wed, 05 Feb 2020 13:27:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 5d978d29dd25faa8-AMS cf-bgj h2pri Redirect headers pragma no-cache date Sun, 27 Sep 2020 19:15:05 GMT cf-cache-status DYNAMIC x-mg-request-uuid 2fef0548-4370-4e0c-8e03-ba36a348e3cd expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 301 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" location https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 5d978d293beefaa8-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0572968dc30000faa8b4a86200000001 server cloudflare
GET H/1.1	200 OK	/ e2ertt.com/	0 198 B	241ms 58ms	Image image/gif	52.208.186.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e2ertt.com/?jsonKey=%7B%22scriptLoadPerformance%22%3A%7B%22name%22%3A%22http%3A%2F%2Fptewarin.net%2Ftag.min.js%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A248.37500043213367%2C%22duration%22%3A115.9099992364645%2C%22initiatorType%22%3A%22script%22%2C%22nextHopProtocol%22%3A%22http%2F1.1%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A248.37500043213367%2C%22domainLookupStart%22%3A248.81500005722046%2C%22domainLookupEnd%22%3A255.13499975204468%2C%22connectStart%22%3A255.13499975204468%2C%22connectEnd%22%3A275.0199995934963%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A275.1000002026558%2C%22responseStart%22%3A339.01000022888184%2C%22responseEnd%22%3A364.2849996685982%2C%22transferSize%22%3A26216%2C%22encodedBodySize%22%3A25508%2C%22decodedBodySize%22%3A83064%2C%22serverTiming%22%3A%5B%5D%2C%22workerTiming%22%3A%5B%5D%7D%2C%22partner%22%3A%22pa%22%2C%22zoneId%22%3A3556162%2C%22type%22%3A%22onclick%22%7D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.186.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-186-41.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:05 GMT Transfer-Encoding chunked Server nginx Connection keep-alive Strict-Transport-Security max-age=15768000 Content-Type image/gif
GET H/1.1	200 OK	perf.gif perf.cdnads.com/	43 B 323 B	87ms 62ms	Image image/gif	178.162.156.34 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL http://perf.cdnads.com/perf.gif Protocol HTTP/1.1 Server 178.162.156.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:06 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Content-Type image/gif Cache-Control max-age=86400 Connection keep-alive Timing-Allow-Origin * Content-Length 43 Expires Mon, 28 Sep 2020 19:15:06 GMT
GET H/1.1	200 OK	/ e2ertt.com/	0 198 B	60ms 59ms	Image image/gif	52.208.186.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e2ertt.com/?jsonKey=%7B%22imgLoadPerformance%22%3A%7B%22name%22%3A%22http%3A%2F%2Fperf.cdnads.com%2Fperf.gif%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A1754.414999857545%2C%22duration%22%3A88.6599998921156%2C%22initiatorType%22%3A%22img%22%2C%22nextHopProtocol%22%3A%22http%2F1.1%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1754.414999857545%2C%22domainLookupStart%22%3A1756.0949996113777%2C%22domainLookupEnd%22%3A1758.6250007152557%2C%22connectStart%22%3A1758.6250007152557%2C%22connectEnd%22%3A1780.2200000733137%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1780.264999717474%2C%22responseStart%22%3A1842.3200007528067%2C%22responseEnd%22%3A1843.0749997496605%2C%22transferSize%22%3A323%2C%22encodedBodySize%22%3A43%2C%22decodedBodySize%22%3A43%2C%22serverTiming%22%3A%5B%5D%2C%22workerTiming%22%3A%5B%5D%7D%2C%22partner%22%3A%22pa%22%2C%22zoneId%22%3A3556162%2C%22type%22%3A%22onclick%22%7D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.186.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-186-41.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Sep 2020 19:15:06 GMT Transfer-Encoding chunked Server nginx Connection keep-alive Strict-Transport-Security max-age=15768000 Content-Type image/gif
GET H/1.1	200 OK	ju4VTY6l6d77gfSD3bdyFjP5YlRcEDxCokheSKMzONNVbDUSET9ZNfx-20hjHm6bEAvb8NEvngzWtAXIrgsMSdVys_Ye-w1-dQv2rTKPKr3i2IoVK4Sr9rafLnnWr4Si_pEEx-QJz0gVQKD1Mf8yqAd_TmVnYdNEx2Psva7X11ihs4Q00PRw2ocaueaSigGxTNB0r... onstunkyr.com/impression/	43 B 482 B	207ms 63ms	Image image/gif	139.45.195.176 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://onstunkyr.com/impression/ju4VTY6l6d77gfSD3bdyFjP5YlRcEDxCokheSKMzONNVbDUSET9ZNfx-20hjHm6bEAvb8NEvngzWtAXIrgsMSdVys_Ye-w1-dQv2rTKPKr3i2IoVK4Sr9rafLnnWr4Si_pEEx-QJz0gVQKD1Mf8yqAd_TmVnYdNEx2Psva7X11ihs4Q00PRw2ocaueaSigGxTNB0rdhclkp2ALZt-LG6MKQlFP8uTtks2qYsbZHqvVFLZymFBtlAY0YJgR_GW_IH9wIsfx2VEQrbuFau?z=3555595&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=http%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.195.176 , Ascension Island, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Trace-Id 58e2aab7ca56b200abe0aa825711bb97 Pragma no-cache Date Sun, 27 Sep 2020 19:15:14 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type image/gif Cache-Control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 Connection keep-alive Timing-Allow-Origin * Vary Origin Content-Length 43 Expires Wed, 31 Dec 1969 19:00:00 EST
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp s-img.mgid.com/g/4060555/328x328/0x74x800x533/ Frame 7019 Redirect Chain https://c.mgid.com/c?pv=2&v=0|0|0|WSP7oIIsr7IepzKJXB9vuAtojAND8RD0JReLdMCPZuRDoeqaME85lCzXrGtpViXX&cid=218581&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3555595zb5295256bcCZcp2ph20200... https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp	6 KB 7 KB	53ms 52ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec9fe53f39c5efdb920987813276c85d6f1b2951b0f52c4f556951c6f0add8e Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Sep 2020 19:15:14 GMT cf-cache-status HIT age 3511783 status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6574 cf-request-id 057296b11f0000faa8b48e1200000001 last-modified Wed, 05 Feb 2020 13:27:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 5d978d61cdbbfaa8-AMS cf-bgj h2pri Redirect headers pragma no-cache date Sun, 27 Sep 2020 19:15:14 GMT cf-cache-status DYNAMIC x-mg-request-uuid 1c9a3054-8c58-44da-9594-0244da0010ae expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 301 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" location https://s-img.mgid.com/g/4060555/328x328/0x74x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzcyOTViN2I1ZDZiMWViMGY0ZWI4ZjUwNWZkMjdmNjE2LmpwZWc%2A.webp cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 5d978d60ec01faa8-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 057296b08e0000faa8b48dd200000001 server cloudflare
GET H/1.1	200 OK	3555595 Show response in-page-push.com/500/	2 KB 2 KB	240ms 153ms	XHR application/javascript	87.245.235.43 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3555595?excludes=5295256&oaid=cf86fcfe51cc42e09e6b025bc4c98160&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=http%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Requested by Host: in-page-push.com URL: http://in-page-push.com/400/3555595 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 87.245.235.43 , United Kingdom, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash 364ef061320be41612ab28e5e8fea7f39cee1998affa88de948ee0e4b02cf74a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers Date Sun, 27 Sep 2020 19:15:15 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-Trace-Id a8ba0fd8ffa76713e99fb8247213116f Pragma no-cache Server nginx Vary Origin Strict-Transport-Security max-age=1 Content-Type application/javascript Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Expose-Headers Link Cache-Control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 Access-Control-Allow-Credentials true Timing-Allow-Origin * Expires Wed, 31 Dec 1969 19:00:00 EST
OPTIONS H/1.1	200 OK	3555595 in-page-push.com/500/ Frame	0 0	173ms 59ms	Other	87.245.235.43 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3555595?excludes=5295256&oaid=cf86fcfe51cc42e09e6b025bc4c98160&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=http%3A%2F%2Fdecimalnews.cc%2Fto%2Fhd8.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Protocol HTTP/1.1 Server 87.245.235.43 , United Kingdom, ASN9002 (RETN-AS, EU), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin http://decimalnews.cc Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 27 Sep 2020 19:15:15 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type Access-Control-Allow-Methods GET Access-Control-Allow-Origin http://decimalnews.cc Access-Control-Max-Age 300 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Timing-Allow-Origin *
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp s-img.steepto.com/g/3805664/328x328/0x0x640x426/ Redirect Chain https://c.mgid.com/c?pv=2&v=0|0|0|7iLAAA7bQBoNNDL82GO5EgEF_UbZmAaJddERp4Davtn5vw2z2hpZmLbrxsqEo-6T&cid=949756&f=1&h2=ogT0kCMhR4zwVQBbI6KA91lBrYxyUp2E5JVj1l4HvK8*&rid=z3555595zb6445621bcCZcp2ph20200... https://s-img.steepto.com/g/3805664/328x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp	18 KB 18 KB	267ms 166ms	Image image/webp	104.19.138.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/3805664/328x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f1bfb557801e33ba37f0cc737692b6c846d786d63059d2ebd3290b703afda01 Request headers Referer http://decimalnews.cc/to/hd8.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Sep 2020 19:15:15 GMT cf-cache-status HIT x-mg-request-uuid 14fc237a-3c1d-4c58-bdce-ef83618d5be5 age 6874950 status 200 content-length 18256 cf-request-id 057296b4430000fa7ce3abd200000001 last-modified Fri, 10 Jul 2020 05:32:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 5d978d66dfe6fa7c-AMS expires Mon, 27 Sep 2021 19:15:15 GMT Redirect headers pragma no-cache date Sun, 27 Sep 2020 19:15:15 GMT cf-cache-status DYNAMIC x-mg-request-uuid 7b9bc742-8cd6-4df8-834a-b73aedba56b9 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 301 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" location https://s-img.steepto.com/g/3805664/328x328/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 5d978d649bacfaa8-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 057296b2de0000faa8b4903200000001 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bestaryua.com

URL

http://bestaryua.com/options?option_args=CMKG2QESIGNlNjI4NjQ5ZDgxZjQ1NDA4YTY4MDE2ZGFmMWVhNDEzGi9odHRwOi8vcHRld2FyaW4ubmV0L2FwdS5waHA_em9uZWlkPTM1NTYxNjImb289MSIgaHR0cDovL2RlY2ltYWxuZXdzLmNjL3RvL2hkOC5waHA=

Domain

bestaryua.com

URL

http://bestaryua.com/options?option_args=CMKG2QESIDFlNjBlMDI4N2VjMTQ0MjBiNDY4MjdmYTdhNmRhZTBiGi9odHRwOi8vcHRld2FyaW4ubmV0L2FwdS5waHA_em9uZWlkPTM1NTYxNjImb289MSIdaHR0cDovL2RlY2ltYWxuZXdzLmNjL3QvOC5waHA=

Domain

tnmzq7j6m3y0.n.adsco.re

URL

https://tnmzq7j6m3y0.n.adsco.re/

Domain

tnmzq7j6m3y0.s.adsco.re

URL

https://tnmzq7j6m3y0.s.adsco.re/

Domain

hf2pur8tazkg.l.adsco.re

URL

https://hf2pur8tazkg.l.adsco.re/

Domain

hf2pur8tazkg.n.adsco.re

URL

https://hf2pur8tazkg.n.adsco.re/

Domain

hf2pur8tazkg.s.adsco.re

URL

https://hf2pur8tazkg.s.adsco.re/